Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2MM8YSdG5bEazLP3b_-9KM0ngd0.roa
File: 2MM8YSdG5bEazLP3b_-9KM0ngd0.roa (raw, json)
Hash identifier: nYyR7K+4S8/KRTj0AT7GQrFpy9FD0r2H5pHA9NSFnr8=
Subject key identifier: D8:C3:3C:61:27:46:E5:B1:1A:CC:B3:F7:6F:FF:BD:28:CD:27:81:DD
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CFC5558594CE632C6730D9E8832FA7BC6
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2MM8YSdG5bEazLP3b_-9KM0ngd0.roa
Signing time: Fri 12 Jan 2024 06:21:40 +0000
ROA not before: Fri 12 Jan 2024 06:21:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 17:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:55:58:59:4c:e6:32:c6:73:0d:9e:88:32:fa:7b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 12 06:21:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8c33c612746e5b11accb3f76fffbd28cd2781dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:62:4b:72:40:d1:1c:dc:1c:29:f8:b3:e4:48:
1c:1b:68:be:28:42:cc:0d:55:13:fd:97:e7:b6:7f:
30:a1:a7:38:30:76:02:98:4e:81:e3:cc:1f:e4:24:
58:ba:71:cf:9c:d0:97:75:78:dc:27:10:95:2f:51:
83:79:2e:90:6c:ef:92:fb:d0:22:78:bb:17:e3:ec:
de:92:54:92:34:9b:fd:d6:2d:5a:33:55:7a:ee:5d:
56:e1:bf:db:5f:98:a0:c2:3e:b7:43:54:a1:d7:57:
d4:33:a7:b4:36:69:ac:d3:a4:a4:9e:7c:b6:2e:f3:
6a:3c:a2:bd:2f:57:51:68:b8:a3:94:83:cb:04:a6:
48:47:19:92:80:4d:87:4c:55:02:15:0b:b0:97:12:
f9:f6:99:6a:a2:4b:ca:70:f0:f4:2f:b9:b2:71:8c:
a2:cf:3f:70:06:0c:43:9e:2b:54:31:0e:b8:c5:8e:
bf:2e:78:6c:09:95:76:9f:93:57:3d:e5:b9:67:84:
71:4c:92:48:a9:66:59:67:ac:b7:17:f4:0f:cc:f1:
23:1d:d0:af:ee:1f:5a:7f:e0:bb:a0:df:9a:89:ce:
72:92:b7:cc:49:74:f9:36:c1:6a:d6:bf:6b:64:a7:
ba:96:51:0f:76:ad:7e:42:4e:93:61:96:3c:24:75:
89:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C3:3C:61:27:46:E5:B1:1A:CC:B3:F7:6F:FF:BD:28:CD:27:81:DD
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2MM8YSdG5bEazLP3b_-9KM0ngd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.34.0-94.154.37.255
Signature Algorithm: sha256WithRSAEncryption
61:a6:06:d4:d0:7f:7c:4a:5a:f1:78:24:0a:41:d4:78:e9:53:
20:10:3a:d9:ec:9d:8f:f4:e5:25:2d:48:10:78:fc:e1:a3:34:
42:ea:1c:60:16:60:50:45:81:21:1b:15:7a:82:f8:a0:3c:eb:
43:08:29:09:89:1a:45:49:c2:09:fd:26:62:d4:42:e8:02:5f:
fc:49:1b:a2:de:f0:08:00:0f:51:ed:ef:c9:69:f6:61:cc:b7:
e7:7e:24:ba:8c:2d:4c:e9:36:ad:d9:14:ed:93:61:eb:09:07:
fe:aa:17:fe:27:5d:e9:61:39:d2:b7:66:dd:39:0c:4d:dc:56:
05:8f:ae:cc:46:39:41:5d:f0:26:0d:aa:b1:ff:02:f5:91:0e:
11:6e:2d:7d:92:d1:82:b8:8c:ea:f7:f2:b8:8c:2e:a6:9e:b1:
5a:e3:9a:c1:11:c0:bd:24:5e:69:39:8d:c1:57:c8:80:74:c1:
33:8f:96:7c:a3:99:bf:a2:86:35:d5:b1:03:b4:34:7c:f2:59:
5f:af:08:8d:3a:67:fc:2a:6f:f5:e9:88:ed:d5:18:ef:e5:a0:
14:64:3e:71:ca:a7:cd:1a:d8:8d:51:c5:89:57:25:a3:89:68:
a8:0e:bd:48:01:eb:a7:35:19:45:a4:63:20:fe:8d:ef:15:07:
c1:7b:58:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYz8VVhZTOYyxnMNnogy+nvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTEyMDYyMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMzM2M2MTI3NDZlNWIxMWFjY2IzZjc2ZmZmYmQyOGNkMjc4MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWJLckDRHNwcKfiz5EgcG2i+KELM
DVUT/Zfntn8woac4MHYCmE6B48wf5CRYunHPnNCXdXjcJxCVL1GDeS6QbO+S+9Ai
eLsX4+zeklSSNJv91i1aM1V67l1W4b/bX5igwj63Q1Sh11fUM6e0Nmms06Sknny2
LvNqPKK9L1dRaLijlIPLBKZIRxmSgE2HTFUCFQuwlxL59plqokvKcPD0L7mycYyi
zz9wBgxDnitUMQ64xY6/LnhsCZV2n5NXPeW5Z4RxTJJIqWZZZ6y3F/QPzPEjHdCv
7h9af+C7oN+aic5ykrfMSXT5NsFq1r9rZKe6llEPdq1+Qk6TYZY8JHWJZwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNjDPGEnRuWxGsyz92//vSjNJ4HdMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMk1NOFlTZEc1YkVhekxQM2JfLTlLTTBuZ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW+QOMAwD
BAFemiIDBAFemiQwDQYJKoZIhvcNAQELBQADggEBAGGmBtTQf3xKWvF4JApB1Hjp
UyAQOtnsnY/05SUtSBB4/OGjNELqHGAWYFBFgSEbFXqC+KA860MIKQmJGkVJwgn9
JmLUQugCX/xJG6Le8AgAD1Ht78lp9mHMt+d+JLqMLUzpNq3ZFO2TYesJB/6qF/4n
XelhOdK3Zt05DE3cVgWPrsxGOUFd8CYNqrH/AvWRDhFuLX2S0YK4jOr38riMLqae
sVrjmsERwL0kXmk5jcFXyIB0wTOPlnyjmb+ihjXVsQO0NHzyWV+vCI06Z/wqb/Xp
iO3VGO/loBRkPnHKp80a2I1RxYlXJaOJaKgOvUgB66c1GUWkYyD+je8VB8F7WB4=
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:31 2024 by rpki-client on console-ams.rpki-client.org