Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/170tr3_Dpn6-dfiKTpTFi6MkTzI.roa
File: 170tr3_Dpn6-dfiKTpTFi6MkTzI.roa (raw, json)
Hash identifier: 2WF76g2YyAGVcSGjE+WucC0qvp4VyBqsc1XXbNMYqNo=
Subject key identifier: D7:BD:2D:AF:7F:C3:A6:7E:BE:75:F8:8A:4E:94:C5:8B:A3:24:4F:32
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0185AB438B6C9C7F31ABE6D9E83D7982ABA4
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/170tr3_Dpn6-dfiKTpTFi6MkTzI.roa
Signing time: Fri 13 Jan 2023 13:13:28 +0000
ROA not before: Fri 13 Jan 2023 13:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 09:55:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ab:43:8b:6c:9c:7f:31:ab:e6:d9:e8:3d:79:82:ab:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 13 13:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7bd2daf7fc3a67ebe75f88a4e94c58ba3244f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:4a:0d:ce:ca:bf:b0:58:af:4a:ff:0c:74:
43:e1:9f:22:fe:73:a6:ed:21:91:13:a9:67:02:e5:
f4:75:80:37:52:db:89:f0:86:93:dd:4d:63:57:3d:
11:5c:b7:39:56:80:72:02:84:1a:b5:10:bc:c0:09:
5d:64:92:14:ea:9a:03:55:fb:7e:b6:04:1c:99:b0:
81:63:c8:c2:0a:a2:02:43:b8:1b:e3:2a:ab:9f:61:
c1:70:20:d0:53:c4:f5:ef:83:ce:8e:ab:0c:65:1b:
fd:62:3e:44:ce:b0:7f:8f:2b:7a:c9:16:b6:76:24:
7a:29:d8:80:fc:99:33:fa:dc:4e:05:0c:b5:0f:31:
d2:f4:fa:47:f6:f6:3e:f8:27:f9:23:7c:44:41:41:
10:b6:df:bd:0d:9c:82:61:d4:62:f8:c7:2a:1c:34:
f5:c3:77:35:23:98:4c:69:f1:f2:d9:b3:87:19:f9:
07:52:0b:e1:e8:b5:4b:45:7c:df:49:dc:dd:9d:ca:
cd:fa:0b:44:c0:b5:fa:82:3b:0f:1a:b2:4e:89:04:
aa:de:f1:ad:a1:8a:95:3f:08:0f:51:c6:df:1c:2c:
68:40:b1:bd:75:6c:7a:a3:20:af:2e:dd:e7:2a:e9:
5f:83:03:b9:f0:3a:3e:33:9b:21:72:7c:1a:76:fa:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BD:2D:AF:7F:C3:A6:7E:BE:75:F8:8A:4E:94:C5:8B:A3:24:4F:32
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/170tr3_Dpn6-dfiKTpTFi6MkTzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:99:f9:27:03:d8:56:b0:1f:1d:d9:ed:38:32:cf:40:fa:43:
20:d6:18:9e:0a:7b:79:42:19:d4:f0:06:d5:8f:ac:7a:17:e5:
0c:58:1b:25:de:89:2e:7e:93:3f:b0:c8:e9:19:fb:dd:33:dd:
12:43:d7:bc:64:81:52:7f:0b:58:62:71:ab:95:94:b9:86:2f:
74:17:78:13:58:5f:4b:a9:16:24:44:67:87:06:ce:57:15:dd:
c5:31:3c:e3:2c:4b:da:52:f1:30:b4:5d:59:97:0d:9c:a0:2d:
30:9b:d5:72:07:12:1d:44:14:84:ba:5a:02:63:f0:1f:ce:9f:
47:de:56:cf:89:ee:55:84:22:a8:f8:de:85:ed:3b:12:d7:10:
97:16:3c:82:c7:37:4f:38:89:b0:d0:fa:97:39:05:27:6c:92:
0d:1a:38:92:1e:3a:d6:40:e9:b8:34:bd:26:c6:f3:f4:53:69:
79:c8:ea:54:2d:9b:50:47:12:b7:aa:3b:eb:1e:a3:59:44:65:
bf:1f:a6:dd:ff:bf:82:54:ca:c1:74:3f:d3:a7:2a:72:f8:a3:
d1:8f:ef:2b:6f:5a:73:60:46:57:e6:d7:ca:26:69:14:05:cc:
42:61:41:11:e5:3d:a3:61:6b:22:16:a7:0b:0a:07:66:1a:ee:
56:09:c5:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWrQ4tsnH8xq+bZ6D15gqukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwMTEzMTMxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JkMmRhZjdmYzNhNjdlYmU3NWY4OGE0ZTk0YzU4YmEzMjQ0ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9ZKDc7Kv7BYr0r/DHRD4Z8i/nOm
7SGRE6lnAuX0dYA3UtuJ8IaT3U1jVz0RXLc5VoByAoQatRC8wAldZJIU6poDVft+
tgQcmbCBY8jCCqICQ7gb4yqrn2HBcCDQU8T174POjqsMZRv9Yj5EzrB/jyt6yRa2
diR6KdiA/Jkz+txOBQy1DzHS9PpH9vY++Cf5I3xEQUEQtt+9DZyCYdRi+McqHDT1
w3c1I5hMafHy2bOHGfkHUgvh6LVLRXzfSdzdncrN+gtEwLX6gjsPGrJOiQSq3vGt
oYqVPwgPUcbfHCxoQLG9dWx6oyCvLt3nKulfgwO58Do+M5shcnwadvoHxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNe9La9/w6Z+vnX4ik6UxYujJE8yMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMTcwdHIzX0RwbjYtZGZpS1RwVEZpNk1rVHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QNAwQC
XpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQBPmfknA9hWsB8d2e04Ms9A+kMg
1hieCnt5QhnU8AbVj6x6F+UMWBsl3okufpM/sMjpGfvdM90SQ9e8ZIFSfwtYYnGr
lZS5hi90F3gTWF9LqRYkRGeHBs5XFd3FMTzjLEvaUvEwtF1Zlw2coC0wm9VyBxId
RBSEuloCY/Afzp9H3lbPie5VhCKo+N6F7TsS1xCXFjyCxzdPOImw0PqXOQUnbJIN
GjiSHjrWQOm4NL0mxvP0U2l5yOpULZtQRxK3qjvrHqNZRGW/H6bd/7+CVMrBdD/T
pypy+KPRj+8rb1pzYEZX5tfKJmkUBcxCYUER5T2jYWsiFqcLCgdmGu5WCcXr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org