Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/OEBEgEgyK02el7yjullzS6L2D8s.roa
File: OEBEgEgyK02el7yjullzS6L2D8s.roa (raw, json)
Hash identifier: PVxa7Nj92lKtJaSzVGzYJ/KY5gljb6MSkEm4e/Ida7A=
Subject key identifier: 38:40:44:80:48:32:2B:4D:9E:97:BC:A3:BA:59:73:4B:A2:F6:0F:CB
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018572D5BABAB25B4C8955C31A7CEC703AD3
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/OEBEgEgyK02el7yjullzS6L2D8s.roa
Signing time: Mon 02 Jan 2023 14:14:47 +0000
ROA not before: Mon 02 Jan 2023 14:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.85.76.0/22 maxlen: 22
5.63.24.0/21 maxlen: 21
91.190.168.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:ba:ba:b2:5b:4c:89:55:c3:1a:7c:ec:70:3a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 2 14:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3840448048322b4d9e97bca3ba59734ba2f60fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:81:ea:ba:1d:f3:85:d0:2a:ef:3c:bf:a0:
cf:b3:48:c8:00:97:db:35:e2:83:3a:ba:11:33:ec:
9f:a6:c9:28:1b:e9:a5:11:02:04:43:80:fd:5b:c4:
fc:16:00:63:a2:db:08:c6:9a:f5:a1:14:c2:71:ff:
6c:4a:2d:57:1e:de:f6:31:de:e8:f7:af:40:f0:0d:
66:52:1f:5e:8d:65:99:1b:76:f3:77:77:a5:62:86:
f6:e7:2c:5a:db:ed:2a:df:63:90:ed:bd:da:3f:75:
89:4d:4d:e4:49:ea:d9:2b:3b:55:e5:60:e4:03:3d:
f2:c5:c7:c9:c5:ad:27:6a:0e:a0:fa:33:fe:ec:dc:
21:36:de:e7:56:16:af:f4:c5:5b:c8:49:0a:a1:1f:
c0:d6:0a:08:0e:49:71:67:fe:b6:c7:de:69:79:4a:
06:a2:b7:0b:2b:a4:21:55:5b:39:09:57:e2:c8:6b:
0e:02:28:4e:5c:74:9f:9a:0c:5a:59:25:38:bd:56:
33:1e:f7:d9:d0:6a:f9:37:46:89:47:d9:97:1b:d9:
47:76:d7:bf:6c:3c:f9:9c:06:54:e2:21:ea:62:6d:
11:27:2f:d2:07:40:a2:c6:fb:a1:e2:a0:04:bf:e8:
f6:20:66:b3:68:d2:7b:19:72:38:6b:38:23:0f:10:
42:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:40:44:80:48:32:2B:4D:9E:97:BC:A3:BA:59:73:4B:A2:F6:0F:CB
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/OEBEgEgyK02el7yjullzS6L2D8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
99:9f:41:95:e8:92:35:c1:a1:6d:2b:e0:3e:86:f6:ae:d7:f9:
2f:ae:4e:8b:24:8f:dd:36:d8:64:6e:f7:88:71:d4:41:bb:28:
33:ce:8d:e5:30:ed:47:4c:b2:55:8c:b9:b2:f9:23:c9:2e:6f:
ea:1d:66:b4:83:58:60:f1:a6:30:ca:5c:bc:f8:68:8b:92:ee:
d2:eb:be:ad:aa:0d:f8:51:60:ba:4a:c3:0b:ff:75:78:bc:56:
a1:09:19:81:9d:a7:32:fc:20:a5:41:e8:27:1d:92:07:69:bf:
d2:23:a0:09:d0:3a:ec:b4:ac:16:26:7d:dd:f4:98:44:9a:4a:
67:73:aa:cf:c3:b3:b4:2e:4f:aa:10:a5:4d:03:e5:b7:d4:01:
0f:9e:92:7f:3e:8e:ef:10:a9:59:c9:61:df:a4:83:34:91:fa:
cc:b4:75:92:ed:be:85:a9:fd:db:cd:13:3e:4c:a1:79:5d:78:
37:0d:c9:3a:f6:eb:e0:3b:12:80:1f:50:a2:16:0c:b9:d5:8f:
33:de:d9:9a:69:56:7d:e4:c4:a4:3b:87:11:2b:62:42:26:0e:
26:e5:0e:ec:9f:09:66:b0:47:48:7b:66:a2:c1:7d:c9:f5:c1:
be:8f:69:25:79:b7:26:c2:1a:23:99:61:ea:61:91:34:1e:35:
98:bf:f7:df
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy1bq6sltMiVXDGnzscDrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwMTAyMTQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQwNDQ4MDQ4MzIyYjRkOWU5N2JjYTNiYTU5NzM0YmEyZjYwZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6+B6rod84XQKu88v6DPs0jIAJfb
NeKDOroRM+yfpskoG+mlEQIEQ4D9W8T8FgBjotsIxpr1oRTCcf9sSi1XHt72Md7o
969A8A1mUh9ejWWZG3bzd3elYob25yxa2+0q32OQ7b3aP3WJTU3kSerZKztV5WDk
Az3yxcfJxa0nag6g+jP+7NwhNt7nVhav9MVbyEkKoR/A1goIDklxZ/62x95peUoG
orcLK6QhVVs5CVfiyGsOAihOXHSfmgxaWSU4vVYzHvfZ0Gr5N0aJR9mXG9lHdte/
bDz5nAZU4iHqYm0RJy/SB0Cixvuh4qAEv+j2IGazaNJ7GXI4azgjDxBCCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDhARIBIMitNnpe8o7pZc0ui9g/LMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvT0VCRWdFZ3lLMDJlbDd5anVsbHpTNkwyRDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQCZn0GV
6JI1waFtK+A+hvau1/kvrk6LJI/dNthkbveIcdRBuygzzo3lMO1HTLJVjLmy+SPJ
Lm/qHWa0g1hg8aYwyly8+GiLku7S676tqg34UWC6SsML/3V4vFahCRmBnacy/CCl
QegnHZIHab/SI6AJ0DrstKwWJn3d9JhEmkpnc6rPw7O0Lk+qEKVNA+W31AEPnpJ/
Po7vEKlZyWHfpIM0kfrMtHWS7b6Fqf3bzRM+TKF5XXg3Dck69uvgOxKAH1CiFgy5
1Y8z3tmaaVZ95MSkO4cRK2JCJg4m5Q7snwlmsEdIe2aiwX3J9cG+j2klebcmwhoj
mWHqYZE0HjWYv/ff
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:28 2024 by rpki-client on console-ams.rpki-client.org