Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/KbBPEaQQ6K28jrL6FIPqXwjC6nE.roa
File: KbBPEaQQ6K28jrL6FIPqXwjC6nE.roa (raw, json)
Hash identifier: S7y8+NJ0hl8OJNxIBhdfmtam3MftMUpo4liyojZBxk8=
Subject key identifier: 29:B0:4F:11:A4:10:E8:AD:BC:8E:B2:FA:14:83:EA:5F:08:C2:EA:71
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018B3CA5472AFCB667E30DD6DD6E9BE2D5A7
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/KbBPEaQQ6K28jrL6FIPqXwjC6nE.roa
Signing time: Tue 17 Oct 2023 07:59:06 +0000
ROA not before: Tue 17 Oct 2023 07:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 12:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:a5:47:2a:fc:b6:67:e3:0d:d6:dd:6e:9b:e2:d5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 17 07:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b04f11a410e8adbc8eb2fa1483ea5f08c2ea71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:52:b2:86:85:e5:51:21:39:82:ba:13:96:
cc:6d:7f:8e:0e:ad:0d:30:ce:9c:52:26:bd:2c:6c:
61:d3:86:3b:6a:34:fc:db:f2:4d:e7:3d:2d:29:af:
d2:77:db:3c:6c:9c:84:77:a5:e8:97:c7:25:5d:6d:
c2:0f:82:e3:9a:50:70:29:66:1b:5b:54:b5:f6:5d:
d6:e7:d8:dc:ec:2b:33:8e:a6:4d:44:4f:59:0e:b7:
85:73:33:8e:db:3f:aa:a7:0e:08:39:52:f7:2b:47:
46:9a:7a:68:17:f3:4d:a2:b0:0c:01:53:65:51:39:
38:75:0f:85:07:ce:7b:6f:b4:a4:06:40:b1:de:95:
64:9b:35:b6:3d:5d:ac:14:90:8f:55:d1:33:cf:df:
1c:03:c3:2c:42:e2:d4:2a:b0:3d:43:59:6a:1a:c7:
e1:58:72:6b:5f:3d:d0:8b:dc:04:59:51:96:93:df:
ba:05:21:e0:26:ec:90:29:be:b0:08:5c:c2:67:ad:
cb:96:b8:cf:32:23:a5:71:05:e3:e2:18:60:c8:69:
c9:2c:1e:38:ea:ea:74:47:34:df:73:2e:62:e8:2d:
5e:d5:3c:a3:26:e1:42:b0:8a:9b:2c:fb:36:5e:fc:
a9:eb:be:0b:30:9c:92:c7:37:27:c1:d1:ef:e3:73:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B0:4F:11:A4:10:E8:AD:BC:8E:B2:FA:14:83:EA:5F:08:C2:EA:71
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/KbBPEaQQ6K28jrL6FIPqXwjC6nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.34.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
5f:ec:ae:c1:f3:72:7c:42:aa:f1:3b:ea:39:a2:09:28:20:86:
04:32:07:ba:f7:ec:c0:79:96:c8:98:09:49:33:39:48:08:67:
08:ff:16:ee:29:ed:e0:4d:14:b4:d4:96:7a:e1:6d:44:c7:ad:
f4:28:44:d6:0e:b4:82:83:f2:06:69:b9:db:47:59:dd:6d:21:
7d:e0:bf:20:4e:09:84:20:cd:cf:cd:6c:87:bb:46:ce:61:c1:
a4:6b:b4:a8:b1:0c:aa:68:24:f2:35:cd:2e:08:58:d1:5c:95:
8b:bd:95:f0:71:9a:de:36:23:2e:15:db:a9:79:26:b3:5a:e1:
c1:e0:a0:57:e9:af:e5:39:62:4d:ce:ae:01:79:20:9c:15:8e:
be:12:43:44:d1:31:f0:22:d8:a7:15:93:fb:a5:d6:2f:0d:4c:
c6:48:ba:6a:51:69:fc:92:7d:30:ce:55:2e:2a:20:48:49:6b:
9e:c6:e0:dd:9a:75:43:a3:a1:43:dc:fd:fb:ff:f1:c3:ce:a4:
bb:94:73:e9:38:90:24:db:22:65:d1:bb:54:86:c1:7d:1a:8c:
1b:4a:8f:0b:e7:fa:32:ad:78:fb:48:89:be:7d:66:a6:b1:c9:
0e:31:b5:8a:de:85:07:0f:e7:28:d7:90:3d:9a:25:54:46:15:
e9:1c:6b:ba
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYs8pUcq/LZn4w3W3W6b4tWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDE3MDc1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIwNGYxMWE0MTBlOGFkYmM4ZWIyZmExNDgzZWE1ZjA4YzJlYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyNSsoaF5VEhOYK6E5bMbX+ODq0N
MM6cUia9LGxh04Y7ajT82/JN5z0tKa/Sd9s8bJyEd6Xol8clXW3CD4LjmlBwKWYb
W1S19l3W59jc7CszjqZNRE9ZDreFczOO2z+qpw4IOVL3K0dGmnpoF/NNorAMAVNl
UTk4dQ+FB857b7SkBkCx3pVkmzW2PV2sFJCPVdEzz98cA8MsQuLUKrA9Q1lqGsfh
WHJrXz3Qi9wEWVGWk9+6BSHgJuyQKb6wCFzCZ63LlrjPMiOlcQXj4hhgyGnJLB44
6up0RzTfcy5i6C1e1TyjJuFCsIqbLPs2Xvyp674LMJySxzcnwdHv43NpwwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCmwTxGkEOitvI6y+hSD6l8IwupxMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvS2JCUEVhUVE2SzI4anJMNkZJUHFYd2pDNm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBAFemiIDBABemiQwDQYJKoZIhvcNAQELBQADggEBAF/srsHzcnxCqvE7
6jmiCSgghgQyB7r37MB5lsiYCUkzOUgIZwj/Fu4p7eBNFLTUlnrhbUTHrfQoRNYO
tIKD8gZpudtHWd1tIX3gvyBOCYQgzc/NbIe7Rs5hwaRrtKixDKpoJPI1zS4IWNFc
lYu9lfBxmt42Iy4V26l5JrNa4cHgoFfpr+U5Yk3OrgF5IJwVjr4SQ0TRMfAi2KcV
k/ul1i8NTMZIumpRafySfTDOVS4qIEhJa57G4N2adUOjoUPc/fv/8cPOpLuUc+k4
kCTbImXRu1SGwX0ajBtKjwvn+jKtePtIib59ZqaxyQ4xtYrehQcP5yjXkD2aJVRG
Fekca7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org