Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/4QoB9GNE3OOnOgTKZyvDT7EwMns.roa
File: 4QoB9GNE3OOnOgTKZyvDT7EwMns.roa (raw, json)
Hash identifier: A8Fr/OeoMoBMvKeWtcym7MyWK9dmmsd9uu0eauOPFm4=
Subject key identifier: E1:0A:01:F4:63:44:DC:E3:A7:3A:04:CA:67:2B:C3:4F:B1:30:32:7B
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018E22900F9FF6D6B9690B755E5B407AD096
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/4QoB9GNE3OOnOgTKZyvDT7EwMns.roa
Signing time: Sat 09 Mar 2024 09:34:10 +0000
ROA not before: Sat 09 Mar 2024 09:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 05:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:90:0f:9f:f6:d6:b9:69:0b:75:5e:5b:40:7a:d0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Mar 9 09:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e10a01f46344dce3a73a04ca672bc34fb130327b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:9c:4c:78:b9:1b:4d:9d:4b:82:59:ee:16:
4f:6f:75:13:d5:f2:f1:f2:af:e2:94:a0:e5:7d:9f:
10:67:b4:7d:d8:34:e2:d7:6b:6e:4b:2a:7f:c2:02:
ff:c4:ef:7f:90:ba:5f:33:bd:14:3d:36:c8:07:50:
8a:a4:a0:d6:de:93:5d:f7:f4:9f:42:4a:59:6c:87:
86:b5:22:77:a5:82:d6:44:09:3e:fb:ae:23:12:bf:
20:b4:00:03:49:6e:66:e1:3d:11:7d:6c:00:c8:af:
a6:dd:30:8f:69:33:e7:9b:d0:49:9d:5f:14:96:3b:
db:f5:7c:1b:39:4b:48:75:a9:24:21:ad:cc:26:7e:
fd:49:db:d4:14:bd:09:56:a6:91:06:d2:35:59:76:
f7:6a:2c:53:2e:44:9e:d0:e0:ae:99:db:c9:f5:db:
f6:71:7c:a5:7d:61:75:c3:40:1c:4a:4f:48:c2:4a:
2f:b7:5c:6c:ed:e5:a8:7c:a3:bb:7b:9d:a9:da:15:
96:c3:6d:31:7c:5c:b2:55:ac:1a:09:14:3c:d2:1c:
8a:64:47:76:5a:9c:f2:49:f4:ae:b9:48:ef:28:94:
c9:cf:eb:05:f7:bc:f7:26:12:58:3c:47:6d:79:f0:
ea:a9:a9:be:42:e8:b1:a6:02:45:0b:7b:9d:6a:f5:
95:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0A:01:F4:63:44:DC:E3:A7:3A:04:CA:67:2B:C3:4F:B1:30:32:7B
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/4QoB9GNE3OOnOgTKZyvDT7EwMns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
00:bd:fa:6e:3c:19:09:b4:f2:85:3e:3b:3f:e4:74:ed:70:a2:
a0:87:49:d9:0f:fb:00:d8:00:a8:48:37:2b:97:50:24:1e:df:
7f:d7:47:e4:ba:22:79:10:3c:8b:e9:c0:7f:51:7f:9d:a2:ae:
34:f8:16:b1:4e:9a:68:38:e8:af:24:ae:14:4c:c3:e0:c4:88:
50:64:57:0d:ad:e6:e7:a1:6d:16:7c:7c:62:dd:b3:b7:39:a9:
56:5c:b4:47:7e:17:e7:bd:2c:74:8f:e3:3e:a3:ac:a5:42:12:
7a:a4:2e:32:7f:2f:1d:5f:b4:43:0c:d7:ea:e0:49:6b:ca:9c:
3b:8a:c5:75:cb:0c:ea:eb:8a:bd:3a:df:50:b4:c3:a7:1a:25:
6c:84:2e:41:55:b1:09:a6:a1:e0:0b:ce:e8:6b:cb:00:b8:6a:
d4:14:ab:ef:8d:a9:c5:44:3b:9d:33:7c:32:9e:c4:dd:91:60:
d0:f2:93:bf:64:13:17:ab:ee:ad:f4:5f:3b:71:83:33:ac:85:
97:cb:20:d8:33:59:e5:7f:44:31:aa:e0:42:9c:3c:0f:9a:5d:
b2:24:1b:39:5f:de:cd:bf:4b:65:32:08:02:c8:7f:7a:2e:74:
da:76:24:84:34:66:c0:8c:af:b6:53:88:db:5d:18:55:c4:d3:
a1:9c:74:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4ikA+f9ta5aQt1XltAetCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMzA5MDkzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTBhMDFmNDYzNDRkY2UzYTczYTA0Y2E2NzJiYzM0ZmIxMzAzMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDqcTHi5G02dS4JZ7hZPb3UT1fLx
8q/ilKDlfZ8QZ7R92DTi12tuSyp/wgL/xO9/kLpfM70UPTbIB1CKpKDW3pNd9/Sf
QkpZbIeGtSJ3pYLWRAk++64jEr8gtAADSW5m4T0RfWwAyK+m3TCPaTPnm9BJnV8U
ljvb9XwbOUtIdakkIa3MJn79SdvUFL0JVqaRBtI1WXb3aixTLkSe0OCumdvJ9dv2
cXylfWF1w0AcSk9Iwkovt1xs7eWofKO7e52p2hWWw20xfFyyVawaCRQ80hyKZEd2
WpzySfSuuUjvKJTJz+sF97z3JhJYPEdtefDqqam+QuixpgJFC3udavWVwQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOEKAfRjRNzjpzoEymcrw0+xMDJ7MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvNFFvQjlHTkUzT09uT2dUS1p5dkRUN0V3TW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW+QMMAwD
BAVemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAAC9+m48GQm08oU+Oz/kdO1w
oqCHSdkP+wDYAKhINyuXUCQe33/XR+S6InkQPIvpwH9Rf52irjT4FrFOmmg46K8k
rhRMw+DEiFBkVw2t5uehbRZ8fGLds7c5qVZctEd+F+e9LHSP4z6jrKVCEnqkLjJ/
Lx1ftEMM1+rgSWvKnDuKxXXLDOrrir0631C0w6caJWyELkFVsQmmoeALzuhrywC4
atQUq++NqcVEO50zfDKexN2RYNDyk79kExer7q30XztxgzOshZfLINgzWeV/RDGq
4EKcPA+aXbIkGzlf3s2/S2UyCALIf3oudNp2JIQ0ZsCMr7ZTiNtdGFXE06GcdHM=
-----END CERTIFICATE-----
Generated at Thu Mar 21 08:04:09 2024 by rpki-client on console-ams.rpki-client.org