Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/AK05rOSg1eC6QJXou-5de18q-fc.roa
File: AK05rOSg1eC6QJXou-5de18q-fc.roa (raw, json)
Hash identifier: 0MOsRqG+/qp4iqopRM/Pqln3/k6TBVVfDJAbHDxJytQ=
Subject key identifier: 00:AD:39:AC:E4:A0:D5:E0:BA:40:95:E8:BB:EE:5D:7B:5F:2A:F9:F7
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018A6F702207CD250D7C2591E71867FA20FE
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/AK05rOSg1eC6QJXou-5de18q-fc.roa
Signing time: Thu 07 Sep 2023 11:38:54 +0000
ROA not before: Thu 07 Sep 2023 11:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:70:22:07:cd:25:0d:7c:25:91:e7:18:67:fa:20:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 7 11:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00ad39ace4a0d5e0ba4095e8bbee5d7b5f2af9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:4d:a5:40:f8:5c:1c:e5:72:94:fa:c1:40:
80:c7:8f:41:4a:a9:46:48:d8:25:e3:3c:70:48:05:
6c:5f:35:11:92:54:87:01:e0:93:d5:0f:23:26:a7:
3e:b0:12:e9:85:02:0c:11:65:df:60:7a:22:e7:77:
78:79:f1:61:d4:cf:35:9c:a1:c6:2e:c8:dd:3e:f0:
42:c9:e1:d1:57:3e:16:d3:3a:21:cd:7f:29:a6:e0:
58:0e:e7:9a:a6:a3:9e:f9:2a:02:01:50:de:c4:9a:
8a:03:11:f8:10:08:dc:d4:47:6c:d7:85:31:22:78:
08:2e:1a:88:42:64:ef:56:50:ba:6f:94:de:3e:61:
35:ed:95:d6:76:ab:62:cf:4c:f4:41:74:5d:7b:e2:
de:50:62:03:73:1c:a3:7f:fd:b8:da:7b:ef:c7:6f:
54:96:f6:19:1e:5f:d6:e4:12:34:75:3a:40:7c:20:
55:bc:34:52:8b:10:13:bb:b3:2e:49:00:e7:72:2a:
9b:66:4f:ea:aa:9f:cc:85:c2:6b:55:d1:d2:d5:a6:
e0:e0:9c:96:af:ba:42:52:70:24:9d:a6:31:98:58:
e7:87:46:78:74:aa:83:b5:fe:85:16:f1:50:0c:12:
dc:ff:b4:38:98:90:e2:83:f6:f6:87:65:71:9f:45:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AD:39:AC:E4:A0:D5:E0:BA:40:95:E8:BB:EE:5D:7B:5F:2A:F9:F7
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/AK05rOSg1eC6QJXou-5de18q-fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
58:03:87:e7:ec:2d:5b:4e:1e:e2:bd:dd:b5:c3:92:c8:b7:d1:
69:23:6e:f5:b8:58:2b:d7:dc:b8:9b:c4:16:47:07:cb:23:17:
59:50:41:b5:bc:99:7b:5d:4f:0d:ac:72:62:cf:46:61:95:2c:
df:b4:0c:8e:a6:80:da:41:14:d2:e2:02:7a:7c:71:0b:d7:8f:
bd:41:f7:65:ff:cd:8a:b4:53:be:34:b0:3e:b7:95:ab:fc:72:
5e:d6:4f:7b:87:df:2b:bc:fc:29:90:23:6f:94:ea:58:2c:4f:
51:28:9a:38:37:d8:9f:b9:23:aa:1b:c8:47:78:ce:ab:9e:77:
e8:2a:7b:d4:7d:b0:61:32:a1:0c:8f:cc:58:3d:89:40:37:92:
13:c6:4a:db:ec:38:15:e5:a1:92:66:57:74:e6:60:f7:9e:16:
e6:eb:8b:25:86:02:49:e9:1a:52:e8:c8:da:c2:2f:67:8d:e5:
b6:22:31:17:6e:45:96:f1:4a:3a:3b:f2:cc:be:43:16:1d:a7:
ac:b3:d2:bb:27:a1:68:20:37:78:56:fc:2d:be:61:32:a8:55:
04:b7:90:5f:ef:76:d8:58:bd:ce:3e:b0:91:60:51:5e:e5:b5:
f9:4d:25:84:a5:3a:fd:25:2d:51:28:38:23:0d:eb:73:02:98:
d6:c2:9d:ef
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpvcCIHzSUNfCWR5xhn+iD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTA3MTEzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFkMzlhY2U0YTBkNWUwYmE0MDk1ZThiYmVlNWQ3YjVmMmFmOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkclNpUD4XBzlcpT6wUCAx49BSqlG
SNgl4zxwSAVsXzURklSHAeCT1Q8jJqc+sBLphQIMEWXfYHoi53d4efFh1M81nKHG
LsjdPvBCyeHRVz4W0zohzX8ppuBYDueapqOe+SoCAVDexJqKAxH4EAjc1Eds14Ux
IngILhqIQmTvVlC6b5TePmE17ZXWdqtiz0z0QXRde+LeUGIDcxyjf/242nvvx29U
lvYZHl/W5BI0dTpAfCBVvDRSixATu7MuSQDnciqbZk/qqp/MhcJrVdHS1abg4JyW
r7pCUnAknaYxmFjnh0Z4dKqDtf6FFvFQDBLc/7Q4mJDig/b2h2Vxn0XGkwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFACtOazkoNXgukCV6LvuXXtfKvn3MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvQUswNXJPU2cxZUM2UUpYb3UtNWRlMThxLWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW+QMMAwD
BAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBAFgDh+fsLVtOHuK9
3bXDksi30WkjbvW4WCvX3LibxBZHB8sjF1lQQbW8mXtdTw2scmLPRmGVLN+0DI6m
gNpBFNLiAnp8cQvXj71B92X/zYq0U740sD63lav8cl7WT3uH3yu8/CmQI2+U6lgs
T1Eomjg32J+5I6obyEd4zqued+gqe9R9sGEyoQyPzFg9iUA3khPGStvsOBXloZJm
V3TmYPeeFubriyWGAknpGlLoyNrCL2eN5bYiMRduRZbxSjo78sy+QxYdp6yz0rsn
oWggN3hW/C2+YTKoVQS3kF/vdthYvc4+sJFgUV7ltflNJYSlOv0lLVEoOCMN63MC
mNbCne8=
-----END CERTIFICATE-----
Generated at Thu Sep 7 13:32:36 2023 by rpki-client on console-fra.rpki-client.org