Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FK2aH6x0gUYndBkZlQcoa9i7c2s.roa
File: FK2aH6x0gUYndBkZlQcoa9i7c2s.roa (raw, json)
Hash identifier: X217tyrxe0ghBqjGg8KsGuAIaCE+frH2b/BPlQit58Q=
Subject key identifier: 14:AD:9A:1F:AC:74:81:46:27:74:19:19:95:07:28:6B:D8:BB:73:6B
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01904F782DFF8B4AAD958ED40190763B536B
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FK2aH6x0gUYndBkZlQcoa9i7c2s.roa
Signing time: Tue 25 Jun 2024 12:56:34 +0000
ROA not before: Tue 25 Jun 2024 12:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 13:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:78:2d:ff:8b:4a:ad:95:8e:d4:01:90:76:3b:53:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jun 25 12:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14ad9a1fac748146277419199507286bd8bb736b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:08:f6:4a:e1:5d:c7:eb:7a:49:bc:a9:e1:
13:cd:ce:29:eb:74:ac:b5:58:f9:68:49:29:4e:d4:
d3:a5:29:5b:d1:94:b4:45:13:35:d7:0f:5e:6a:07:
89:39:63:94:bf:f1:2e:36:ae:49:4e:fd:d3:fa:a4:
7a:a7:c7:76:0c:1d:fe:24:83:fe:5b:1a:d5:d6:51:
3b:e9:58:8c:cb:b6:8e:35:ac:b0:c3:00:5b:4c:d8:
ef:cd:41:a8:e4:30:a7:c3:02:3b:a8:34:a6:46:f9:
62:43:1d:fd:7a:4f:83:0f:41:3f:5d:f7:8f:b8:2f:
92:a3:60:1c:a6:a2:ff:b9:7e:a6:a9:1d:73:21:53:
d4:f5:5f:4c:ad:98:36:00:70:07:e7:09:f2:3f:df:
88:73:08:c1:da:65:6d:88:81:fc:d7:00:ff:73:76:
40:e0:65:ff:6f:4e:23:00:d9:26:3e:b3:3f:9f:54:
72:e1:31:9d:8e:66:a0:41:c7:3c:94:a6:80:b4:0a:
8a:eb:31:4f:ad:47:be:99:14:06:ee:85:bb:16:ea:
3b:bc:8c:31:61:ae:a7:77:fc:e5:ed:2f:70:72:9a:
37:d6:67:6d:4a:cc:b4:fe:e5:ac:ff:2f:83:81:cd:
9a:32:c0:43:95:3c:3b:4b:c7:0c:8c:c7:7f:ab:64:
c7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AD:9A:1F:AC:74:81:46:27:74:19:19:95:07:28:6B:D8:BB:73:6B
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FK2aH6x0gUYndBkZlQcoa9i7c2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/23
91.228.15.0/24
Signature Algorithm: sha256WithRSAEncryption
60:cc:74:e6:86:0f:61:cf:b2:2a:c6:c8:8b:81:a9:fa:f1:f5:
61:45:d6:e9:78:66:d6:d4:9a:31:64:9d:13:35:47:b8:50:7a:
3e:b9:3b:b6:68:5a:a3:a3:0d:44:1b:a9:b8:21:da:c5:ad:b3:
b3:75:ab:0c:be:bd:6a:b5:09:ff:63:3e:9c:9a:8a:7a:0f:1b:
4c:ef:20:75:7f:3e:cf:00:75:5b:7e:ed:d2:94:ac:f5:94:53:
ae:d2:60:7a:b7:9b:d2:8d:81:db:39:57:a3:10:27:fe:20:42:
4b:a9:9e:38:7b:fd:06:87:e9:39:aa:19:c1:07:e3:04:a2:c6:
ea:82:69:ae:4c:84:cb:a6:df:f6:f5:ea:ba:77:0d:6e:3d:3e:
6e:ea:68:14:e3:9f:c2:c7:cd:f7:08:d3:b3:d8:6c:ed:55:ba:
12:fa:ed:03:af:ee:d2:db:ef:8f:08:f4:04:42:00:7d:db:93:
dc:9f:a1:1d:e6:bb:33:37:27:12:62:89:fd:2b:d6:b4:9e:dc:
ae:6b:20:2f:21:f9:34:45:12:51:24:ec:8e:91:1c:40:1d:64:
c2:f3:fb:47:07:72:bc:3a:2d:f0:68:9e:01:b5:bb:6d:22:1f:
06:83:55:a3:44:3f:11:bc:73:28:a5:d6:fc:d5:32:61:09:30:
87:b9:41:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBPeC3/i0qtlY7UAZB2O1NrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNjI1MTI1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGFkOWExZmFjNzQ4MTQ2Mjc3NDE5MTk5NTA3Mjg2YmQ4YmI3MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzAI9krhXcfrekm8qeETzc4p63Ss
tVj5aEkpTtTTpSlb0ZS0RRM11w9eageJOWOUv/EuNq5JTv3T+qR6p8d2DB3+JIP+
WxrV1lE76ViMy7aONaywwwBbTNjvzUGo5DCnwwI7qDSmRvliQx39ek+DD0E/XfeP
uC+So2AcpqL/uX6mqR1zIVPU9V9MrZg2AHAH5wnyP9+IcwjB2mVtiIH81wD/c3ZA
4GX/b04jANkmPrM/n1Ry4TGdjmagQcc8lKaAtAqK6zFPrUe+mRQG7oW7Fuo7vIwx
Ya6nd/zl7S9wcpo31mdtSsy0/uWs/y+Dgc2aMsBDlTw7S8cMjMd/q2THXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBStmh+sdIFGJ3QZGZUHKGvYu3NrMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvRksyYUg2eDBnVVluZEJrWmxRY29hOWk3YzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QMAwQA
W+QPMA0GCSqGSIb3DQEBCwUAA4IBAQBgzHTmhg9hz7IqxsiLgan68fVhRdbpeGbW
1JoxZJ0TNUe4UHo+uTu2aFqjow1EG6m4IdrFrbOzdasMvr1qtQn/Yz6cmop6DxtM
7yB1fz7PAHVbfu3SlKz1lFOu0mB6t5vSjYHbOVejECf+IEJLqZ44e/0Gh+k5qhnB
B+MEosbqgmmuTITLpt/29eq6dw1uPT5u6mgU45/Cx833CNOz2GztVboS+u0Dr+7S
2++PCPQEQgB925Pcn6Ed5rszNycSYon9K9a0ntyuayAvIfk0RRJRJOyOkRxAHWTC
8/tHB3K8Oi3waJ4BtbttIh8Gg1WjRD8RvHMopdb81TJhCTCHuUFn
-----END CERTIFICATE-----
Generated at Thu Jun 27 17:22:26 2024 by rpki-client on console-fra.rpki-client.org