Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XwbRg57XUlZa51R_pUdT5TzYfyk.roa
File: XwbRg57XUlZa51R_pUdT5TzYfyk.roa (raw, json)
Hash identifier: HvStFJrSIpOyhRc6LOPKY1dW5rAFrEmZzQl6BOESrPk=
Subject key identifier: 5F:06:D1:83:9E:D7:52:56:5A:E7:54:7F:A5:47:53:E5:3C:D8:7F:29
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018871210F2F43A410A67A0485F0D90A0FE5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XwbRg57XUlZa51R_pUdT5TzYfyk.roa
Signing time: Wed 31 May 2023 09:26:11 +0000
ROA not before: Wed 31 May 2023 09:26:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.14.0/23 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 10:07:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:21:0f:2f:43:a4:10:a6:7a:04:85:f0:d9:0a:0f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: May 31 09:26:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f06d1839ed752565ae7547fa54753e53cd87f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c1:30:f2:9e:ea:00:02:64:b5:7b:2e:de:33:
c5:e3:af:32:fb:56:be:ef:34:65:39:83:a2:5e:6d:
fd:48:8b:90:3f:3e:c1:a7:b6:d6:cb:31:ee:4a:b6:
13:69:15:13:eb:41:31:8b:6e:79:50:26:bf:1d:bc:
bb:22:fc:48:ea:17:fa:5e:48:de:97:a7:ca:be:18:
d4:ca:5a:4a:c7:ac:43:89:8c:ec:d6:5e:e6:b3:1d:
50:40:a3:63:e0:5b:3f:ff:15:53:9c:ab:f6:1c:e1:
fa:3f:70:4e:ca:b1:cc:ae:a4:86:68:c2:f1:35:b4:
3b:f2:73:77:3d:98:04:eb:b7:ee:23:98:42:05:45:
33:6d:44:3a:7c:84:e9:cf:1a:ee:b1:a3:98:69:b7:
03:e0:ef:47:83:c2:7b:a7:1a:c1:88:b3:92:2f:0c:
86:86:d0:06:9b:71:44:40:20:e8:fc:f1:49:29:e6:
4f:e5:be:95:d3:41:83:c2:ba:df:af:5b:f1:38:11:
65:c9:85:32:e0:a5:1c:8c:45:41:c0:52:73:8d:ff:
af:e0:b0:35:18:51:cf:c1:a1:cd:e0:d1:71:fb:6b:
ea:af:4a:d4:94:d5:5c:b7:be:fe:16:e6:db:04:d4:
30:c5:d9:95:a6:6c:e7:cd:6a:70:6a:98:7a:22:e2:
1c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:06:D1:83:9E:D7:52:56:5A:E7:54:7F:A5:47:53:E5:3C:D8:7F:29
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/XwbRg57XUlZa51R_pUdT5TzYfyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.33.0-94.154.34.255
Signature Algorithm: sha256WithRSAEncryption
2f:ae:a9:7d:c9:09:76:89:99:1c:f1:f3:67:e0:e4:f8:20:82:
5a:79:e5:97:da:fe:b9:bb:a9:a8:18:98:8c:79:10:4a:71:26:
c1:00:79:b9:08:1d:23:c1:76:76:18:a8:4b:17:52:81:58:e1:
49:71:86:1a:d2:4f:65:d0:df:4a:38:bd:12:57:26:bd:fe:57:
bb:74:1f:49:bb:64:ea:8a:f5:7e:d3:38:51:18:0f:a4:67:ae:
38:9d:ae:5d:4d:db:07:41:f6:df:ae:7e:73:86:b5:8c:9f:24:
c8:9f:37:79:95:64:e9:ab:ee:9a:f9:10:65:47:a7:f4:7a:24:
5a:d4:67:27:c5:29:a1:7d:0a:12:6b:0f:56:d4:95:01:35:96:
63:56:72:7b:6c:c2:16:8b:61:39:1a:5d:ae:1c:0d:8a:5c:2d:
18:43:9e:29:f6:48:d3:42:00:2c:40:8c:35:23:d4:44:ab:84:
60:eb:bd:b0:02:e3:fc:6f:31:9e:44:45:9c:8d:35:56:83:8b:
8a:8d:73:2f:d9:b2:6e:08:32:23:67:87:ad:8b:84:7e:e4:b9:
32:36:0f:cc:d0:20:bf:45:8f:18:cb:f2:4b:37:15:c8:26:61:
c9:34:b2:1e:5c:55:b0:e1:7d:d0:28:9f:0e:cc:28:e0:ac:9e:
9e:df:94:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYhxIQ8vQ6QQpnoEhfDZCg/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwNTMxMDkyNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA2ZDE4MzllZDc1MjU2NWFlNzU0N2ZhNTQ3NTNlNTNjZDg3ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMEw8p7qAAJktXsu3jPF468y+1a+
7zRlOYOiXm39SIuQPz7Bp7bWyzHuSrYTaRUT60Exi255UCa/Hby7IvxI6hf6Xkje
l6fKvhjUylpKx6xDiYzs1l7msx1QQKNj4Fs//xVTnKv2HOH6P3BOyrHMrqSGaMLx
NbQ78nN3PZgE67fuI5hCBUUzbUQ6fITpzxrusaOYabcD4O9Hg8J7pxrBiLOSLwyG
htAGm3FEQCDo/PFJKeZP5b6V00GDwrrfr1vxOBFlyYUy4KUcjEVBwFJzjf+v4LA1
GFHPwaHN4NFx+2vqr0rUlNVct77+FubbBNQwxdmVpmznzWpwaph6IuIcYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF8G0YOe11JWWudUf6VHU+U82H8pMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvWHdiUmc1N1hVbFphNTFSX3BVZFQ1VHpZZnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBABemiEDBABemiIwDQYJKoZIhvcNAQELBQADggEBAC+uqX3JCXaJmRzx
82fg5Pggglp55Zfa/rm7qagYmIx5EEpxJsEAebkIHSPBdnYYqEsXUoFY4UlxhhrS
T2XQ30o4vRJXJr3+V7t0H0m7ZOqK9X7TOFEYD6Rnrjidrl1N2wdB9t+ufnOGtYyf
JMifN3mVZOmr7pr5EGVHp/R6JFrUZyfFKaF9ChJrD1bUlQE1lmNWcntswhaLYTka
Xa4cDYpcLRhDnin2SNNCACxAjDUj1ESrhGDrvbAC4/xvMZ5ERZyNNVaDi4qNcy/Z
sm4IMiNnh62LhH7kuTI2D8zQIL9FjxjL8ks3FcgmYck0sh5cVbDhfdAonw7MKOCs
np7flOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org