Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Bw6HcbKxMatgFhfuMTMCGpcPVe0.roa
File: Bw6HcbKxMatgFhfuMTMCGpcPVe0.roa (raw, json)
Hash identifier: o/egs5G/1zzRdRJwig9rPIdHlak+pkLyhD3kgUu0/sI=
Subject key identifier: 07:0E:87:71:B2:B1:31:AB:60:16:17:EE:31:33:02:1A:97:0F:55:ED
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01903AB00D73A1E3C6B1621720C2DEAED215
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Bw6HcbKxMatgFhfuMTMCGpcPVe0.roa
Signing time: Fri 21 Jun 2024 12:05:34 +0000
ROA not before: Fri 21 Jun 2024 12:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 10:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:b0:0d:73:a1:e3:c6:b1:62:17:20:c2:de:ae:d2:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jun 21 12:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=070e8771b2b131ab601617ee3133021a970f55ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:95:05:e1:b2:73:f9:ec:ef:4c:d5:b5:cb:4f:
72:a1:33:11:02:6b:4c:9a:64:2f:87:d9:96:f7:49:
d9:db:df:00:33:b8:96:29:de:f8:b3:77:23:e4:aa:
71:f6:1e:f5:e8:7f:2e:ad:ee:46:02:14:f9:fa:a4:
d5:ce:1d:bc:1e:52:c5:48:8b:87:04:20:fd:85:34:
6d:76:5d:82:c7:6a:f6:2c:c7:0e:d8:40:a6:51:35:
91:66:cf:bd:32:cf:83:71:3b:3b:7c:4b:0a:6e:44:
60:ff:ed:d2:5f:68:1d:d2:c3:32:23:fc:d3:f9:28:
cf:16:ef:09:76:d7:fe:be:ac:f8:87:ed:c5:8f:9a:
02:37:35:54:c8:bf:52:cd:c9:24:16:ac:d8:7a:5c:
e3:29:2a:00:52:a6:1c:6a:5c:5e:5d:c7:4c:bb:dc:
81:eb:27:3f:88:35:b4:60:24:71:5f:65:4c:62:82:
99:15:dd:56:e1:fd:63:58:04:6d:ef:88:64:2d:06:
20:21:a3:af:45:85:4e:fc:00:c9:d0:c2:31:4a:ee:
7e:20:c3:f1:d5:c2:59:f1:1f:19:22:5c:f0:b6:93:
2e:71:96:be:05:40:72:bf:5f:99:86:7f:69:2c:2c:
eb:70:7f:64:a2:9d:6c:47:85:12:8b:f4:9e:20:dc:
0f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0E:87:71:B2:B1:31:AB:60:16:17:EE:31:33:02:1A:97:0F:55:ED
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Bw6HcbKxMatgFhfuMTMCGpcPVe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e4:84:98:15:77:f9:21:89:3b:d9:51:53:fb:a5:ce:98:9f:
aa:5f:93:ee:fa:d8:b4:06:c4:78:67:a1:f6:f6:ed:7a:d9:26:
41:4f:9a:c4:1c:40:34:54:98:f5:b4:92:75:5f:88:a3:78:5e:
2a:cf:18:56:7c:dc:9c:50:8b:e9:0a:20:31:aa:cf:2c:22:dd:
52:da:bc:0b:5a:a0:46:9d:a5:e1:02:4e:c6:9a:9b:b2:8f:24:
e9:9e:bd:0e:76:d9:94:cc:b2:ef:27:c4:3d:6f:29:ce:d4:f5:
e5:51:f2:e4:09:1d:86:ad:7b:9b:93:ff:0c:72:92:e5:fd:4e:
f3:87:93:e8:86:be:7c:eb:85:cc:88:5f:14:b5:4b:ed:47:93:
55:c4:62:24:0b:d2:e7:d4:3f:bd:27:00:e8:22:5d:96:6a:a4:
b0:e5:7c:8e:d9:61:87:6a:46:e1:f6:c7:25:62:91:90:13:7c:
27:05:22:9f:a3:8d:62:7d:cd:54:bf:c7:21:7e:cb:87:56:28:
c5:1e:94:19:6e:5a:cb:07:0d:2a:53:45:f4:fd:05:15:1d:dc:
57:e7:a2:05:dd:4b:f9:df:56:72:eb:11:42:b5:9e:d5:e5:27:
aa:24:69:86:a4:61:99:50:da:02:1a:47:b0:c7:1a:4d:a2:51:
42:08:e3:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZA6sA1zoePGsWIXIMLertIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNjIxMTIwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBlODc3MWIyYjEzMWFiNjAxNjE3ZWUzMTMzMDIxYTk3MGY1NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpUF4bJz+ezvTNW1y09yoTMRAmtM
mmQvh9mW90nZ298AM7iWKd74s3cj5Kpx9h716H8ure5GAhT5+qTVzh28HlLFSIuH
BCD9hTRtdl2Cx2r2LMcO2ECmUTWRZs+9Ms+DcTs7fEsKbkRg/+3SX2gd0sMyI/zT
+SjPFu8Jdtf+vqz4h+3Fj5oCNzVUyL9SzckkFqzYelzjKSoAUqYcalxeXcdMu9yB
6yc/iDW0YCRxX2VMYoKZFd1W4f1jWARt74hkLQYgIaOvRYVO/ADJ0MIxSu5+IMPx
1cJZ8R8ZIlzwtpMucZa+BUByv1+Zhn9pLCzrcH9kop1sR4USi/SeINwPlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAcOh3GysTGrYBYX7jEzAhqXD1XtMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvQnc2SGNiS3hNYXRnRmhmdU1UTUNHcGNQVmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QOAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQCk5ISYFXf5IYk72VFT+6XOmJ+qX5Pu+ti0
BsR4Z6H29u162SZBT5rEHEA0VJj1tJJ1X4ijeF4qzxhWfNycUIvpCiAxqs8sIt1S
2rwLWqBGnaXhAk7GmpuyjyTpnr0OdtmUzLLvJ8Q9bynO1PXlUfLkCR2GrXubk/8M
cpLl/U7zh5Pohr5864XMiF8UtUvtR5NVxGIkC9Ln1D+9JwDoIl2WaqSw5XyO2WGH
akbh9sclYpGQE3wnBSKfo41ifc1Uv8chfsuHVijFHpQZblrLBw0qU0X0/QUVHdxX
56IF3Uv531Zy6xFCtZ7V5SeqJGmGpGGZUNoCGkewxxpNolFCCOMK
-----END CERTIFICATE-----
Generated at Sat Jun 22 13:19:40 2024 by rpki-client on console-ams.rpki-client.org