Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9589gSC9dKQdiZ3pzBqmo34alss.roa
File: 9589gSC9dKQdiZ3pzBqmo34alss.roa (raw, json)
Hash identifier: Gg53u5Zks4Cpqw1qD7xPr8XJemz4qRzY5ZcXehZDg0I=
Subject key identifier: F7:9F:3D:81:20:BD:74:A4:1D:89:9D:E9:CC:1A:A6:A3:7E:1A:96:CB
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019082910E288C3833B6C60BE8B5AFBCCC66
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9589gSC9dKQdiZ3pzBqmo34alss.roa
Signing time: Fri 05 Jul 2024 11:04:22 +0000
ROA not before: Fri 05 Jul 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 11:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:91:0e:28:8c:38:33:b6:c6:0b:e8:b5:af:bc:cc:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jul 5 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f79f3d8120bd74a41d899de9cc1aa6a37e1a96cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:01:95:e9:66:f5:ac:f8:bd:2e:08:be:07:6e:
81:76:0a:54:e9:61:1e:67:55:01:e6:d8:2f:0f:6d:
3f:11:c2:ff:42:6b:58:27:4f:f6:bd:71:12:aa:4f:
b8:85:5d:39:5e:49:c6:8a:7c:47:24:d4:0a:6c:b0:
a0:11:39:2b:ab:68:dd:9c:48:e1:cb:0a:0d:aa:69:
ec:4f:13:4f:51:0e:df:89:a8:3d:f1:0a:7c:e7:d5:
45:e4:28:55:4f:a8:f9:04:27:93:99:93:4c:0a:3d:
da:29:8d:5d:a7:dd:d7:83:7a:d5:5f:ec:f7:da:52:
d9:f8:9b:d3:10:1d:09:0d:a5:7c:3b:bc:88:88:de:
00:1a:c7:ad:72:73:1b:2e:80:63:53:87:0f:20:f1:
96:ee:c2:64:21:b7:a2:bd:ad:2d:b4:e5:e9:39:79:
2e:75:51:ef:1c:db:e9:d5:92:c0:e3:f4:d5:41:e7:
9c:31:74:e9:80:99:0c:5c:f6:95:48:47:9e:fd:e2:
dc:92:28:cc:93:d4:d6:51:86:88:5a:73:e3:42:32:
63:09:fb:ea:54:30:97:aa:d0:f1:c2:ac:d6:27:ae:
72:19:21:35:4d:22:35:c5:39:3c:51:72:4e:f0:bd:
6e:8c:d1:2d:8b:0b:0b:22:15:47:52:24:a8:c0:8a:
2a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9F:3D:81:20:BD:74:A4:1D:89:9D:E9:CC:1A:A6:A3:7E:1A:96:CB
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9589gSC9dKQdiZ3pzBqmo34alss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.32.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e8:5e:bb:9b:83:fc:de:15:a0:74:52:2c:1d:f8:ba:9f:5b:
2a:d8:ca:7a:30:48:dc:9c:82:d1:a2:67:48:13:b2:f4:7f:96:
46:3d:43:50:67:49:71:15:00:d5:1f:1b:ef:17:8f:2f:1a:12:
c5:e1:76:1b:f0:ea:8f:fe:7a:da:26:90:c8:80:6e:d6:8f:63:
4d:27:c7:3b:7d:ed:e3:f3:28:76:95:b5:af:e9:f4:33:62:54:
37:17:b2:8c:e6:ac:b0:6f:83:9f:7b:82:24:5e:d1:32:06:6c:
e6:27:bc:33:55:76:cf:99:a8:d6:be:0e:42:a9:b1:ce:3d:92:
f3:81:71:3e:dd:4a:91:22:80:6a:77:a5:85:b4:60:41:23:a6:
58:4d:72:f4:99:8a:fc:02:2a:b5:08:91:07:05:58:71:da:c6:
81:0c:6f:91:42:61:59:b5:73:03:de:3b:a0:56:e9:de:d2:b1:
a7:78:67:88:b4:af:5b:c3:eb:2e:f7:d8:c4:3a:b0:1d:b8:33:
34:5d:92:cf:c6:ec:55:d3:ab:41:06:dd:4e:f0:17:f8:bc:d6:
24:5d:5a:00:29:f7:c8:db:bb:e3:62:71:5d:f4:69:93:3d:b0:
a7:ff:87:2d:a6:b1:69:38:ce:8e:d0:39:50:61:c2:a1:17:6b:
3a:1e:13:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCCkQ4ojDgztsYL6LWvvMxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNzA1MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzlmM2Q4MTIwYmQ3NGE0MWQ4OTlkZTljYzFhYTZhMzdlMWE5NmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAGV6Wb1rPi9Lgi+B26BdgpU6WEe
Z1UB5tgvD20/EcL/QmtYJ0/2vXESqk+4hV05XknGinxHJNQKbLCgETkrq2jdnEjh
ywoNqmnsTxNPUQ7fiag98Qp859VF5ChVT6j5BCeTmZNMCj3aKY1dp93Xg3rVX+z3
2lLZ+JvTEB0JDaV8O7yIiN4AGsetcnMbLoBjU4cPIPGW7sJkIbeiva0ttOXpOXku
dVHvHNvp1ZLA4/TVQeecMXTpgJkMXPaVSEee/eLckijMk9TWUYaIWnPjQjJjCfvq
VDCXqtDxwqzWJ65yGSE1TSI1xTk8UXJO8L1ujNEtiwsLIhVHUiSowIoqEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPefPYEgvXSkHYmd6cwapqN+GpbLMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvOTU4OWdTQzlkS1FkaVozcHpCcW1vMzRhbHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QOAwQA
XpogAwQAXpokMA0GCSqGSIb3DQEBCwUAA4IBAQAP6F67m4P83hWgdFIsHfi6n1sq
2Mp6MEjcnILRomdIE7L0f5ZGPUNQZ0lxFQDVHxvvF48vGhLF4XYb8OqP/nraJpDI
gG7Wj2NNJ8c7fe3j8yh2lbWv6fQzYlQ3F7KM5qywb4Ofe4IkXtEyBmzmJ7wzVXbP
majWvg5CqbHOPZLzgXE+3UqRIoBqd6WFtGBBI6ZYTXL0mYr8Aiq1CJEHBVhx2saB
DG+RQmFZtXMD3jugVune0rGneGeItK9bw+su99jEOrAduDM0XZLPxuxV06tBBt1O
8Bf4vNYkXVoAKffI27vjYnFd9GmTPbCn/4ctprFpOM6O0DlQYcKhF2s6HhPr
-----END CERTIFICATE-----
Generated at Fri Jul 12 12:56:43 2024 by rpki-client on console-ams.rpki-client.org