Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/K0eLDWLHHR1gCzmcHdTapGyQdX4.roa
File: K0eLDWLHHR1gCzmcHdTapGyQdX4.roa (raw, json)
Hash identifier: PYpW0w380vCYQKoQ8Mu2Cj+8hg5dNwltp45Wm0BV4Vw=
Subject key identifier: 2B:47:8B:0D:62:C7:1D:1D:60:0B:39:9C:1D:D4:DA:A4:6C:90:75:7E
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019146CBB0FAF89D4E64871C1FE9B2CA225D
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/K0eLDWLHHR1gCzmcHdTapGyQdX4.roa
Signing time: Mon 12 Aug 2024 13:33:59 +0000
ROA not before: Mon 12 Aug 2024 13:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47757
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 09:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:cb:b0:fa:f8:9d:4e:64:87:1c:1f:e9:b2:ca:22:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Aug 12 13:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b478b0d62c71d1d600b399c1dd4daa46c90757e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:16:fa:be:40:46:8c:92:90:d1:98:d3:54:
9c:fc:b7:b6:16:e2:bf:36:78:c5:90:92:76:47:85:
6b:b0:8c:1f:5f:16:fc:fd:cb:94:3a:54:71:25:de:
27:b5:b2:87:5f:f5:03:48:de:c3:5b:1d:38:e5:3a:
e6:80:11:a2:95:44:ad:76:1c:1c:eb:7a:c1:62:25:
58:6a:5d:c3:ec:b8:b7:16:6c:41:27:cd:ec:6f:83:
85:e1:19:2d:ea:40:ea:ee:0d:4f:60:4e:c7:d8:05:
aa:17:16:b5:60:05:53:cf:9a:6d:7e:8f:60:95:19:
55:2e:77:65:e0:3d:96:fd:c6:a4:71:19:23:73:e2:
2f:b0:58:c7:28:87:58:86:8f:b4:bf:30:67:e3:ac:
92:dd:57:18:5d:89:54:70:50:b8:9b:91:66:16:7f:
9a:b0:e3:3e:60:a3:27:57:fe:bd:59:cf:9e:f6:fa:
9b:e3:e9:db:ff:6e:82:c3:ea:ae:5a:c7:b0:e3:8d:
12:53:3a:95:0f:b7:3e:0a:27:76:06:9b:6d:88:16:
ac:fc:2e:9d:10:7f:df:27:d5:a1:b2:c4:24:b8:fe:
48:50:b3:cd:c0:62:66:6e:fd:e8:6f:08:2a:07:5a:
36:a8:82:3e:33:3d:61:2e:7d:49:4a:8e:11:9a:b7:
b3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:47:8B:0D:62:C7:1D:1D:60:0B:39:9C:1D:D4:DA:A4:6C:90:75:7E
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/K0eLDWLHHR1gCzmcHdTapGyQdX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e6:21:af:ea:a1:db:aa:f6:fe:b1:f9:78:52:6b:a3:67:ee:
d7:2b:54:ad:dc:5a:48:ac:be:b1:56:27:3e:1d:52:ae:43:d5:
01:8a:ab:b7:b0:c1:eb:c5:58:b5:c6:4c:81:9b:b2:4c:0f:52:
0f:b1:7a:cd:0c:9d:ac:37:42:77:a0:29:c1:23:d3:10:6c:09:
49:49:13:7e:9c:62:87:b3:43:b8:57:7a:9e:e7:c5:f4:5f:8c:
8f:07:87:d8:59:4b:1d:26:24:5a:3b:7b:1c:87:2c:28:71:85:
33:2d:07:ba:6a:c1:a7:1f:79:9b:0f:0f:08:1b:8a:0e:4b:a9:
00:55:10:c5:8c:eb:c4:81:f9:eb:27:cd:1e:fa:e8:e7:28:a7:
23:9a:31:69:be:f2:5c:14:b5:dc:84:9d:9d:80:9d:bf:48:f5:
e8:03:fe:f9:94:c0:6d:01:15:fe:fe:29:7a:0c:d0:b7:15:cc:
81:7a:9c:2e:fe:fd:94:d7:80:a4:f2:c0:32:8a:83:ef:76:8a:
a0:73:ae:1f:69:9f:54:0d:d1:5d:e6:de:ae:08:ff:b9:65:81:
e0:95:56:fd:13:4c:0b:95:1a:a5:b6:3f:03:a7:a2:59:48:9e:
5c:1f:4b:ac:44:b9:72:69:63:c4:17:53:a9:72:92:2d:4b:06:
f5:09:c7:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFGy7D6+J1OZIccH+myyiJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwODEyMTMzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ3OGIwZDYyYzcxZDFkNjAwYjM5OWMxZGQ0ZGFhNDZjOTA3NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSUW+r5ARoySkNGY01Sc/Le2FuK/
NnjFkJJ2R4VrsIwfXxb8/cuUOlRxJd4ntbKHX/UDSN7DWx045TrmgBGilUStdhwc
63rBYiVYal3D7Li3FmxBJ83sb4OF4Rkt6kDq7g1PYE7H2AWqFxa1YAVTz5ptfo9g
lRlVLndl4D2W/cakcRkjc+IvsFjHKIdYho+0vzBn46yS3VcYXYlUcFC4m5FmFn+a
sOM+YKMnV/69Wc+e9vqb4+nb/26Cw+quWsew440SUzqVD7c+Cid2BpttiBas/C6d
EH/fJ9WhssQkuP5IULPNwGJmbv3obwgqB1o2qII+Mz1hLn1JSo4RmrezSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCtHiw1ixx0dYAs5nB3U2qRskHV+MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvSzBlTERXTEhIUjFnQ3ptY0hkVGFwR3lRZFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QNAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQAS5iGv6qHbqvb+sfl4UmujZ+7XK1St3FpI
rL6xVic+HVKuQ9UBiqu3sMHrxVi1xkyBm7JMD1IPsXrNDJ2sN0J3oCnBI9MQbAlJ
SRN+nGKHs0O4V3qe58X0X4yPB4fYWUsdJiRaO3schywocYUzLQe6asGnH3mbDw8I
G4oOS6kAVRDFjOvEgfnrJ80e+ujnKKcjmjFpvvJcFLXchJ2dgJ2/SPXoA/75lMBt
ARX+/il6DNC3FcyBepwu/v2U14Ck8sAyioPvdoqgc64faZ9UDdFd5t6uCP+5ZYHg
lVb9E0wLlRqltj8Dp6JZSJ5cH0usRLlyaWPEF1OpcpItSwb1CceV
-----END CERTIFICATE-----
Generated at Thu Aug 15 12:59:25 2024 by rpki-client on console-fra.rpki-client.org