Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XdkuUlsTYfWKLrQOeZBZ2lxjmys.roa
File: XdkuUlsTYfWKLrQOeZBZ2lxjmys.roa (raw, json)
Hash identifier: 5HdSoYotmDH37h2WsBfKuudipYQrMtYcdAyxdqjM4XY=
Subject key identifier: 5D:D9:2E:52:5B:13:61:F5:8A:2E:B4:0E:79:90:59:DA:5C:63:9B:2B
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018C1AD5648E6B56AE9923CDD65BE2576056
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XdkuUlsTYfWKLrQOeZBZ2lxjmys.roa
Signing time: Wed 29 Nov 2023 11:27:21 +0000
ROA not before: Wed 29 Nov 2023 11:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.228.12.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:d5:64:8e:6b:56:ae:99:23:cd:d6:5b:e2:57:60:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 29 11:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd92e525b1361f58a2eb40e799059da5c639b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:40:48:e5:99:6b:b2:4e:40:4a:77:a8:61:fb:
b0:94:68:20:b4:92:37:f0:1c:04:64:be:b5:0d:00:
4e:58:a0:8d:a5:12:e0:75:cb:09:ac:f2:7b:3b:23:
5b:3c:e3:03:88:0d:a4:2f:86:7f:e6:39:68:07:7f:
8d:a1:40:95:ae:db:68:a2:4b:58:d6:c4:fb:f3:16:
8a:f1:b4:23:e4:18:72:91:7c:8a:26:61:e0:75:d6:
01:bc:61:f4:4a:74:4d:7e:0d:7c:49:ac:b9:0c:50:
8c:84:10:97:ea:98:c5:a3:19:d0:8c:9b:ba:dd:4c:
6a:48:0a:6b:0a:a1:83:f2:8e:9c:13:bb:8f:b2:14:
d7:a7:58:a3:52:a0:11:b6:15:6e:0d:9d:20:91:58:
42:16:88:54:33:09:71:6e:2e:3e:ad:1e:87:5a:c0:
47:30:06:b5:96:2f:59:07:04:b9:0b:3c:94:49:d0:
4a:ec:36:6f:9d:28:7e:02:05:05:03:db:34:9d:a5:
8c:b5:6c:53:01:29:a2:bb:e5:59:1e:8a:1d:42:03:
d4:c1:e7:5e:69:14:bd:f2:ce:22:c4:90:bb:c5:83:
51:e7:6d:99:6e:ba:4d:27:35:02:51:82:6a:6b:2d:
4a:73:8b:ee:df:5f:67:2d:a7:b6:63:92:44:b5:89:
10:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D9:2E:52:5B:13:61:F5:8A:2E:B4:0E:79:90:59:DA:5C:63:9B:2B
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XdkuUlsTYfWKLrQOeZBZ2lxjmys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:2b:6b:55:05:2b:0e:19:1b:7d:0d:20:c7:05:a3:99:aa:3d:
9e:23:db:22:f9:91:42:6a:4d:eb:69:f4:fc:e7:52:d0:76:cc:
44:c2:d9:17:c7:76:75:ce:6a:a8:33:ff:ba:a9:61:5a:1d:1b:
e4:d0:93:36:09:05:fa:1f:e5:b8:ae:11:24:46:57:90:a8:4e:
6c:ac:f9:48:6e:8b:35:3f:65:0d:7a:d3:7c:a4:58:5b:ee:79:
99:7a:72:f9:e0:ef:a3:06:36:93:a7:2b:b4:46:d9:b8:c2:f3:
0b:32:89:e1:f6:44:6a:f3:fa:f7:01:27:93:b3:ea:3d:d1:c7:
ec:35:ff:4a:a3:b1:08:c7:a3:b7:89:72:d8:24:1c:0b:41:9d:
33:c5:11:de:cc:76:b9:c2:b5:87:dc:ff:78:b4:05:d3:49:a8:
a7:bb:ae:1f:81:30:cc:f4:0c:fe:f9:a7:7e:88:2f:f7:5e:11:
ec:84:24:5f:a2:80:88:28:3e:a7:0f:90:29:ef:08:cd:6d:84:
63:8a:e6:28:06:de:d6:3a:16:84:cc:76:7a:6d:7f:09:60:eb:
8d:e2:53:13:b0:c6:3a:6d:b7:ff:e4:30:91:5e:ab:9c:03:3d:
dc:62:75:9b:4a:34:b5:95:ba:ad:7b:8b:96:5a:b0:98:97:03:
f1:95:9c:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwa1WSOa1aumSPN1lviV2BWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTI5MTEyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ5MmU1MjViMTM2MWY1OGEyZWI0MGU3OTkwNTlkYTVjNjM5YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkBI5Zlrsk5ASneoYfuwlGggtJI3
8BwEZL61DQBOWKCNpRLgdcsJrPJ7OyNbPOMDiA2kL4Z/5jloB3+NoUCVrttooktY
1sT78xaK8bQj5BhykXyKJmHgddYBvGH0SnRNfg18Say5DFCMhBCX6pjFoxnQjJu6
3UxqSAprCqGD8o6cE7uPshTXp1ijUqARthVuDZ0gkVhCFohUMwlxbi4+rR6HWsBH
MAa1li9ZBwS5CzyUSdBK7DZvnSh+AgUFA9s0naWMtWxTASmiu+VZHoodQgPUwede
aRS98s4ixJC7xYNR522ZbrpNJzUCUYJqay1Kc4vu319nLae2Y5JEtYkQ0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3ZLlJbE2H1ii60DnmQWdpcY5srMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvWGRrdVVsc1RZZldLTHJRT2VaQloybHhqbXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QMAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQC4K2tVBSsOGRt9DSDHBaOZqj2eI9si+ZFC
ak3rafT851LQdsxEwtkXx3Z1zmqoM/+6qWFaHRvk0JM2CQX6H+W4rhEkRleQqE5s
rPlIbos1P2UNetN8pFhb7nmZenL54O+jBjaTpyu0Rtm4wvMLMonh9kRq8/r3ASeT
s+o90cfsNf9Ko7EIx6O3iXLYJBwLQZ0zxRHezHa5wrWH3P94tAXTSainu64fgTDM
9Az++ad+iC/3XhHshCRfooCIKD6nD5Ap7wjNbYRjiuYoBt7WOhaEzHZ6bX8JYOuN
4lMTsMY6bbf/5DCRXqucAz3cYnWbSjS1lbqte4uWWrCYlwPxlZxZ
-----END CERTIFICATE-----
Generated at Wed Dec 27 23:36:36 2023 by rpki-client on console-ams.rpki-client.org