Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/GB4lRzLyUOnzhMJULjJ96sn3IY0.roa
File: GB4lRzLyUOnzhMJULjJ96sn3IY0.roa (raw, json)
Hash identifier: ybVH01lMkRKibEpYFVE/sNJS7zNn6jgf0Zh9GowGGmk=
Subject key identifier: 18:1E:25:47:32:F2:50:E9:F3:84:C2:54:2E:32:7D:EA:C9:F7:21:8D
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CC7257BCC4707721B349718EAF1ADFC2C
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/GB4lRzLyUOnzhMJULjJ96sn3IY0.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7b:cc:47:07:72:1b:34:97:18:ea:f1:ad:fc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=181e254732f250e9f384c2542e327deac9f7218d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:70:c9:7d:70:c8:86:c5:aa:06:1b:13:b4:cc:
c5:dd:e7:a4:01:fa:8d:16:95:d7:da:15:78:17:30:
a2:22:24:77:64:2e:28:66:36:7e:36:6b:9a:dc:be:
a7:01:67:a7:7e:a8:8e:b5:34:16:b3:e4:15:17:2e:
8b:02:6a:b9:ef:83:ee:92:3d:37:bd:c1:a6:18:fd:
27:aa:ed:f3:58:ee:fe:38:41:95:54:69:ed:1c:aa:
fb:13:cb:cd:ac:49:31:3c:ea:e6:0a:3a:3d:4a:1f:
07:8f:6f:38:72:af:f2:d0:23:68:09:89:d7:db:68:
02:41:df:35:5a:22:8a:f1:a1:48:7b:49:01:4b:64:
f7:94:a1:31:00:1c:5c:86:ea:d1:ca:49:0c:32:80:
1c:6c:61:76:a1:33:6c:0a:eb:5d:d6:47:69:33:a0:
53:12:b2:38:c1:f6:00:e1:40:6a:a5:86:92:97:44:
91:ce:14:d3:e6:97:8d:cd:ca:b7:10:8e:64:d3:e3:
16:31:88:eb:16:1a:09:09:6f:f8:e9:d5:e3:ed:66:
ee:2a:88:9a:4e:63:11:ce:ef:19:7b:b3:6a:0e:a8:
28:95:35:7c:f4:d5:01:64:95:cb:ac:b9:e2:6f:3b:
ca:f7:0b:48:58:09:ad:74:2f:ad:9f:b3:e4:bc:e6:
b5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1E:25:47:32:F2:50:E9:F3:84:C2:54:2E:32:7D:EA:C9:F7:21:8D
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/GB4lRzLyUOnzhMJULjJ96sn3IY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:15:58:ac:ce:d8:45:31:70:17:49:14:67:ae:9f:cc:dc:ae:
98:4a:ef:87:37:24:ed:33:3a:69:19:44:9a:f6:04:e8:e9:a8:
f6:6f:db:a4:e4:05:65:a7:12:47:5a:de:cc:6f:4c:5d:55:45:
c5:ac:97:2d:a6:44:45:93:5d:3f:42:34:51:a0:7c:ca:fa:b0:
40:84:15:a9:a0:e8:61:9f:2a:31:15:ea:b1:47:45:9e:e7:48:
be:e8:ba:0d:09:3b:c0:d3:a5:08:79:34:4f:32:82:d8:8d:1b:
17:84:64:c7:c3:a5:47:af:a5:52:01:07:4a:9d:6e:57:76:d3:
63:06:7f:db:49:79:6f:36:65:fb:51:de:a9:90:0b:78:d8:d8:
49:1e:6a:cf:07:4d:e1:6d:a5:e9:a4:0c:41:00:06:f6:40:88:
4d:13:30:51:6f:68:a4:15:cc:73:8c:30:00:b3:e5:d7:38:a2:
31:21:d0:a8:4c:3c:4d:19:8d:e7:bc:32:cb:06:10:2e:a1:f3:
c9:fc:ea:e8:44:fa:60:bd:02:bd:95:57:73:ea:14:eb:a2:f4:
7e:97:d6:bd:5e:aa:8b:fb:b9:c5:ab:fd:58:35:34:ed:68:ed:
68:45:e7:1d:ed:7c:21:65:83:65:24:42:b4:04:81:2b:2b:f2:
3c:57:a5:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXvMRwdyGzSXGOrxrfwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFlMjU0NzMyZjI1MGU5ZjM4NGMyNTQyZTMyN2RlYWM5ZjcyMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3DJfXDIhsWqBhsTtMzF3eekAfqN
FpXX2hV4FzCiIiR3ZC4oZjZ+Nmua3L6nAWenfqiOtTQWs+QVFy6LAmq574Pukj03
vcGmGP0nqu3zWO7+OEGVVGntHKr7E8vNrEkxPOrmCjo9Sh8Hj284cq/y0CNoCYnX
22gCQd81WiKK8aFIe0kBS2T3lKExABxchurRykkMMoAcbGF2oTNsCutd1kdpM6BT
ErI4wfYA4UBqpYaSl0SRzhTT5peNzcq3EI5k0+MWMYjrFhoJCW/46dXj7WbuKoia
TmMRzu8Ze7NqDqgolTV89NUBZJXLrLnibzvK9wtIWAmtdC+tn7PkvOa1uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgeJUcy8lDp84TCVC4yferJ9yGNMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvR0I0bFJ6THlVT256aE1KVUxqSjk2c24zSVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QPMA0G
CSqGSIb3DQEBCwUAA4IBAQBLFViszthFMXAXSRRnrp/M3K6YSu+HNyTtMzppGUSa
9gTo6aj2b9uk5AVlpxJHWt7Mb0xdVUXFrJctpkRFk10/QjRRoHzK+rBAhBWpoOhh
nyoxFeqxR0We50i+6LoNCTvA06UIeTRPMoLYjRsXhGTHw6VHr6VSAQdKnW5XdtNj
Bn/bSXlvNmX7Ud6pkAt42NhJHmrPB03hbaXppAxBAAb2QIhNEzBRb2ikFcxzjDAA
s+XXOKIxIdCoTDxNGY3nvDLLBhAuofPJ/OroRPpgvQK9lVdz6hTrovR+l9a9XqqL
+7nFq/1YNTTtaO1oRecd7XwhZYNlJEK0BIErK/I8V6Wo
-----END CERTIFICATE-----
Generated at Tue Jan 16 12:45:16 2024 by rpki-client on console-ams.rpki-client.org