Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HU27s2U2jxGozzTpzM2V-knsTjY.roa
File: HU27s2U2jxGozzTpzM2V-knsTjY.roa (raw, json)
Hash identifier: wEyeDU66v0R/+KvPqPPHnirDtgSyzMya8c4/NvcADQ4=
Subject key identifier: 1D:4D:BB:B3:65:36:8F:11:A8:CF:34:E9:CC:CD:95:FA:49:EC:4E:36
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018AF4EB3CE5D4260B4E33E51B93448641FF
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HU27s2U2jxGozzTpzM2V-knsTjY.roa
Signing time: Tue 03 Oct 2023 09:42:51 +0000
ROA not before: Tue 03 Oct 2023 09:42:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:eb:3c:e5:d4:26:0b:4e:33:e5:1b:93:44:86:41:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 3 09:42:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d4dbbb365368f11a8cf34e9cccd95fa49ec4e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c0:4b:93:bf:ae:ee:9b:70:1a:4c:a2:43:0b:
63:0a:45:48:b0:0d:13:1e:21:85:8d:0e:8d:1f:d7:
56:6e:22:7e:f2:12:9d:eb:d6:42:dd:37:77:46:47:
57:3f:37:0d:cd:e2:d7:50:e5:a3:39:4d:c0:7e:90:
be:32:fd:d2:13:86:b7:c7:65:7f:bb:3f:9c:4b:d0:
5a:87:a0:ed:9b:bf:9d:c1:28:f1:cf:b0:7a:fe:22:
79:90:75:70:22:05:9b:fe:38:ba:5c:19:d0:0d:0d:
e8:d4:63:80:b7:22:9b:4e:93:4a:b2:b5:e3:f3:eb:
ae:2b:75:60:1b:c2:3b:0f:c0:76:cb:ce:30:19:a5:
c7:24:1f:89:13:0d:2c:ea:31:6c:ec:ff:20:ee:2d:
d6:5c:7e:eb:b5:ae:d5:3a:b3:35:64:b6:5a:5e:a5:
10:dc:ac:52:eb:a7:5b:29:3f:e0:d5:77:55:a8:54:
87:38:dc:42:f5:80:51:d5:a5:fd:9f:a5:fb:fa:02:
db:3a:61:24:9c:87:0a:6b:28:8d:84:8e:3c:6f:0c:
96:b5:19:b2:14:30:01:f0:b5:2d:96:a8:d0:ae:e1:
ba:81:80:ea:ab:4d:93:6d:56:1d:a3:8a:08:74:e0:
98:97:a8:63:75:4b:0d:8f:9d:b3:76:70:92:e6:ca:
34:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4D:BB:B3:65:36:8F:11:A8:CF:34:E9:CC:CD:95:FA:49:EC:4E:36
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HU27s2U2jxGozzTpzM2V-knsTjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.15.255
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
93:40:63:bb:05:ee:66:b5:df:03:7e:54:ad:69:30:cd:89:98:
c2:e0:3f:a3:f5:79:f7:c8:fa:6d:d2:1c:73:83:d0:98:fd:27:
a6:3d:c7:fc:1c:d8:86:b2:f0:26:04:90:8f:6a:8e:a1:dc:a0:
37:73:a5:95:36:86:b4:74:e6:fe:3c:29:9f:48:b7:78:6e:85:
8d:a0:f4:e1:2b:25:32:92:d5:fe:fa:3a:c2:0f:ae:2f:6e:9b:
c3:4d:03:3e:e2:c8:e6:1e:d8:a5:cb:b6:13:04:0d:8f:6c:e2:
88:05:0e:02:c6:04:4c:e9:73:dd:f0:88:c8:2d:ae:5c:ba:67:
5b:a8:28:86:36:a5:05:e2:37:cb:d0:d6:1f:07:76:2c:d9:71:
31:62:52:1c:49:63:b1:e9:03:9e:22:db:d8:62:24:2c:54:54:
49:91:e1:55:1d:0a:c5:89:25:66:55:fe:d0:22:15:38:f3:b5:
bb:21:d9:8b:a0:25:be:eb:04:3c:83:9e:9b:a0:67:97:47:be:
12:c4:d7:47:52:c9:81:44:90:2b:03:77:8e:63:44:a5:d8:51:
e2:70:22:44:e3:28:ae:2b:0c:2b:54:a8:da:97:02:af:f1:2d:
73:fa:fa:c6:da:86:4f:4a:54:d1:18:37:51:f1:86:79:5a:9c:
28:43:b0:0f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYr06zzl1CYLTjPlG5NEhkH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDAzMDk0MjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDRkYmJiMzY1MzY4ZjExYThjZjM0ZTljY2NkOTVmYTQ5ZWM0ZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMBLk7+u7ptwGkyiQwtjCkVIsA0T
HiGFjQ6NH9dWbiJ+8hKd69ZC3Td3RkdXPzcNzeLXUOWjOU3AfpC+Mv3SE4a3x2V/
uz+cS9Bah6Dtm7+dwSjxz7B6/iJ5kHVwIgWb/ji6XBnQDQ3o1GOAtyKbTpNKsrXj
8+uuK3VgG8I7D8B2y84wGaXHJB+JEw0s6jFs7P8g7i3WXH7rta7VOrM1ZLZaXqUQ
3KxS66dbKT/g1XdVqFSHONxC9YBR1aX9n6X7+gLbOmEknIcKayiNhI48bwyWtRmy
FDAB8LUtlqjQruG6gYDqq02TbVYdo4oIdOCYl6hjdUsNj52zdnCS5so0AwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB1Nu7NlNo8RqM806czNlfpJ7E42MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvSFUyN3MyVTJqeEdvenpUcHpNMlYta25zVGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABb5A0D
BARb5AADBAJemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAJNAY7sF7ma13wN+
VK1pMM2JmMLgP6P1effI+m3SHHOD0Jj9J6Y9x/wc2Iay8CYEkI9qjqHcoDdzpZU2
hrR05v48KZ9It3huhY2g9OErJTKS1f76OsIPri9um8NNAz7iyOYe2KXLthMEDY9s
4ogFDgLGBEzpc93wiMgtrly6Z1uoKIY2pQXiN8vQ1h8HdizZcTFiUhxJY7HpA54i
29hiJCxUVEmR4VUdCsWJJWZV/tAiFTjztbsh2YugJb7rBDyDnpugZ5dHvhLE10dS
yYFEkCsDd45jRKXYUeJwIkTjKK4rDCtUqNqXAq/xLXP6+sbahk9KVNEYN1Hxhnla
nChDsA8=
-----END CERTIFICATE-----
Generated at Thu Oct 12 16:48:36 2023 by rpki-client on console-fra.rpki-client.org