Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/EKIF236XTtyWSyWedZ2_o8GoW3I.roa
File: EKIF236XTtyWSyWedZ2_o8GoW3I.roa (raw, json)
Hash identifier: RY+/0rWmdtcMpsKBVKC9DG3Fs8MgtJznori9zVHvGbQ=
Subject key identifier: 10:A2:05:DB:7E:97:4E:DC:96:4B:25:9E:75:9D:BF:A3:C1:A8:5B:72
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0185C974A7FDF41712C016AF09CCE9FB8D59
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/EKIF236XTtyWSyWedZ2_o8GoW3I.roa
Signing time: Thu 19 Jan 2023 09:55:43 +0000
ROA not before: Thu 19 Jan 2023 09:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:74:a7:fd:f4:17:12:c0:16:af:09:cc:e9:fb:8d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 19 09:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a205db7e974edc964b259e759dbfa3c1a85b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:ee:50:35:6b:68:f8:0f:ce:74:98:60:87:
3d:5e:e5:6a:3a:e7:bb:d2:92:8f:33:af:04:3d:c9:
f7:45:27:20:9d:03:49:16:2c:8b:c5:d2:75:82:f8:
30:9f:ea:42:b1:29:9c:77:cb:d6:a7:d5:db:ba:d3:
e8:b6:c8:db:4d:8e:6a:b1:6a:d6:7b:7b:cc:95:c9:
38:a7:c6:62:06:f9:5b:67:63:fe:43:ac:a1:35:fb:
95:7e:d8:5e:49:a8:82:cf:b8:21:e5:97:5b:f7:6a:
4d:5a:39:00:ab:9e:67:a5:49:f6:d2:e0:fa:2b:fe:
9e:68:d2:34:22:23:ba:78:a6:28:87:a5:46:bb:4f:
d9:d1:cc:e7:8f:31:6e:52:19:f2:73:07:e2:91:36:
0a:ab:e2:12:23:2b:4f:44:62:8c:9e:9c:49:65:5f:
65:3e:8a:5e:c4:ac:9e:10:24:28:10:23:81:17:b1:
0d:93:02:c0:ac:e5:8c:02:f4:28:5c:92:e9:75:a6:
82:53:62:98:d3:16:db:7b:a8:1d:4f:e8:3f:9e:10:
e8:0f:f1:e9:67:30:07:2d:fc:b2:f3:61:2a:08:46:
84:4d:fb:23:bc:3b:9f:00:94:02:55:bc:15:59:55:
c6:8f:dc:6f:8c:0a:35:66:92:e3:a1:5a:55:cd:2e:
d0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A2:05:DB:7E:97:4E:DC:96:4B:25:9E:75:9D:BF:A3:C1:A8:5B:72
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/EKIF236XTtyWSyWedZ2_o8GoW3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.32.0/24
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:98:28:27:6d:3a:f9:b4:ee:9c:c7:f5:e2:c3:d6:15:5f:38:
6b:cd:1a:e5:ef:2f:35:44:65:e7:ae:4a:44:95:6c:bd:b8:09:
4e:66:c7:16:9f:c8:12:3d:67:ea:8f:c2:02:29:5c:14:1e:cb:
35:f0:27:ed:da:56:64:7b:bc:3c:ae:b4:9a:9b:6c:25:18:c2:
0e:87:69:75:17:08:30:49:f1:9d:d5:10:19:38:e1:26:97:fa:
9b:2e:3a:18:2f:38:bb:6d:f9:c8:1d:b8:32:46:34:db:29:69:
4e:7a:87:e6:a6:3c:fe:51:f2:0e:3b:ee:66:aa:de:b0:32:64:
8a:44:8f:69:59:f4:a2:7e:ce:ca:60:16:00:32:d6:21:1f:8a:
63:c2:27:85:7b:96:57:e7:ee:07:f3:90:c5:a1:94:dc:46:af:
56:a9:c8:dc:98:17:c8:46:c4:0e:8a:bf:a1:a3:c8:ce:7c:72:
ed:59:40:5a:bc:72:35:f5:dd:65:38:6f:9b:25:ac:05:5e:81:
8e:6c:1e:89:74:10:a0:85:ac:23:08:b6:66:17:3a:dc:68:37:
3b:ef:19:62:91:0e:25:49:aa:3b:8d:81:ce:6b:1c:89:cf:f5:
ed:f0:73:f7:ce:d1:93:b9:d9:4f:1d:a2:22:5e:2a:d6:7e:7a:
a9:60:ff:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXJdKf99BcSwBavCczp+41ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwMTE5MDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEyMDVkYjdlOTc0ZWRjOTY0YjI1OWU3NTlkYmZhM2MxYTg1YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB/uUDVraPgPznSYYIc9XuVqOue7
0pKPM68EPcn3RScgnQNJFiyLxdJ1gvgwn+pCsSmcd8vWp9XbutPotsjbTY5qsWrW
e3vMlck4p8ZiBvlbZ2P+Q6yhNfuVftheSaiCz7gh5Zdb92pNWjkAq55npUn20uD6
K/6eaNI0IiO6eKYoh6VGu0/Z0cznjzFuUhnycwfikTYKq+ISIytPRGKMnpxJZV9l
PopexKyeECQoECOBF7ENkwLArOWMAvQoXJLpdaaCU2KY0xbbe6gdT+g/nhDoD/Hp
ZzAHLfyy82EqCEaETfsjvDufAJQCVbwVWVXGj9xvjAo1ZpLjoVpVzS7QjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBCiBdt+l07clkslnnWdv6PBqFtyMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvRUtJRjIzNlhUdHlXU3lXZWRaMl9vOEdvVzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QNAwQA
XpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQB9mCgnbTr5tO6cx/Xiw9YVXzhr
zRrl7y81RGXnrkpElWy9uAlOZscWn8gSPWfqj8ICKVwUHss18Cft2lZke7w8rrSa
m2wlGMIOh2l1FwgwSfGd1RAZOOEml/qbLjoYLzi7bfnIHbgyRjTbKWlOeofmpjz+
UfIOO+5mqt6wMmSKRI9pWfSifs7KYBYAMtYhH4pjwieFe5ZX5+4H85DFoZTcRq9W
qcjcmBfIRsQOir+ho8jOfHLtWUBavHI19d1lOG+bJawFXoGObB6JdBCghawjCLZm
FzrcaDc77xlikQ4lSao7jYHOaxyJz/Xt8HP3ztGTudlPHaIiXirWfnqpYP+B
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:32 2024 by rpki-client on console-fra.rpki-client.org