Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2Yz_L_kmSr6eAIH3FDT0FqfZyZc.roa
File: 2Yz_L_kmSr6eAIH3FDT0FqfZyZc.roa (raw, json)
Hash identifier: rWYEumFq9CT8tR1zR13dXv0No2ZRVzMr/7Zpi8o8Uvg=
Subject key identifier: D9:8C:FF:2F:F9:26:4A:BE:9E:00:81:F7:14:34:F4:16:A7:D9:C9:97
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019155764379076C55A3A242847C7068151A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2Yz_L_kmSr6eAIH3FDT0FqfZyZc.roa
Signing time: Thu 15 Aug 2024 09:54:59 +0000
ROA not before: Thu 15 Aug 2024 09:54:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 08:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:76:43:79:07:6c:55:a3:a2:42:84:7c:70:68:15:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Aug 15 09:54:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d98cff2ff9264abe9e0081f71434f416a7d9c997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:24:49:02:cb:b8:90:07:c3:20:66:0d:24:f5:
f7:fa:98:d6:29:c5:43:ca:18:29:f5:b5:ad:de:d3:
92:44:a1:36:ce:02:49:75:8f:f5:f3:f5:6b:1a:72:
aa:c3:44:ea:32:ad:cb:70:52:f3:b7:84:77:9b:af:
76:d8:42:c1:a6:57:0f:74:3f:0b:f8:2d:f0:c3:03:
65:8e:ba:18:e0:66:b1:7c:d5:ca:ec:f4:7d:8f:00:
32:31:da:22:6b:1d:8a:33:d1:31:27:77:97:bc:55:
4e:d1:24:b9:4f:b0:8e:bf:7f:31:9d:31:d7:9b:6a:
43:c9:f0:a2:30:56:fb:48:06:38:f8:94:b8:5e:e6:
a6:fa:5c:1f:b1:98:03:28:1c:45:3e:22:f3:0e:81:
01:8a:3d:55:8b:0e:a1:92:f3:cc:da:95:79:14:9c:
f2:d0:98:dc:b8:db:16:d3:69:36:40:58:09:d9:74:
e2:b1:fd:c5:7e:08:33:37:2a:74:4c:e4:0e:f1:79:
91:a8:a9:7b:28:a7:6e:0d:58:2c:37:28:2b:8c:54:
c7:50:cb:d6:8c:d3:19:f6:0a:f6:6e:b4:9c:69:ca:
6c:71:4c:eb:8b:99:4f:65:9b:35:f5:f2:c6:c4:5c:
0d:fe:dd:bb:c3:f0:fb:cf:2b:87:bd:82:0b:1e:5b:
a7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8C:FF:2F:F9:26:4A:BE:9E:00:81:F7:14:34:F4:16:A7:D9:C9:97
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/2Yz_L_kmSr6eAIH3FDT0FqfZyZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.35.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
43:ee:5c:b3:a4:68:a5:5a:40:3a:2a:99:9b:45:23:b7:82:d3:
76:5c:68:98:9a:7f:06:fb:cb:1f:8b:eb:28:54:3f:74:bd:2c:
ea:53:c6:4e:bb:53:00:b0:3b:f9:91:3f:53:a9:59:99:56:71:
5d:90:49:05:37:fc:6a:29:3e:3e:c8:98:e9:c3:83:03:b3:7b:
0a:33:c3:8d:d1:4f:8a:c1:88:88:40:56:0e:05:dc:30:fc:d1:
9c:19:64:d2:43:d2:6a:bf:2b:3b:8d:1b:f2:c2:50:d1:a4:df:
de:44:4c:af:d3:52:4c:69:a9:79:78:d0:1f:19:e8:0e:90:71:
dd:e6:85:67:60:58:c6:70:01:65:f0:56:be:0b:06:00:9c:45:
66:c5:8e:0c:c0:cd:9d:45:95:99:e7:ae:67:9c:04:00:5a:28:
b7:b8:d6:4a:76:f0:c6:10:3c:b2:61:1f:41:be:df:dc:5c:87:
3b:e7:df:16:40:23:91:37:68:e3:c5:37:00:18:eb:b0:e9:ed:
0a:66:17:15:7a:b8:3c:5c:af:27:15:4e:b0:09:cd:57:f2:4d:
b4:0e:05:ae:39:12:39:ba:47:1d:b9:12:eb:27:3d:d4:73:f8:
af:cb:9c:55:29:a1:75:fa:73:43:74:40:f6:72:d2:2e:19:1b:
15:28:5b:5f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZFVdkN5B2xVo6JChHxwaBUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwODE1MDk1NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThjZmYyZmY5MjY0YWJlOWUwMDgxZjcxNDM0ZjQxNmE3ZDljOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryRJAsu4kAfDIGYNJPX3+pjWKcVD
yhgp9bWt3tOSRKE2zgJJdY/18/VrGnKqw0TqMq3LcFLzt4R3m6922ELBplcPdD8L
+C3wwwNljroY4GaxfNXK7PR9jwAyMdoiax2KM9ExJ3eXvFVO0SS5T7COv38xnTHX
m2pDyfCiMFb7SAY4+JS4Xuam+lwfsZgDKBxFPiLzDoEBij1Viw6hkvPM2pV5FJzy
0JjcuNsW02k2QFgJ2XTisf3FfggzNyp0TOQO8XmRqKl7KKduDVgsNygrjFTHUMvW
jNMZ9gr2brScacpscUzri5lPZZs19fLGxFwN/t27w/D7zyuHvYILHlunVwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNmM/y/5Jkq+ngCB9xQ09Ban2cmXMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMll6X0xfa21TcjZlQUlIM0ZEVDBGcWZaeVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+QNMAwD
BABemiMDBABemiQwDQYJKoZIhvcNAQELBQADggEBAEPuXLOkaKVaQDoqmZtFI7eC
03ZcaJiafwb7yx+L6yhUP3S9LOpTxk67UwCwO/mRP1OpWZlWcV2QSQU3/GopPj7I
mOnDgwOzewozw43RT4rBiIhAVg4F3DD80ZwZZNJD0mq/KzuNG/LCUNGk395ETK/T
UkxpqXl40B8Z6A6Qcd3mhWdgWMZwAWXwVr4LBgCcRWbFjgzAzZ1FlZnnrmecBABa
KLe41kp28MYQPLJhH0G+39xchzvn3xZAI5E3aOPFNwAY67Dp7QpmFxV6uDxcrycV
TrAJzVfyTbQOBa45Ejm6Rx25EusnPdRz+K/LnFUpoXX6c0N0QPZy0i4ZGxUoW18=
-----END CERTIFICATE-----
Generated at Mon Aug 19 11:23:49 2024 by rpki-client on console-ams.rpki-client.org