Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UtwfgVWUVF-84KbHlV4j8tYu-qA.roa
File: UtwfgVWUVF-84KbHlV4j8tYu-qA.roa (raw, json)
Hash identifier: 4MqMdj/84SqdT1uxb1W7e2DQsx5qln2US0w6q36WCA4=
Subject key identifier: 52:DC:1F:81:55:94:54:5F:BC:E0:A6:C7:95:5E:23:F2:D6:2E:FA:A0
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018A6A72F9A125C0E7CEA959267E2E13BAD5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UtwfgVWUVF-84KbHlV4j8tYu-qA.roa
Signing time: Wed 06 Sep 2023 12:23:54 +0000
ROA not before: Wed 06 Sep 2023 12:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:72:f9:a1:25:c0:e7:ce:a9:59:26:7e:2e:13:ba:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 6 12:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52dc1f815594545fbce0a6c7955e23f2d62efaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:0b:ed:1f:0e:7d:02:db:bf:a6:72:db:c7:
db:e0:9c:4c:de:60:51:a1:32:47:fe:59:15:9c:b1:
36:6a:33:e5:96:ae:7c:0d:0f:bb:c3:ca:f9:29:77:
62:c3:15:26:4e:29:04:2d:aa:63:e2:54:3f:f1:34:
18:25:01:a7:ed:a5:08:3d:5f:0a:2f:9c:43:d6:c9:
99:59:20:f3:6a:c1:b3:f8:9f:c7:c1:c8:5c:ec:6f:
40:08:15:86:4e:a3:62:7b:af:1b:fa:85:86:63:11:
1a:06:65:84:ff:16:54:0b:4d:2d:14:26:0a:5b:ef:
cb:57:9b:2b:2d:03:f9:67:1f:66:e2:dd:43:71:a0:
e6:9b:d0:26:5c:6e:b7:eb:c3:c4:71:d0:04:89:ac:
e5:5c:b6:8b:a0:19:bd:07:04:5f:29:89:1f:ba:ac:
75:55:98:77:58:a4:f3:fb:43:6c:ea:97:6b:c8:34:
da:ff:10:f1:a1:7c:7c:bc:b5:1f:c2:22:31:6a:5c:
27:2a:70:a3:83:be:ad:8a:35:6e:92:7f:d8:af:0f:
03:83:0b:78:7f:68:d5:9c:c9:5c:7d:59:32:a3:d0:
66:c9:7e:53:84:9a:b7:0f:11:2e:b5:d3:a7:f9:6a:
47:f0:6d:4b:bc:b7:c0:60:27:36:f8:94:f6:c0:74:
13:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DC:1F:81:55:94:54:5F:BC:E0:A6:C7:95:5E:23:F2:D6:2E:FA:A0
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/UtwfgVWUVF-84KbHlV4j8tYu-qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.33.0/24
94.154.37.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:40:b7:1f:e7:4d:26:86:8c:43:ef:0b:64:3d:b6:6f:55:b0:
d5:e8:d2:15:83:70:ab:8a:a4:e5:e5:fb:e7:fc:1c:78:be:4e:
83:c6:a6:89:4e:f4:9b:c9:af:8a:e3:03:c8:4d:4f:3f:7f:a7:
4a:06:fe:b7:b7:ea:2a:04:45:a5:8f:b8:11:38:67:05:dc:9d:
20:b1:4e:65:44:43:0f:f4:43:95:ec:a0:e2:0f:63:37:85:f4:
2d:42:2a:f1:6d:c4:e7:2e:a7:61:87:3d:cd:36:0c:d3:57:e2:
2b:9b:c9:ed:3a:1a:de:3f:09:1e:00:6f:40:0d:af:d3:48:18:
52:19:6a:81:c2:0d:4f:d7:63:f2:7a:3d:2e:c2:83:af:66:fd:
d8:8a:1d:dc:3b:ab:f8:58:f4:3b:64:66:c0:5b:48:82:b4:c3:
33:4a:79:03:b2:df:47:6a:9a:d5:54:8e:03:2a:0c:58:70:61:
f8:be:09:3d:35:8c:9b:a7:f7:f4:4a:a9:f9:5c:b6:65:12:4d:
96:1a:ea:96:a5:00:7a:82:8b:0c:10:90:0c:6c:bc:1d:42:37:
87:48:1c:5c:d0:2f:f2:df:a8:e7:38:2f:50:d1:56:ea:63:2e:
9b:cf:12:33:0a:63:7d:c4:da:72:3d:6e:45:72:25:ae:73:fc:
e7:9e:cf:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpqcvmhJcDnzqlZJn4uE7rVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTA2MTIyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRjMWY4MTU1OTQ1NDVmYmNlMGE2Yzc5NTVlMjNmMmQ2MmVmYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv8L7R8OfQLbv6Zy28fb4JxM3mBR
oTJH/lkVnLE2ajPllq58DQ+7w8r5KXdiwxUmTikELapj4lQ/8TQYJQGn7aUIPV8K
L5xD1smZWSDzasGz+J/Hwchc7G9ACBWGTqNie68b+oWGYxEaBmWE/xZUC00tFCYK
W+/LV5srLQP5Zx9m4t1DcaDmm9AmXG6368PEcdAEiazlXLaLoBm9BwRfKYkfuqx1
VZh3WKTz+0Ns6pdryDTa/xDxoXx8vLUfwiIxalwnKnCjg76tijVukn/Yrw8Dgwt4
f2jVnMlcfVkyo9BmyX5ThJq3DxEutdOn+WpH8G1LvLfAYCc2+JT2wHQTxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFLcH4FVlFRfvOCmx5VeI/LWLvqgMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVXR3ZmdWV1VWRi04NEtiSGxWNGo4dFl1LXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+QOAwQA
XpohAwQAXpolMA0GCSqGSIb3DQEBCwUAA4IBAQCOQLcf500mhoxD7wtkPbZvVbDV
6NIVg3CriqTl5fvn/Bx4vk6DxqaJTvSbya+K4wPITU8/f6dKBv63t+oqBEWlj7gR
OGcF3J0gsU5lREMP9EOV7KDiD2M3hfQtQirxbcTnLqdhhz3NNgzTV+Irm8ntOhre
PwkeAG9ADa/TSBhSGWqBwg1P12Pyej0uwoOvZv3Yih3cO6v4WPQ7ZGbAW0iCtMMz
SnkDst9HaprVVI4DKgxYcGH4vgk9NYybp/f0Sqn5XLZlEk2WGuqWpQB6gosMEJAM
bLwdQjeHSBxc0C/y36jnOC9Q0VbqYy6bzxIzCmN9xNpyPW5FciWuc/znns9E
-----END CERTIFICATE-----
Generated at Thu Sep 7 12:10:54 2023 by rpki-client on console-fra.rpki-client.org