Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1IqQJlkZpJ1DsJDQ-niZLFKsQWI.roa
File: 1IqQJlkZpJ1DsJDQ-niZLFKsQWI.roa (raw, json)
Hash identifier: 3I3nA11DAyBjLoI6m6hNDKZbUBI+Th/fsM26rr/lDIE=
Subject key identifier: D4:8A:90:26:59:19:A4:9D:43:B0:90:D0:FA:78:99:2C:52:AC:41:62
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018A8A855BAD35F6A7FD6C00E492D09B135E
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1IqQJlkZpJ1DsJDQ-niZLFKsQWI.roa
Signing time: Tue 12 Sep 2023 17:51:50 +0000
ROA not before: Tue 12 Sep 2023 17:51:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47757
IP address blocks: 91.228.12.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:85:5b:ad:35:f6:a7:fd:6c:00:e4:92:d0:9b:13:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 12 17:51:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48a90265919a49d43b090d0fa78992c52ac4162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c5:f5:bd:37:50:d6:37:29:89:e6:12:ca:2a:
c1:4d:aa:4c:65:ab:19:fa:25:62:34:04:06:79:a8:
d9:2d:2d:07:49:f9:44:13:15:09:bc:79:0b:20:b9:
78:85:6c:c6:38:4c:0d:f6:0b:e3:c7:23:7c:8a:ed:
f5:61:3b:ad:78:76:4d:30:58:d9:ae:f9:2f:66:ea:
72:57:30:48:ad:99:44:0a:b1:7b:50:1b:11:01:e6:
1d:e0:c0:af:fa:f5:db:b5:33:0d:47:a8:c7:63:a7:
ce:32:64:43:70:c4:48:ee:28:05:ce:90:d7:aa:b6:
af:f2:91:49:2b:e2:b7:06:cc:79:2d:9a:af:f7:c9:
dd:b0:df:a1:86:02:0f:39:0b:82:58:1e:dd:79:a0:
02:1b:0e:bc:c9:a0:9f:01:d6:07:2a:23:1f:13:d5:
75:25:7a:5e:ba:72:8d:d3:7c:f1:de:ed:b6:70:d2:
a7:df:8d:f1:da:19:42:d1:7d:e7:ff:06:ca:c9:41:
f7:1a:df:47:ba:f0:61:37:35:fc:a8:2a:41:df:af:
cf:ff:67:e9:ae:f1:07:dd:f7:53:8f:d7:55:25:72:
76:5d:39:6a:ae:e6:7d:fd:25:a3:fd:a3:5b:72:e1:
46:cc:fd:c6:36:5f:9f:b5:38:df:7c:4a:f2:ae:a3:
b1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8A:90:26:59:19:A4:9D:43:B0:90:D0:FA:78:99:2C:52:AC:41:62
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/1IqQJlkZpJ1DsJDQ-niZLFKsQWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
94.154.34.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:c4:0a:5d:68:0b:6a:36:83:02:d6:fb:f6:f8:27:57:a8:d8:
41:de:c8:3f:6f:d7:30:a0:f1:22:80:da:76:e9:c7:6a:4c:29:
00:f3:69:5a:c6:0c:fc:bc:68:bb:20:e4:6d:86:62:bc:b9:36:
18:1b:ae:85:9a:f9:65:6c:96:37:0c:29:ff:6e:62:b5:c3:4e:
fe:63:3d:4d:6d:f0:0e:cb:0a:45:38:0b:c3:c8:bb:fe:8f:92:
65:dd:3e:83:51:60:c0:b6:f5:80:6c:60:fd:47:cb:a3:ff:7c:
b6:62:30:e4:f6:43:eb:5e:e5:9a:bf:b2:85:1f:06:4b:a4:1c:
b4:18:b3:e2:34:81:9f:08:13:1c:8e:46:f7:6a:84:f9:bd:31:
38:8c:51:4d:37:10:3e:65:ff:fc:6b:04:54:a9:2d:0d:c1:94:
d1:4e:73:25:76:15:b4:8d:9b:82:90:3f:2f:6e:de:48:d0:b7:
2a:f7:65:23:ba:70:7b:df:9f:98:e6:82:36:40:26:30:81:de:
fc:25:08:56:9e:50:de:79:13:7d:3c:90:43:8e:f2:7e:a2:e5:
33:10:54:0d:62:bd:2e:02:b5:e3:ff:a5:73:84:76:ee:3f:af:
f8:53:f3:d4:e1:82:45:40:8a:d3:ed:a4:de:47:9b:d7:e5:58:
af:3f:d8:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqKhVutNfan/WwA5JLQmxNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTEyMTc1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhhOTAyNjU5MTlhNDlkNDNiMDkwZDBmYTc4OTkyYzUyYWM0MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucX1vTdQ1jcpieYSyirBTapMZasZ
+iViNAQGeajZLS0HSflEExUJvHkLILl4hWzGOEwN9gvjxyN8iu31YTuteHZNMFjZ
rvkvZupyVzBIrZlECrF7UBsRAeYd4MCv+vXbtTMNR6jHY6fOMmRDcMRI7igFzpDX
qrav8pFJK+K3Bsx5LZqv98ndsN+hhgIPOQuCWB7deaACGw68yaCfAdYHKiMfE9V1
JXpeunKN03zx3u22cNKn343x2hlC0X3n/wbKyUH3Gt9HuvBhNzX8qCpB36/P/2fp
rvEH3fdTj9dVJXJ2XTlqruZ9/SWj/aNbcuFGzP3GNl+ftTjffEryrqOxQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNSKkCZZGaSdQ7CQ0Pp4mSxSrEFiMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMUlxUUpsa1pwSjFEc0pEUS1uaVpMRktzUVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QMAwQB
XpoiMA0GCSqGSIb3DQEBCwUAA4IBAQA6xApdaAtqNoMC1vv2+CdXqNhB3sg/b9cw
oPEigNp26cdqTCkA82laxgz8vGi7IORthmK8uTYYG66FmvllbJY3DCn/bmK1w07+
Yz1NbfAOywpFOAvDyLv+j5Jl3T6DUWDAtvWAbGD9R8uj/3y2YjDk9kPrXuWav7KF
HwZLpBy0GLPiNIGfCBMcjkb3aoT5vTE4jFFNNxA+Zf/8awRUqS0NwZTRTnMldhW0
jZuCkD8vbt5I0Lcq92UjunB735+Y5oI2QCYwgd78JQhWnlDeeRN9PJBDjvJ+ouUz
EFQNYr0uArXj/6VzhHbuP6/4U/PU4YJFQIrT7aTeR5vX5VivP9gb
-----END CERTIFICATE-----
Generated at Fri Sep 29 17:42:10 2023 by rpki-client on console-ams.rpki-client.org