Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OWF7e-p1poyA-XdEG49DTZHVtT8.roa
File: OWF7e-p1poyA-XdEG49DTZHVtT8.roa (raw, json)
Hash identifier: 37SjKha8h387Hx7Xuft6DLfE/bKNtGzS/59iDbDZVXY=
Subject key identifier: 39:61:7B:7B:EA:75:A6:8C:80:F9:77:44:1B:8F:43:4D:91:D5:B5:3F
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018B29118471AA8B39FE6400D4E0FB939B6A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OWF7e-p1poyA-XdEG49DTZHVtT8.roa
Signing time: Fri 13 Oct 2023 12:44:55 +0000
ROA not before: Fri 13 Oct 2023 12:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:11:84:71:aa:8b:39:fe:64:00:d4:e0:fb:93:9b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 13 12:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39617b7bea75a68c80f977441b8f434d91d5b53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:2e:72:9f:f7:7b:3a:40:9e:e2:12:8b:da:
ae:67:cb:0f:36:f1:b2:8f:ca:f3:6f:fb:de:6a:5a:
95:10:03:2e:81:3e:65:09:ec:93:90:b6:07:10:ff:
fd:42:b7:b9:d3:f1:d4:9c:fc:2c:7f:1a:ae:47:5f:
66:9b:fb:ee:63:84:28:5b:a1:5a:48:92:6d:b0:9d:
8f:62:8b:b0:3a:a1:0e:41:3b:3d:2b:43:9d:49:4d:
0b:aa:7d:e8:69:7b:53:ca:b8:ee:a3:2e:77:49:a8:
9b:d4:5d:4d:3d:ac:33:49:a7:28:3c:3b:e5:2d:d7:
67:6f:60:a8:68:c8:3e:97:58:d9:93:8e:02:73:03:
13:68:bd:2d:e0:3f:9c:4b:b5:87:a0:c3:cd:e4:21:
d0:69:d2:6b:22:b4:f3:f8:bb:b9:d0:04:be:3c:53:
45:c0:34:f6:b3:d3:37:cf:23:45:e6:ba:04:90:37:
1a:e9:c8:ae:f4:03:62:66:9a:73:73:a8:00:db:f1:
03:ec:97:62:c2:dd:81:36:42:60:c6:a5:4d:51:13:
ed:5f:ee:61:d9:39:76:d5:2e:3a:aa:96:1d:d2:19:
16:53:8d:2c:45:0b:47:47:a2:df:b6:f3:66:fe:e8:
53:58:8c:39:79:0d:53:1f:4c:80:77:63:fc:eb:65:
c6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:61:7B:7B:EA:75:A6:8C:80:F9:77:44:1B:8F:43:4D:91:D5:B5:3F
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OWF7e-p1poyA-XdEG49DTZHVtT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.33.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
91:1a:f2:1d:dd:11:c2:4b:e7:27:59:fd:af:50:1c:da:f4:03:
82:4f:57:18:7d:13:62:cd:fb:23:cf:d3:a0:55:c3:29:0b:5b:
25:c2:0b:41:10:13:11:92:e1:c9:62:a1:8d:d9:19:7b:51:3e:
43:3a:cb:4c:3a:e1:55:ad:b5:a3:ba:df:47:1c:7a:80:d1:ba:
c6:16:30:b9:2f:5d:16:d5:c0:18:a5:2b:98:22:d1:66:e0:f9:
7b:16:27:df:10:07:01:3a:de:a0:7d:34:bd:f1:7e:92:21:d6:
ef:15:ec:d4:94:79:39:ab:59:0e:dc:cd:cc:4c:00:c0:ae:bc:
45:35:38:fd:9d:0f:a5:92:48:f3:23:b4:7e:f6:d1:e3:4d:cf:
51:3a:51:d0:fc:de:1a:21:ff:4b:d4:6c:38:3b:88:63:f9:fc:
64:79:c8:aa:51:e8:a3:47:d6:6e:28:3d:04:a3:20:e7:94:5f:
70:97:b7:d5:68:65:2a:4b:be:dd:75:d9:6e:9e:51:a6:b6:dd:
28:28:47:4d:39:78:4e:c2:39:8d:46:dd:89:65:94:e7:ba:e2:
9a:8e:87:63:7c:15:31:b2:49:3a:db:ee:6f:0f:a4:e3:86:a6:
e6:45:e9:c7:a6:8c:aa:8b:fe:c0:11:0b:97:92:3b:36:e3:f2:
b3:85:28:8a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYspEYRxqos5/mQA1OD7k5tqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDEzMTI0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTYxN2I3YmVhNzVhNjhjODBmOTc3NDQxYjhmNDM0ZDkxZDViNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtsucp/3ezpAnuISi9quZ8sPNvGy
j8rzb/vealqVEAMugT5lCeyTkLYHEP/9Qre50/HUnPwsfxquR19mm/vuY4QoW6Fa
SJJtsJ2PYouwOqEOQTs9K0OdSU0Lqn3oaXtTyrjuoy53Saib1F1NPawzSacoPDvl
Lddnb2CoaMg+l1jZk44CcwMTaL0t4D+cS7WHoMPN5CHQadJrIrTz+Lu50AS+PFNF
wDT2s9M3zyNF5roEkDca6ciu9ANiZppzc6gA2/ED7Jdiwt2BNkJgxqVNURPtX+5h
2Tl21S46qpYd0hkWU40sRQtHR6LftvNm/uhTWIw5eQ1TH0yAd2P862XGoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDlhe3vqdaaMgPl3RBuPQ02R1bU/MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvT1dGN2UtcDFwb3lBLVhkRUc0OURUWkhWdFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW+QOMAwD
BABemiEDBABemiQwDQYJKoZIhvcNAQELBQADggEBAJEa8h3dEcJL5ydZ/a9QHNr0
A4JPVxh9E2LN+yPP06BVwykLWyXCC0EQExGS4clioY3ZGXtRPkM6y0w64VWttaO6
30cceoDRusYWMLkvXRbVwBilK5gi0Wbg+XsWJ98QBwE63qB9NL3xfpIh1u8V7NSU
eTmrWQ7czcxMAMCuvEU1OP2dD6WSSPMjtH720eNNz1E6UdD83hoh/0vUbDg7iGP5
/GR5yKpR6KNH1m4oPQSjIOeUX3CXt9VoZSpLvt112W6eUaa23SgoR005eE7COY1G
3YlllOe64pqOh2N8FTGySTrb7m8PpOOGpuZF6cemjKqL/sARC5eSOzbj8rOFKIo=
-----END CERTIFICATE-----
Generated at Mon Oct 16 19:12:31 2023 by rpki-client on console-fra.rpki-client.org