Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HucG1ZrI1EHpUEZem7HOcvqGzRk.roa
File: HucG1ZrI1EHpUEZem7HOcvqGzRk.roa (raw, json)
Hash identifier: +/SEaiLfEf3p/mQBvI0e7SaKWNJo33BUQ4E1ZUMU7UA=
Subject key identifier: 1E:E7:06:D5:9A:C8:D4:41:E9:50:46:5E:9B:B1:CE:72:FA:86:CD:19
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0189C0EFF3372B7A40D2A5406C6E701E06F1
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HucG1ZrI1EHpUEZem7HOcvqGzRk.roa
Signing time: Fri 04 Aug 2023 14:24:58 +0000
ROA not before: Fri 04 Aug 2023 14:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 12:23:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:ef:f3:37:2b:7a:40:d2:a5:40:6c:6e:70:1e:06:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Aug 4 14:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ee706d59ac8d441e950465e9bb1ce72fa86cd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:94:d2:52:21:fc:e2:7f:a6:dc:b0:a6:46:ef:
16:0b:39:03:05:6a:d0:15:b2:dc:55:e8:b7:bc:aa:
ed:39:9e:08:76:1e:b0:55:4e:a2:c1:a4:4b:da:e3:
2f:3b:e4:a7:91:b6:11:e6:bd:b9:c5:3c:76:bb:29:
6c:cd:94:0e:8e:9f:ff:5a:5f:83:d8:14:31:1d:23:
67:45:d1:d2:a8:8b:a4:ca:72:4e:e1:c3:91:62:1d:
76:57:0d:0f:25:7f:ba:70:2c:94:36:2b:56:31:4a:
e0:0b:19:e1:fd:35:f3:08:59:14:d4:f5:cc:f4:3d:
ec:36:3f:2b:76:5a:60:ed:ef:ce:e9:14:94:7e:46:
98:69:4c:d6:84:96:2f:0e:b8:bd:da:14:62:32:10:
0d:ad:88:e6:66:c8:5d:4c:f6:b9:59:7c:ff:1b:c8:
9a:46:06:20:b0:db:5a:f0:90:41:d5:c2:1f:6a:ea:
06:84:fd:a4:ac:13:dc:16:14:5f:ce:a2:e2:1c:ee:
0d:58:cd:73:26:33:27:90:09:de:13:80:c0:17:6e:
e0:93:b6:f0:ee:35:44:e1:98:99:e3:81:51:e6:ac:
84:3d:31:a3:e1:6b:bb:2f:a2:a1:ce:f8:17:51:9f:
03:a6:1c:95:6f:e8:8c:01:85:ea:55:ef:ba:28:90:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E7:06:D5:9A:C8:D4:41:E9:50:46:5E:9B:B1:CE:72:FA:86:CD:19
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/HucG1ZrI1EHpUEZem7HOcvqGzRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.37.0/24
Signature Algorithm: sha256WithRSAEncryption
21:2b:c1:38:00:ab:68:88:92:02:df:30:20:5e:0a:1e:1d:de:
0b:30:ef:73:dc:cc:32:37:17:08:9a:e9:5c:48:82:df:48:3b:
bc:bd:7a:6f:ab:ac:77:f8:24:38:f4:a6:92:73:52:1f:86:52:
bf:55:8a:8e:89:95:0d:5a:fb:e6:fa:82:99:15:5d:1e:e5:55:
f1:c2:4c:65:36:a2:71:31:a8:ef:f1:98:56:fe:02:c1:93:5e:
50:b0:72:7c:5a:ae:f9:25:17:f9:61:ff:2e:e8:f4:05:ac:da:
1a:4c:4e:e1:d8:ea:76:1f:0c:1f:31:33:d8:95:98:c8:7b:1e:
45:52:18:cd:2b:9a:da:a9:94:b1:a8:e9:eb:31:b9:c5:d5:69:
3f:b0:ea:7f:cd:e6:76:17:29:83:28:a7:8c:ed:7d:05:50:35:
e1:02:f1:fe:3b:88:8b:32:19:4e:e8:80:1d:42:44:80:9f:ab:
71:72:5f:a4:f0:da:d1:89:d3:87:37:4d:e2:07:a0:83:87:b8:
16:bf:91:bb:dc:42:82:ed:35:3c:d7:79:71:0c:1b:b9:81:e8:
64:1f:46:ef:fc:73:ca:1d:3b:7b:51:86:d1:88:8a:22:7f:7e:
32:05:26:50:6a:39:24:b6:fb:c5:c1:53:bf:76:18:13:dd:a7:
5a:cc:75:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnA7/M3K3pA0qVAbG5wHgbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwODA0MTQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWU3MDZkNTlhYzhkNDQxZTk1MDQ2NWU5YmIxY2U3MmZhODZjZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZTSUiH84n+m3LCmRu8WCzkDBWrQ
FbLcVei3vKrtOZ4Idh6wVU6iwaRL2uMvO+SnkbYR5r25xTx2uylszZQOjp//Wl+D
2BQxHSNnRdHSqIukynJO4cORYh12Vw0PJX+6cCyUNitWMUrgCxnh/TXzCFkU1PXM
9D3sNj8rdlpg7e/O6RSUfkaYaUzWhJYvDri92hRiMhANrYjmZshdTPa5WXz/G8ia
RgYgsNta8JBB1cIfauoGhP2krBPcFhRfzqLiHO4NWM1zJjMnkAneE4DAF27gk7bw
7jVE4ZiZ44FR5qyEPTGj4Wu7L6KhzvgXUZ8DphyVb+iMAYXqVe+6KJAyNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7nBtWayNRB6VBGXpuxznL6hs0ZMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvSHVjRzFackkxRUhwVUVaZW03SE9jdnFHelJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QOAwQA
XpolMA0GCSqGSIb3DQEBCwUAA4IBAQAhK8E4AKtoiJIC3zAgXgoeHd4LMO9z3Mwy
NxcImulcSILfSDu8vXpvq6x3+CQ49KaSc1IfhlK/VYqOiZUNWvvm+oKZFV0e5VXx
wkxlNqJxMajv8ZhW/gLBk15QsHJ8Wq75JRf5Yf8u6PQFrNoaTE7h2Op2HwwfMTPY
lZjIex5FUhjNK5raqZSxqOnrMbnF1Wk/sOp/zeZ2FymDKKeM7X0FUDXhAvH+O4iL
MhlO6IAdQkSAn6txcl+k8NrRidOHN03iB6CDh7gWv5G73EKC7TU813lxDBu5gehk
H0bv/HPKHTt7UYbRiIoif34yBSZQajkktvvFwVO/dhgT3adazHXu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org