Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UrKwhA7qlnb5FrqrkKdWaeivy_M.roa
File: UrKwhA7qlnb5FrqrkKdWaeivy_M.roa (raw, json)
Hash identifier: tu9xevD67di67y7Fv9HP8CcQXWJhEeb69RKx6VTTr80=
Subject key identifier: 52:B2:B0:84:0E:EA:96:76:F9:16:BA:AB:90:A7:56:69:E8:AF:CB:F3
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018A86109C99C01087645DE59FAA09106A8B
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UrKwhA7qlnb5FrqrkKdWaeivy_M.roa
Signing time: Mon 11 Sep 2023 21:05:50 +0000
ROA not before: Mon 11 Sep 2023 21:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:10:9c:99:c0:10:87:64:5d:e5:9f:aa:09:10:6a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 11 21:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b2b0840eea9676f916baab90a75669e8afcbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6c:17:59:59:b7:c0:43:78:9d:33:03:15:5d:
7b:97:ba:ec:6c:ba:56:10:34:99:01:e4:3f:a9:2d:
2b:92:61:a9:f8:69:fe:af:f8:5e:62:8b:65:34:38:
07:66:c1:7f:2b:ae:09:79:eb:92:b0:b2:0c:26:09:
d7:2e:50:23:7b:20:50:c1:f7:59:39:30:52:54:9f:
da:12:7f:9b:34:de:b7:7d:21:18:36:3b:e4:c7:d8:
fa:80:e4:41:c3:34:7a:a6:db:e3:2f:ce:ce:f1:ff:
5b:96:15:83:46:61:df:d9:24:59:f5:90:bb:3a:d4:
37:df:55:c7:b8:f9:48:e5:c2:62:cb:8b:b6:c6:84:
45:13:3d:50:48:33:ac:64:76:de:04:d3:ac:31:f4:
c8:10:ba:9b:09:26:9e:42:47:52:6a:8c:be:bb:bb:
60:94:81:a9:37:07:e1:61:d2:d8:f9:17:13:ea:35:
23:7b:66:99:30:af:4b:4a:f8:2e:7e:50:86:de:a1:
0a:e7:e0:4d:91:00:6e:6a:ff:9f:2f:ab:13:00:c6:
a8:f0:a4:51:7b:3a:d4:f8:fe:9a:aa:0c:75:7f:c8:
31:92:f8:fb:83:3a:2c:0c:f1:a7:0c:19:0b:66:dd:
46:4b:60:4e:fc:be:32:b4:66:4e:e2:e5:ae:5d:fa:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B2:B0:84:0E:EA:96:76:F9:16:BA:AB:90:A7:56:69:E8:AF:CB:F3
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UrKwhA7qlnb5FrqrkKdWaeivy_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
64:41:9f:93:f8:f2:d1:fc:17:a2:35:16:b7:e5:a6:84:77:69:
e6:67:0b:98:fc:0b:60:3e:06:2f:a4:8e:cd:ee:5f:1a:5e:14:
15:7c:ba:b8:1a:39:60:2b:a6:b8:df:e7:ff:46:11:ea:f2:2f:
cd:e4:42:4e:de:f1:64:ff:d8:d1:74:1c:0a:c1:67:f6:3f:d5:
bd:c3:56:36:f6:03:d3:95:98:5a:70:66:d7:ff:ec:4d:1d:04:
f9:e2:a3:57:4d:8e:29:ac:aa:33:9f:37:3d:b6:10:15:00:2e:
ed:de:da:a7:03:79:25:4b:5c:2e:64:1e:36:8c:e5:7f:16:40:
57:39:fd:9e:9c:dd:19:f8:dd:6f:91:4f:ef:bc:e3:e5:b3:c6:
c5:9e:80:bf:6f:d8:3d:c2:6f:dc:c6:a5:f9:b4:be:f9:33:24:
01:5c:ce:23:06:47:3b:53:98:72:6e:d6:70:42:86:5d:b2:5b:
6e:17:1b:bd:32:1b:43:0f:fe:0e:69:2e:bb:99:d9:d6:d8:cb:
6f:4c:3a:df:b0:85:29:c4:c0:e3:e4:7b:1b:c7:6e:4f:f7:1e:
f3:32:5a:79:15:7e:93:74:6b:44:e5:24:c0:2c:ff:7e:fe:6b:
6a:6a:23:34:08:78:22:df:15:a3:42:39:4f:e1:84:ea:a9:1b:
b9:96:64:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqGEJyZwBCHZF3ln6oJEGqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTExMjEwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIyYjA4NDBlZWE5Njc2ZjkxNmJhYWI5MGE3NTY2OWU4YWZjYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWwXWVm3wEN4nTMDFV17l7rsbLpW
EDSZAeQ/qS0rkmGp+Gn+r/heYotlNDgHZsF/K64JeeuSsLIMJgnXLlAjeyBQwfdZ
OTBSVJ/aEn+bNN63fSEYNjvkx9j6gORBwzR6ptvjL87O8f9blhWDRmHf2SRZ9ZC7
OtQ331XHuPlI5cJiy4u2xoRFEz1QSDOsZHbeBNOsMfTIELqbCSaeQkdSaoy+u7tg
lIGpNwfhYdLY+RcT6jUje2aZMK9LSvguflCG3qEK5+BNkQBuav+fL6sTAMao8KRR
ezrU+P6aqgx1f8gxkvj7gzosDPGnDBkLZt1GS2BO/L4ytGZO4uWuXfrJGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFKysIQO6pZ2+Ra6q5CnVmnor8vzMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVXJLd2hBN3FsbmI1RnJxcmtLZFdhZWl2eV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+QMAwQC
XpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQBkQZ+T+PLR/BeiNRa35aaEd2nm
ZwuY/AtgPgYvpI7N7l8aXhQVfLq4GjlgK6a43+f/RhHq8i/N5EJO3vFk/9jRdBwK
wWf2P9W9w1Y29gPTlZhacGbX/+xNHQT54qNXTY4prKoznzc9thAVAC7t3tqnA3kl
S1wuZB42jOV/FkBXOf2enN0Z+N1vkU/vvOPls8bFnoC/b9g9wm/cxqX5tL75MyQB
XM4jBkc7U5hybtZwQoZdsltuFxu9MhtDD/4OaS67mdnW2MtvTDrfsIUpxMDj5Hsb
x25P9x7zMlp5FX6TdGtE5STALP9+/mtqaiM0CHgi3xWjQjlP4YTqqRu5lmQ+
-----END CERTIFICATE-----
Generated at Tue Sep 12 18:34:53 2023 by rpki-client on console-fra.rpki-client.org