Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XrwL94AMOoDW8rmJnlDEyN1Aqaw.roa
File: XrwL94AMOoDW8rmJnlDEyN1Aqaw.roa (raw, json)
Hash identifier: ylkpscIdJ9Gseh8lG3hTPosOQrbdWl6KySOkRSHztUQ=
Subject key identifier: 5E:BC:0B:F7:80:0C:3A:80:D6:F2:B9:89:9E:50:C4:C8:DD:40:A9:AC
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01860C52193A693212C660C5EC9C24202ACD
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XrwL94AMOoDW8rmJnlDEyN1Aqaw.roa
Signing time: Wed 01 Feb 2023 09:32:32 +0000
ROA not before: Wed 01 Feb 2023 09:32:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.14.0/23 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:52:19:3a:69:32:12:c6:60:c5:ec:9c:24:20:2a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 1 09:32:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ebc0bf7800c3a80d6f2b9899e50c4c8dd40a9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a7:65:43:49:84:1b:92:d7:a7:9b:3e:37:fb:
6f:a6:f2:20:c4:d1:d1:ff:31:ca:36:98:08:eb:57:
33:af:78:e2:47:18:18:44:a0:6c:55:79:34:df:47:
a0:0b:c6:42:92:de:cb:98:fa:ee:54:77:52:61:5c:
d0:45:67:48:0c:2e:0b:75:f6:bf:68:6c:00:cf:a4:
75:45:6e:c9:90:1e:34:c1:a4:aa:88:3a:76:56:24:
23:c6:f8:54:26:b1:72:63:0c:31:5e:fa:d4:5d:4a:
3d:9d:37:37:2f:95:00:6f:08:30:0f:01:1f:8a:f1:
f6:71:02:b0:c0:15:1d:40:75:6c:60:a4:08:92:e1:
7e:98:71:70:ee:98:7e:8e:76:4e:90:8a:6c:6f:95:
4a:23:84:96:3c:02:b0:44:be:41:ed:1b:09:cf:97:
ca:48:63:57:d1:e6:ed:58:53:68:26:ef:49:12:c6:
65:37:55:fe:cb:d9:07:76:5d:d7:92:62:26:23:34:
6b:f8:aa:52:7f:e8:84:9c:36:48:87:72:bc:8b:f0:
f1:19:26:72:8f:46:c2:92:04:31:6c:3a:e9:80:c0:
b3:b2:d1:9b:31:48:18:57:d3:18:3c:8f:d9:6a:d1:
68:a7:e3:1e:2a:2b:9e:60:33:fa:9a:7c:4b:7a:26:
0c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BC:0B:F7:80:0C:3A:80:D6:F2:B9:89:9E:50:C4:C8:DD:40:A9:AC
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XrwL94AMOoDW8rmJnlDEyN1Aqaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.33.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
b4:d2:d8:af:4b:78:41:da:2d:a4:b8:b6:74:78:be:46:2c:63:
03:ef:98:84:52:8f:9c:8c:98:a1:e1:32:68:68:e6:fe:c3:3b:
65:b8:fb:49:c5:56:52:50:46:41:35:84:39:0e:b4:ce:a7:2c:
fc:70:39:1b:95:5e:32:54:4b:f4:0c:05:3d:1c:a7:18:66:7e:
05:a7:a6:ee:25:62:66:94:b8:25:71:9a:f6:76:a6:8d:18:c7:
fe:8a:9c:7d:71:42:b4:61:f2:44:7d:6f:4b:d4:ac:21:5e:4b:
06:1c:0e:09:b9:ad:ee:25:1b:9c:b9:44:5e:3a:af:a5:a0:fd:
5f:c5:bf:3c:c2:73:dc:28:be:11:ac:c7:28:bb:2b:e1:04:a5:
53:8a:67:19:d0:0c:b9:61:cf:26:1c:9a:f1:98:9e:44:4b:3f:
bc:b4:71:c7:ce:61:8d:fd:9d:76:78:9b:cc:46:cd:5d:96:a7:
19:fc:d3:92:56:a3:a5:c4:f9:84:f4:4e:87:2c:7e:d3:8d:a6:
cb:49:3e:86:3c:8a:f3:6e:7f:5b:66:ef:eb:c6:e8:66:0f:9c:
f3:58:03:88:e8:9b:52:fa:30:cb:d2:1f:3e:2a:fa:83:24:44:
76:90:d9:3a:0a:24:46:13:63:b1:67:10:7c:0f:3a:dd:8e:b3:
5d:fa:62:4e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYMUhk6aTISxmDF7JwkICrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwMjAxMDkzMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJjMGJmNzgwMGMzYTgwZDZmMmI5ODk5ZTUwYzRjOGRkNDBhOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6dlQ0mEG5LXp5s+N/tvpvIgxNHR
/zHKNpgI61czr3jiRxgYRKBsVXk030egC8ZCkt7LmPruVHdSYVzQRWdIDC4Ldfa/
aGwAz6R1RW7JkB40waSqiDp2ViQjxvhUJrFyYwwxXvrUXUo9nTc3L5UAbwgwDwEf
ivH2cQKwwBUdQHVsYKQIkuF+mHFw7ph+jnZOkIpsb5VKI4SWPAKwRL5B7RsJz5fK
SGNX0ebtWFNoJu9JEsZlN1X+y9kHdl3XkmImIzRr+KpSf+iEnDZIh3K8i/DxGSZy
j0bCkgQxbDrpgMCzstGbMUgYV9MYPI/ZatFop+MeKiueYDP6mnxLeiYMjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF68C/eADDqA1vK5iZ5QxMjdQKmsMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvWHJ3TDk0QU1Pb0RXOHJtSm5sREV5TjFBcWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBABemiEDBABemiQwDQYJKoZIhvcNAQELBQADggEBALTS2K9LeEHaLaS4
tnR4vkYsYwPvmIRSj5yMmKHhMmho5v7DO2W4+0nFVlJQRkE1hDkOtM6nLPxwORuV
XjJUS/QMBT0cpxhmfgWnpu4lYmaUuCVxmvZ2po0Yx/6KnH1xQrRh8kR9b0vUrCFe
SwYcDgm5re4lG5y5RF46r6Wg/V/FvzzCc9wovhGsxyi7K+EEpVOKZxnQDLlhzyYc
mvGYnkRLP7y0ccfOYY39nXZ4m8xGzV2Wpxn805JWo6XE+YT0TocsftONpstJPoY8
ivNuf1tm7+vG6GYPnPNYA4jom1L6MMvSHz4q+oMkRHaQ2ToKJEYTY7FnEHwPOt2O
s136Yk4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org