Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_jSHUcRtfkY0lHOZtrpmWiY-nJE.roa
File: _jSHUcRtfkY0lHOZtrpmWiY-nJE.roa (raw, json)
Hash identifier: WlcU/2wB5VNmfXSLABcf2tRZD9j3RWXR5hleZQcV9hw=
Subject key identifier: FE:34:87:51:C4:6D:7E:46:34:94:73:99:B6:BA:66:5A:26:3E:9C:91
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018E5F6A4A9CFE841C52C90D93A55CED43E8
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_jSHUcRtfkY0lHOZtrpmWiY-nJE.roa
Signing time: Thu 21 Mar 2024 05:09:45 +0000
ROA not before: Thu 21 Mar 2024 05:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 09:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:6a:4a:9c:fe:84:1c:52:c9:0d:93:a5:5c:ed:43:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Mar 21 05:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe348751c46d7e4634947399b6ba665a263e9c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:23:61:fb:fe:db:e2:98:ae:c1:cf:04:39:83:
6a:2d:be:30:55:f1:75:f3:e9:16:ff:5f:c2:e9:50:
c5:1a:7d:ae:68:86:93:e5:7f:4d:d0:a1:3e:21:e7:
6c:03:29:03:47:36:3d:08:4b:d0:54:29:7f:82:ae:
bf:0d:36:74:d1:66:85:83:a4:c3:0e:55:ed:d8:58:
0f:18:e9:75:fa:3b:88:b0:a6:f4:21:ae:8a:17:f7:
9c:5e:15:5e:d5:07:8f:8b:ab:39:f1:4a:d8:47:c2:
c6:72:01:54:f7:ad:8a:ea:09:06:44:1a:e4:4a:7a:
94:0c:de:b5:6d:67:ae:47:74:ad:d5:bf:ab:59:22:
ac:42:7e:8c:c3:6a:d9:c8:45:ae:1e:d3:f5:83:c0:
38:fc:b6:2b:b3:fc:d4:08:d5:be:dc:46:09:13:45:
66:47:3b:83:6b:bb:4d:c0:fc:72:81:67:11:33:e5:
ac:d9:dc:ee:e7:33:d1:f4:ff:55:b0:ca:46:3f:75:
87:cb:a8:8f:d1:75:15:34:b7:8d:ee:67:d8:7c:88:
08:2a:5b:93:01:d8:b0:c7:48:35:ae:84:1f:c3:c4:
6e:a5:1d:fc:bf:0f:27:e5:7e:08:8e:7f:81:83:64:
80:9d:15:00:fd:8f:b2:79:86:66:b2:68:a5:9b:42:
40:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:34:87:51:C4:6D:7E:46:34:94:73:99:B6:BA:66:5A:26:3E:9C:91
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_jSHUcRtfkY0lHOZtrpmWiY-nJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.15.255
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
56:67:45:a6:1d:2b:eb:4d:03:47:1f:6f:72:bc:cb:64:86:47:
ad:29:ee:90:20:6b:10:f5:42:ee:2a:e4:e9:30:82:9c:dd:f1:
11:e1:7b:81:a4:76:38:75:b6:71:ae:74:c6:23:d6:3a:ec:fe:
28:59:80:63:a7:2c:73:6d:b7:d4:d0:81:ea:b1:95:5a:64:a3:
c0:0c:26:0e:12:c9:ad:e9:b6:7b:88:b0:91:a2:9c:89:96:cb:
11:51:f2:63:9f:3d:9d:6b:31:87:ff:54:f3:86:7c:4f:52:10:
dd:e5:05:bf:1f:83:89:f1:9a:7f:d1:db:ca:68:d9:d2:dc:2a:
d9:56:e2:03:db:56:a1:1b:7a:68:49:a7:1d:64:37:ca:fb:3e:
f3:8d:58:74:66:33:3a:2c:18:f4:c7:80:a3:8d:8f:84:b6:30:
04:e5:f8:a6:f2:ee:38:b6:95:4e:dd:ed:72:95:da:70:93:3d:
53:67:bb:dd:18:af:2d:f0:64:3e:06:d6:ee:0a:c0:e4:34:93:
b3:a4:67:b5:5e:fd:2e:d9:ff:b4:a1:4f:63:27:1a:c5:39:a9:
65:c4:23:ff:78:34:e5:1a:30:3e:93:b9:b6:2f:c6:f4:a3:89:
36:8d:4b:9d:1d:63:33:ac:aa:7c:6d:13:d2:4c:4e:c2:a4:aa:
d1:31:5b:4d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY5fakqc/oQcUskNk6Vc7UPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMzIxMDUwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTM0ODc1MWM0NmQ3ZTQ2MzQ5NDczOTliNmJhNjY1YTI2M2U5YzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyNh+/7b4piuwc8EOYNqLb4wVfF1
8+kW/1/C6VDFGn2uaIaT5X9N0KE+IedsAykDRzY9CEvQVCl/gq6/DTZ00WaFg6TD
DlXt2FgPGOl1+juIsKb0Ia6KF/ecXhVe1QePi6s58UrYR8LGcgFU962K6gkGRBrk
SnqUDN61bWeuR3St1b+rWSKsQn6Mw2rZyEWuHtP1g8A4/LYrs/zUCNW+3EYJE0Vm
RzuDa7tNwPxygWcRM+Ws2dzu5zPR9P9VsMpGP3WHy6iP0XUVNLeN7mfYfIgIKluT
Adiwx0g1roQfw8RupR38vw8n5X4Ijn+Bg2SAnRUA/Y+yeYZmsmilm0JAbwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP40h1HEbX5GNJRzmba6ZlomPpyRMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvX2pTSFVjUnRma1kwbEhPWnRycG1XaVktbkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABb5A0D
BARb5AAwDAMEBV6aIAMEAF6aJjANBgkqhkiG9w0BAQsFAAOCAQEAVmdFph0r600D
Rx9vcrzLZIZHrSnukCBrEPVC7irk6TCCnN3xEeF7gaR2OHW2ca50xiPWOuz+KFmA
Y6csc2231NCB6rGVWmSjwAwmDhLJrem2e4iwkaKciZbLEVHyY589nWsxh/9U84Z8
T1IQ3eUFvx+DifGaf9HbymjZ0twq2VbiA9tWoRt6aEmnHWQ3yvs+841YdGYzOiwY
9MeAo42PhLYwBOX4pvLuOLaVTt3tcpXacJM9U2e73RivLfBkPgbW7grA5DSTs6Rn
tV79Ltn/tKFPYycaxTmpZcQj/3g05RowPpO5ti/G9KOJNo1LnR1jM6yqfG0T0kxO
wqSq0TFbTQ==
-----END CERTIFICATE-----
Generated at Wed Apr 3 14:38:34 2024 by rpki-client on console-fra.rpki-client.org