Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9y5JlA_NLpuw8miTke6uHHtFwAg.roa
File: 9y5JlA_NLpuw8miTke6uHHtFwAg.roa (raw, json)
Hash identifier: 3RJ2UZ0zpnmygss3HgxkTvI1VsJrAn8xyz8QjadDI0Y=
Subject key identifier: F7:2E:49:94:0F:CD:2E:9B:B0:F2:68:93:91:EE:AE:1C:7B:45:C0:08
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01888B06645435CD72F1A03CACD6DDAB97B5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9y5JlA_NLpuw8miTke6uHHtFwAg.roa
Signing time: Mon 05 Jun 2023 10:07:11 +0000
ROA not before: Mon 05 Jun 2023 10:07:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.14.0/23 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:06:64:54:35:cd:72:f1:a0:3c:ac:d6:dd:ab:97:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jun 5 10:07:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72e49940fcd2e9bb0f2689391eeae1c7b45c008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:64:d4:0b:29:8f:e1:9b:19:93:d2:d3:f0:25:
7f:a8:7e:71:02:83:dd:a1:b2:af:cb:b7:83:27:de:
52:20:80:56:ef:db:24:78:a7:f0:65:4c:9c:d7:2b:
73:8b:0e:88:fb:4e:14:27:27:ea:7d:2c:c2:07:55:
36:ab:73:ae:72:e6:dd:33:55:a4:68:6b:37:38:b1:
21:da:81:33:7e:ee:87:51:43:38:a9:55:0b:32:b2:
21:d8:56:6c:bc:b1:f1:32:5b:5b:a2:d1:01:7d:41:
02:fe:46:a9:70:b3:25:fc:15:66:2f:69:d8:e9:f2:
2b:4f:69:69:8c:e2:00:d8:ef:fb:a3:7e:e4:e5:29:
4d:3b:38:dc:c5:be:bd:f3:af:ba:f4:70:5a:62:96:
d4:5f:31:83:36:81:17:f3:96:e7:32:75:ea:6f:ef:
79:91:7c:b2:b8:cc:8d:b7:58:1a:ef:37:3b:76:25:
ec:b6:93:02:06:79:1a:87:08:38:1c:a0:7c:3b:f1:
49:2b:c3:cf:d4:1d:fb:e9:fb:80:89:71:e9:ce:a6:
5e:9b:4e:53:e2:8e:a8:fc:98:b9:2f:f1:3e:f1:ca:
6e:16:03:c1:a5:88:59:de:66:f0:52:ce:99:30:0c:
d0:02:0b:df:dc:4e:bc:67:09:f4:03:dc:d3:ea:64:
ea:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2E:49:94:0F:CD:2E:9B:B0:F2:68:93:91:EE:AE:1C:7B:45:C0:08
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9y5JlA_NLpuw8miTke6uHHtFwAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.33.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
50:96:84:0b:52:82:f4:e1:79:bb:9a:0d:e0:ae:b8:f3:68:27:
2d:9f:b4:13:aa:05:5f:18:bf:cf:64:b7:cb:87:b8:2c:ee:ed:
f7:cf:d2:09:39:dc:4e:28:b4:1e:0d:b4:5c:86:71:7f:5c:26:
a9:21:aa:b4:36:37:9a:81:21:74:26:d1:26:e6:4d:e2:35:79:
ad:93:0a:51:55:74:04:ce:0e:7b:81:85:ba:26:0e:e9:8f:dc:
8d:8f:34:66:7f:37:7d:8f:24:b4:87:9f:b0:d1:19:27:9b:7f:
cc:10:51:ae:1c:ed:f0:5b:e6:c4:2f:d5:30:69:11:c2:e6:e7:
bd:e7:59:9b:f6:b7:34:dc:ba:ab:c6:49:ed:6a:eb:3b:c0:06:
f1:da:79:36:de:36:93:35:12:d9:21:28:04:3e:ad:df:e0:a0:
9e:b5:84:ca:76:e4:75:27:70:62:57:03:e5:ac:a6:10:a6:e9:
dc:b9:b0:2b:5d:e6:17:88:b3:e1:29:2f:b0:31:29:5f:45:54:
c4:b4:e9:18:20:00:df:8c:1b:b2:19:b7:7d:8e:c4:14:a9:ef:
5b:f6:ba:f2:f6:b3:5c:fc:bd:68:6a:24:d7:9d:b6:82:ba:a8:
00:29:53:c0:ff:a4:70:55:4a:1b:27:6c:99:71:63:28:de:f3:
04:44:94:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiLBmRUNc1y8aA8rNbdq5e1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwNjA1MTAwNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJlNDk5NDBmY2QyZTliYjBmMjY4OTM5MWVlYWUxYzdiNDVjMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2TUCymP4ZsZk9LT8CV/qH5xAoPd
obKvy7eDJ95SIIBW79skeKfwZUyc1ytziw6I+04UJyfqfSzCB1U2q3OucubdM1Wk
aGs3OLEh2oEzfu6HUUM4qVULMrIh2FZsvLHxMltbotEBfUEC/kapcLMl/BVmL2nY
6fIrT2lpjOIA2O/7o37k5SlNOzjcxb6986+69HBaYpbUXzGDNoEX85bnMnXqb+95
kXyyuMyNt1ga7zc7diXstpMCBnkahwg4HKB8O/FJK8PP1B376fuAiXHpzqZem05T
4o6o/Ji5L/E+8cpuFgPBpYhZ3mbwUs6ZMAzQAgvf3E68Zwn0A9zT6mTqjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPcuSZQPzS6bsPJok5Hurhx7RcAIMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvOXk1SmxBX05McHV3OG1pVGtlNnVISHRGd0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBABemiEDBABemiQwDQYJKoZIhvcNAQELBQADggEBAFCWhAtSgvThebua
DeCuuPNoJy2ftBOqBV8Yv89kt8uHuCzu7ffP0gk53E4otB4NtFyGcX9cJqkhqrQ2
N5qBIXQm0SbmTeI1ea2TClFVdATODnuBhbomDumP3I2PNGZ/N32PJLSHn7DRGSeb
f8wQUa4c7fBb5sQv1TBpEcLm573nWZv2tzTcuqvGSe1q6zvABvHaeTbeNpM1Etkh
KAQ+rd/goJ61hMp25HUncGJXA+WsphCm6dy5sCtd5heIs+EpL7AxKV9FVMS06Rgg
AN+MG7IZt32OxBSp71v2uvL2s1z8vWhqJNedtoK6qAApU8D/pHBVShsnbJlxYyje
8wRElNk=
-----END CERTIFICATE-----
Generated at Fri Aug 4 14:48:31 2023 by rpki-client on console-fra.rpki-client.org