Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/BD201IwGhg5XSjbCmuDO7psrR04.roa
File: BD201IwGhg5XSjbCmuDO7psrR04.roa (raw, json)
Hash identifier: GCn/RgYW5ExCKRGLDmiG+qH167tCVQ21kZpCfxjUGdM=
Subject key identifier: 04:3D:B4:D4:8C:06:86:0E:57:4A:36:C2:9A:E0:CE:EE:9B:2B:47:4E
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CF9477C142F8E4F0F4ED93E992D6CA56C
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/BD201IwGhg5XSjbCmuDO7psrR04.roa
Signing time: Thu 11 Jan 2024 16:07:40 +0000
ROA not before: Thu 11 Jan 2024 16:07:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 14:15:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:47:7c:14:2f:8e:4f:0f:4e:d9:3e:99:2d:6c:a5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 11 16:07:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=043db4d48c06860e574a36c29ae0ceee9b2b474e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ff:7a:60:e0:a9:04:0b:d4:98:12:fd:a9:8b:
07:e1:79:7c:c3:5f:a2:cf:42:9b:11:6f:81:d6:9a:
8a:fa:52:23:b8:e4:37:f5:0b:14:fc:71:b9:d3:e4:
31:d5:40:8c:46:47:95:e0:58:27:56:9f:fb:58:e6:
6a:cc:c3:e4:5c:3d:c4:f9:58:d1:e3:bc:3a:86:5f:
db:53:77:ad:34:99:44:d7:f1:f2:45:e5:79:4f:b7:
c7:2b:f9:d8:87:d7:18:31:81:bf:be:93:16:e9:d6:
c9:c6:0a:e3:03:03:54:fc:48:59:92:2a:db:87:c4:
7c:d2:e0:0d:2e:33:f2:07:4a:90:e7:47:df:2d:b1:
c7:08:3c:9c:0d:a4:e6:d1:64:46:12:1a:d0:8f:47:
45:ba:d2:bd:19:f5:b3:25:9c:39:4c:6c:1e:1d:89:
a0:1a:dc:02:f7:30:23:e4:de:89:f5:c6:3c:70:af:
3a:98:c2:87:bf:a7:47:02:e3:5d:82:13:1c:7b:d3:
a5:9c:3d:fb:1b:8c:84:b8:c3:ff:e1:ea:fa:87:86:
c8:d8:3a:0e:2e:87:7f:b4:26:34:60:5e:92:e0:e5:
e7:5a:f6:be:56:51:33:3f:85:89:d4:1d:f7:aa:24:
d2:d5:4e:cf:6c:90:9c:55:e2:fd:59:30:0f:92:72:
ce:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3D:B4:D4:8C:06:86:0E:57:4A:36:C2:9A:E0:CE:EE:9B:2B:47:4E
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/BD201IwGhg5XSjbCmuDO7psrR04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/23
91.228.15.0/24
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
59:32:bc:1a:ca:0d:af:3f:c2:ea:ac:60:e2:4a:19:db:a5:4a:
0c:41:5a:a8:2f:89:6c:37:22:e6:72:d5:25:53:4c:b1:7b:8a:
77:d6:3f:04:f9:7d:ad:8f:98:1b:97:ac:c4:f3:f1:99:f4:9b:
d5:32:e0:56:eb:6a:44:98:63:38:a0:47:0f:44:dd:b6:3c:03:
04:65:f6:9c:10:e4:d9:85:b6:43:7a:75:ca:78:c4:d2:8e:21:
ea:dc:90:d8:9d:14:38:c0:f2:8a:66:8b:66:c2:96:04:8c:ac:
8e:52:e0:03:4f:51:b2:b9:4c:cf:ce:c2:68:fd:bf:c4:cf:5e:
3b:b4:04:49:b3:1c:fc:87:f0:95:57:54:43:0f:02:d0:eb:bf:
99:ed:12:6f:56:f8:d3:2c:4c:42:a7:e5:b2:ce:aa:e4:72:0f:
f4:d8:c1:ff:ef:b3:ad:8e:3f:b8:78:b6:5c:d4:f4:2e:c4:05:
52:d5:ca:9c:0e:e8:7c:73:0e:63:7e:dc:d3:75:28:52:7f:91:
54:d7:24:82:d9:7d:c7:64:73:9a:d3:21:40:98:6c:53:56:b0:
cf:8f:5a:8e:bb:2c:44:49:97:70:c5:14:09:f0:14:c1:a9:94:
d2:76:ef:2e:30:8e:a4:58:4c:6d:0c:fe:93:a7:ba:02:eb:68:
21:b3:97:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYz5R3wUL45PD07ZPpktbKVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTExMTYwNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNkYjRkNDhjMDY4NjBlNTc0YTM2YzI5YWUwY2VlZTliMmI0NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP96YOCpBAvUmBL9qYsH4Xl8w1+i
z0KbEW+B1pqK+lIjuOQ39QsU/HG50+Qx1UCMRkeV4FgnVp/7WOZqzMPkXD3E+VjR
47w6hl/bU3etNJlE1/HyReV5T7fHK/nYh9cYMYG/vpMW6dbJxgrjAwNU/EhZkirb
h8R80uANLjPyB0qQ50ffLbHHCDycDaTm0WRGEhrQj0dFutK9GfWzJZw5TGweHYmg
GtwC9zAj5N6J9cY8cK86mMKHv6dHAuNdghMce9OlnD37G4yEuMP/4er6h4bI2DoO
Lod/tCY0YF6S4OXnWva+VlEzP4WJ1B33qiTS1U7PbJCcVeL9WTAPknLOPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAQ9tNSMBoYOV0o2wprgzu6bK0dOMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvQkQyMDFJd0doZzVYU2piQ211RE83cHNyUjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW+QMAwQA
W+QPMAwDBAVemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAFkyvBrKDa8/wuqs
YOJKGdulSgxBWqgviWw3IuZy1SVTTLF7infWPwT5fa2PmBuXrMTz8Zn0m9Uy4Fbr
akSYYzigRw9E3bY8AwRl9pwQ5NmFtkN6dcp4xNKOIerckNidFDjA8opmi2bClgSM
rI5S4ANPUbK5TM/Owmj9v8TPXju0BEmzHPyH8JVXVEMPAtDrv5ntEm9W+NMsTEKn
5bLOquRyD/TYwf/vs62OP7h4tlzU9C7EBVLVypwO6HxzDmN+3NN1KFJ/kVTXJILZ
fcdkc5rTIUCYbFNWsM+PWo67LERJl3DFFAnwFMGplNJ27y4wjqRYTG0M/pOnugLr
aCGzlxA=
-----END CERTIFICATE-----
Generated at Wed Feb 14 18:19:20 2024 by rpki-client on console-fra.rpki-client.org