Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/LzwOALJtqatOMNaiUwk-2bfFcMo.roa
File: LzwOALJtqatOMNaiUwk-2bfFcMo.roa (raw, json)
Hash identifier: XPb57HC4cPkoF9hPyjaRPNahXwkXI24+rt2AQSb5NAY=
Subject key identifier: 2F:3C:0E:00:B2:6D:A9:AB:4E:30:D6:A2:53:09:3E:D9:B7:C5:70:CA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018D3B3872A39C59CA10A47CE2F9B8FDB3D3
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/LzwOALJtqatOMNaiUwk-2bfFcMo.roa
Signing time: Wed 24 Jan 2024 11:26:11 +0000
ROA not before: Wed 24 Jan 2024 11:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 19:40:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:38:72:a3:9c:59:ca:10:a4:7c:e2:f9:b8:fd:b3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 24 11:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3c0e00b26da9ab4e30d6a253093ed9b7c570ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:5a:cf:4b:cf:84:4f:e6:a3:44:9e:60:d4:
37:2d:13:1e:53:fd:7b:cd:2f:35:7d:38:2a:06:64:
d7:e9:ed:9c:10:b4:c1:ce:d1:f9:b6:c3:68:2c:76:
61:17:cb:83:01:ca:de:d7:a1:d4:57:98:a3:81:22:
0e:ed:a6:6b:46:b5:f4:b4:42:5b:63:6f:73:e5:f4:
ee:60:52:c2:88:41:56:31:6b:5f:9d:d2:da:b0:26:
2c:90:31:51:02:69:cf:25:7c:4d:a7:3d:b7:d9:26:
0d:a7:79:76:4f:50:37:df:63:8c:b2:5b:2e:00:fd:
56:cf:b2:f4:2b:e1:76:f4:e9:06:44:35:eb:25:97:
8c:07:1d:b2:6d:52:c9:e3:6f:fd:49:45:1f:31:d8:
d3:a7:ef:72:06:b9:9b:86:4f:05:99:78:b1:97:38:
6b:40:03:09:cb:41:bb:e3:40:4a:69:24:21:e4:84:
11:f9:ee:03:69:08:5e:9e:24:db:22:47:3a:6b:41:
2f:6f:c8:ff:cd:3d:18:ec:ed:e9:c2:63:b9:2c:a1:
0e:bd:d7:13:85:82:bd:15:b4:e7:e7:ec:98:ac:84:
74:60:87:75:df:9f:7f:1d:0b:5b:d0:18:3c:92:80:
3d:8a:8f:c6:9b:0a:c6:ca:81:96:aa:a4:d5:bd:61:
02:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3C:0E:00:B2:6D:A9:AB:4E:30:D6:A2:53:09:3E:D9:B7:C5:70:CA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/LzwOALJtqatOMNaiUwk-2bfFcMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:04:15:e4:6c:72:b3:dd:03:9a:60:06:5b:9c:78:62:81:05:
54:02:ae:14:80:f8:8a:de:e2:9c:2f:c3:64:1b:5d:fc:1f:5e:
0f:4e:86:f6:77:06:34:40:44:be:59:79:af:1e:ac:9a:75:f2:
d4:3b:5f:86:bc:f2:1e:a0:62:79:c2:b1:52:06:8f:be:3b:79:
44:bb:0b:51:ce:a3:bf:61:13:8f:41:21:fb:d4:1d:b3:e3:37:
a1:c5:5a:7c:91:ef:23:bf:fb:62:0a:a2:3d:cf:4d:d9:6a:f2:
ac:54:8f:98:4e:ef:ae:98:67:96:0a:76:69:e0:ff:af:2c:6f:
27:0e:a9:4c:c5:2f:61:f2:21:69:b0:ca:a5:32:cf:9c:47:37:
e1:85:3f:e9:82:a3:67:75:a8:1d:44:4b:69:a3:8d:0c:cb:23:
da:5b:1e:35:b2:56:29:f5:81:fd:31:88:14:6e:0f:c9:e1:2f:
70:90:35:75:84:9b:22:18:76:82:bc:ad:bd:7f:00:7d:89:a7:
09:ef:c6:09:dd:4c:16:41:d7:6e:9e:8b:3c:2c:82:98:c9:f7:
47:2c:6a:e3:fc:b5:44:bf:0f:de:f4:cf:2f:97:54:3f:3a:0c:
e1:f6:c2:32:34:75:f4:c7:78:57:ff:d2:64:5c:b2:fe:ab:96:
96:50:03:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY07OHKjnFnKEKR84vm4/bPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTI0MTEyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNjMGUwMGIyNmRhOWFiNGUzMGQ2YTI1MzA5M2VkOWI3YzU3MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBdaz0vPhE/mo0SeYNQ3LRMeU/17
zS81fTgqBmTX6e2cELTBztH5tsNoLHZhF8uDAcre16HUV5ijgSIO7aZrRrX0tEJb
Y29z5fTuYFLCiEFWMWtfndLasCYskDFRAmnPJXxNpz232SYNp3l2T1A332OMslsu
AP1Wz7L0K+F29OkGRDXrJZeMBx2ybVLJ42/9SUUfMdjTp+9yBrmbhk8FmXixlzhr
QAMJy0G740BKaSQh5IQR+e4DaQheniTbIkc6a0Evb8j/zT0Y7O3pwmO5LKEOvdcT
hYK9FbTn5+yYrIR0YId1359/HQtb0Bg8koA9io/GmwrGyoGWqqTVvWECAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC88DgCybamrTjDWolMJPtm3xXDKMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvTHp3T0FMSnRxYXRPTU5haVV3ay0yYmZGY01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QOAwQB
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQArBBXkbHKz3QOaYAZbnHhigQVUAq4UgPiK
3uKcL8NkG138H14PTob2dwY0QES+WXmvHqyadfLUO1+GvPIeoGJ5wrFSBo++O3lE
uwtRzqO/YROPQSH71B2z4zehxVp8ke8jv/tiCqI9z03ZavKsVI+YTu+umGeWCnZp
4P+vLG8nDqlMxS9h8iFpsMqlMs+cRzfhhT/pgqNndagdREtpo40MyyPaWx41slYp
9YH9MYgUbg/J4S9wkDV1hJsiGHaCvK29fwB9iacJ78YJ3UwWQddunos8LIKYyfdH
LGrj/LVEvw/e9M8vl1Q/Ogzh9sIyNHX0x3hX/9JkXLL+q5aWUAOa
-----END CERTIFICATE-----
Generated at Tue Jan 30 20:33:56 2024 by rpki-client on console-fra.rpki-client.org