Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5YQ1BUWzwZNRmr7juZDdErFocAQ.roa
File: 5YQ1BUWzwZNRmr7juZDdErFocAQ.roa (raw, json)
Hash identifier: 6xf+aF+010q78+TNhw0tAkUUyQ3pAkokPPE3SB4lfOA=
Subject key identifier: E5:84:35:05:45:B3:C1:93:51:9A:BE:E3:B9:90:DD:12:B1:68:70:04
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018871210FFAEDACBE9B42EBEE247EB889CC
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5YQ1BUWzwZNRmr7juZDdErFocAQ.roa
Signing time: Wed 31 May 2023 09:26:12 +0000
ROA not before: Wed 31 May 2023 09:26:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 14:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:21:0f:fa:ed:ac:be:9b:42:eb:ee:24:7e:b8:89:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: May 31 09:26:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e584350545b3c193519abee3b990dd12b1687004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e3:4e:98:e4:d6:07:47:20:34:24:16:50:8e:
78:29:fd:fa:12:cc:75:d6:70:7e:3b:7c:fa:9b:23:
bd:81:57:77:e9:0f:93:dc:d3:3c:4d:6f:be:c0:98:
1c:ce:23:af:49:61:a9:ab:6f:6d:8e:64:10:1e:c4:
8d:fd:ef:50:d3:8e:d0:7e:1c:fa:21:32:0c:5d:33:
8c:5a:b6:90:f3:e9:fa:94:0a:a9:34:99:63:d9:18:
6f:12:a2:6c:38:09:7d:22:dc:3d:ee:1c:83:71:42:
ae:31:e9:dd:97:3e:5d:d4:ae:7e:b1:27:1e:b7:7a:
5d:99:32:aa:05:6a:40:f9:7b:ea:90:3e:95:ac:06:
39:b1:5b:56:16:5a:24:20:22:10:91:4a:90:c6:ae:
1b:32:41:6e:87:99:9f:c0:19:be:ba:78:f7:6e:28:
5e:fe:b8:82:02:6b:fa:9c:eb:49:38:63:26:2d:d0:
f7:c8:b1:5b:1b:45:95:df:36:38:11:b7:8b:73:98:
cf:bb:94:e4:45:c5:f8:c7:e8:dd:16:10:78:5b:9e:
dc:e2:fa:23:63:7b:70:97:a7:03:db:74:cb:9c:d4:
21:00:78:41:c7:15:9c:a6:1c:8e:02:4b:34:9c:bd:
0b:9d:8e:35:ea:8b:ae:ef:c4:a5:2d:3c:2f:72:22:
b2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:84:35:05:45:B3:C1:93:51:9A:BE:E3:B9:90:DD:12:B1:68:70:04
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5YQ1BUWzwZNRmr7juZDdErFocAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
12:83:44:41:a8:78:43:f9:9b:d6:ff:ce:4b:90:59:d6:01:16:
97:f5:4a:8d:93:3e:7a:97:47:76:39:f8:45:96:3f:8d:cf:4f:
32:3d:f9:25:3a:c9:4f:87:cb:6b:51:7e:ef:d9:fd:34:72:e8:
90:bc:22:44:7c:b1:c2:76:1c:bc:03:e8:96:1b:38:c2:68:f8:
45:bb:c9:47:b9:03:d4:ce:38:e4:0a:3e:ce:ae:39:7a:8a:79:
4e:f1:e4:55:29:56:1b:a3:f1:69:8f:ba:cb:68:af:95:2f:65:
4e:ba:1b:34:d2:d8:07:37:df:43:67:bc:19:2f:bd:ac:a2:ea:
54:e3:b6:69:d1:68:96:4f:a2:93:4e:e8:a2:a7:60:2b:b1:75:
77:f3:dd:6c:07:15:04:20:38:90:c8:8f:ca:e5:85:89:39:8c:
f1:f8:df:47:39:24:eb:62:65:85:0c:08:5a:bb:05:1b:6a:89:
aa:bb:2c:3e:3b:91:f6:2e:7c:dd:f9:39:4d:2f:99:15:ae:4d:
2d:6b:c7:a6:69:eb:8a:72:7f:7e:3f:ca:72:c6:a8:62:1c:2b:
63:61:9b:70:b2:46:7d:e5:88:2d:b2:a0:da:43:1e:78:be:ca:
15:f9:e7:37:2a:43:0b:67:da:74:5f:f4:4a:8b:30:aa:94:8c:
4b:68:59:49
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYhxIQ/67ay+m0Lr7iR+uInMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwNTMxMDkyNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg0MzUwNTQ1YjNjMTkzNTE5YWJlZTNiOTkwZGQxMmIxNjg3MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuNOmOTWB0cgNCQWUI54Kf36Esx1
1nB+O3z6myO9gVd36Q+T3NM8TW++wJgcziOvSWGpq29tjmQQHsSN/e9Q047Qfhz6
ITIMXTOMWraQ8+n6lAqpNJlj2RhvEqJsOAl9Itw97hyDcUKuMendlz5d1K5+sSce
t3pdmTKqBWpA+XvqkD6VrAY5sVtWFlokICIQkUqQxq4bMkFuh5mfwBm+unj3bihe
/riCAmv6nOtJOGMmLdD3yLFbG0WV3zY4EbeLc5jPu5TkRcX4x+jdFhB4W57c4voj
Y3twl6cD23TLnNQhAHhBxxWcphyOAks0nL0LnY416ouu78SlLTwvciKydQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOWENQVFs8GTUZq+47mQ3RKxaHAEMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvNVlRMUJVV3p3Wk5SbXI3anVaRGRFckZvY0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW+QMMAwD
BAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBABKDREGoeEP5m9b/
zkuQWdYBFpf1So2TPnqXR3Y5+EWWP43PTzI9+SU6yU+Hy2tRfu/Z/TRy6JC8IkR8
scJ2HLwD6JYbOMJo+EW7yUe5A9TOOOQKPs6uOXqKeU7x5FUpVhuj8WmPustor5Uv
ZU66GzTS2Ac330NnvBkvvayi6lTjtmnRaJZPopNO6KKnYCuxdXfz3WwHFQQgOJDI
j8rlhYk5jPH430c5JOtiZYUMCFq7BRtqiaq7LD47kfYufN35OU0vmRWuTS1rx6Zp
64pyf34/ynLGqGIcK2Nhm3CyRn3liC2yoNpDHni+yhX55zcqQwtn2nRf9EqLMKqU
jEtoWUk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:25 2024 by rpki-client on console-ams.rpki-client.org