Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/U2iE_eacGigKBFk-w-l8Av_EGJ4.roa
File: U2iE_eacGigKBFk-w-l8Av_EGJ4.roa (raw, json)
Hash identifier: Gr8IiUcHPe+kTIFMBDdm0w3NbYgUy8xXPrdHJS7/924=
Subject key identifier: 53:68:84:FD:E6:9C:1A:28:0A:04:59:3E:C3:E9:7C:02:FF:C4:18:9E
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018EA34DBF597D8C21F8B977BEB523B5B5EA
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/U2iE_eacGigKBFk-w-l8Av_EGJ4.roa
Signing time: Wed 03 Apr 2024 09:32:45 +0000
ROA not before: Wed 03 Apr 2024 09:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 18:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:4d:bf:59:7d:8c:21:f8:b9:77:be:b5:23:b5:b5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 3 09:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536884fde69c1a280a04593ec3e97c02ffc4189e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:63:64:72:a7:fe:0b:13:96:a9:1d:e0:45:
be:dd:4a:1a:11:e4:9b:c8:3a:a7:9b:5f:62:d1:84:
f9:ad:8d:48:8b:fc:cb:2b:b2:a1:b7:ef:89:c4:86:
67:7c:da:68:f7:30:2c:85:c1:62:45:83:90:aa:30:
cd:dd:d4:38:6c:c6:2c:5a:8c:af:35:60:23:09:52:
7b:e2:5b:94:43:23:92:44:de:1f:9e:b7:cb:4d:d2:
37:f6:42:cd:30:fd:c8:25:c1:de:f0:27:0a:ac:53:
27:68:83:a1:3d:ae:cd:25:b5:8b:be:10:90:aa:9f:
c1:05:22:88:e8:99:7e:60:cb:52:b7:fc:60:06:4d:
63:e6:83:ff:01:09:b7:80:f4:a3:61:1b:10:0f:15:
4e:73:f9:57:9f:74:a6:09:47:4b:f2:b1:86:60:9f:
93:77:fd:20:e9:0c:e0:13:ca:99:1c:c5:77:af:73:
ea:ef:fd:67:6a:0b:22:ef:15:22:7f:bc:eb:6d:58:
5d:2d:ff:83:f8:15:21:b9:7a:ad:30:2e:49:b9:46:
4a:60:e0:51:db:a3:8e:31:f9:63:ed:b1:2a:82:1b:
d1:74:59:0c:81:61:87:07:8d:b2:c3:c9:b6:ce:89:
0b:6c:e8:72:b3:b9:a1:ee:78:83:b2:ce:7e:34:af:
b8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:68:84:FD:E6:9C:1A:28:0A:04:59:3E:C3:E9:7C:02:FF:C4:18:9E
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/U2iE_eacGigKBFk-w-l8Av_EGJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.14.255
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:1c:91:13:f5:9f:74:95:ee:02:21:0f:22:2a:62:39:72:f7:
66:7b:01:d0:16:4f:b3:82:31:7e:e0:7f:38:2b:42:10:a0:d6:
a8:b5:8a:58:5a:62:54:ef:ab:4d:2c:f9:ba:d9:cf:e2:c6:7d:
ab:f6:ae:ec:41:eb:b0:28:47:73:e4:33:5b:d9:1c:03:64:7d:
01:9b:de:2e:65:6a:5b:ed:24:f4:29:5f:55:f0:01:8d:54:23:
df:9b:2d:02:63:87:69:11:01:b3:ca:cc:42:d8:d0:86:f7:d2:
53:0c:f3:1d:8f:7f:bd:9d:e5:e1:e5:fa:8d:a2:d2:50:0d:c0:
32:d0:b1:3b:32:16:45:20:e8:3c:84:28:ea:1c:77:7e:0b:48:
bb:1b:ce:5f:a9:70:8f:54:cb:8e:af:a7:cb:f9:6f:63:0f:cd:
68:ec:c0:fd:8d:9e:c2:4f:0a:c4:06:4b:54:04:f3:ed:ca:ad:
b4:84:75:56:89:6e:d1:6c:42:2b:d5:3b:89:63:96:3e:6f:0c:
4e:3e:53:bc:af:68:8f:9a:64:51:40:46:c5:21:05:c8:15:1c:
e3:e4:35:9d:9d:6b:14:16:83:ce:51:7d:8c:62:2e:cb:02:82:
65:db:61:5e:c7:d2:be:c5:4c:87:48:a1:8a:58:b0:de:b0:b0:
ae:29:94:b1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY6jTb9ZfYwh+Ll3vrUjtbXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDAzMDkzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY4ODRmZGU2OWMxYTI4MGEwNDU5M2VjM2U5N2MwMmZmYzQxODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q5jZHKn/gsTlqkd4EW+3UoaEeSb
yDqnm19i0YT5rY1Ii/zLK7Kht++JxIZnfNpo9zAshcFiRYOQqjDN3dQ4bMYsWoyv
NWAjCVJ74luUQyOSRN4fnrfLTdI39kLNMP3IJcHe8CcKrFMnaIOhPa7NJbWLvhCQ
qp/BBSKI6Jl+YMtSt/xgBk1j5oP/AQm3gPSjYRsQDxVOc/lXn3SmCUdL8rGGYJ+T
d/0g6QzgE8qZHMV3r3Pq7/1nagsi7xUif7zrbVhdLf+D+BUhuXqtMC5JuUZKYOBR
26OOMflj7bEqghvRdFkMgWGHB42yw8m2zokLbOhys7mh7niDss5+NK+4qwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFNohP3mnBooCgRZPsPpfAL/xBieMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVTJpRV9lYWNHaWdLQkZrLXctbDhBdl9FR0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABb5A0D
BABb5A4DBABemiIDBAFemiQwDQYJKoZIhvcNAQELBQADggEBALIckRP1n3SV7gIh
DyIqYjly92Z7AdAWT7OCMX7gfzgrQhCg1qi1ilhaYlTvq00s+brZz+LGfav2ruxB
67AoR3PkM1vZHANkfQGb3i5lalvtJPQpX1XwAY1UI9+bLQJjh2kRAbPKzELY0Ib3
0lMM8x2Pf72d5eHl+o2i0lANwDLQsTsyFkUg6DyEKOocd34LSLsbzl+pcI9Uy46v
p8v5b2MPzWjswP2NnsJPCsQGS1QE8+3KrbSEdVaJbtFsQivVO4ljlj5vDE4+U7yv
aI+aZFFARsUhBcgVHOPkNZ2daxQWg85RfYxiLssCgmXbYV7H0r7FTIdIoYpYsN6w
sK4plLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org