Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_npaPPrUeMkZdxZxkiHIevUnOfo.roa
File: _npaPPrUeMkZdxZxkiHIevUnOfo.roa (raw, json)
Hash identifier: IDDwAve7qRQjvUDYzojPuTNBJrNB5xWFuutV/iyp1TA=
Subject key identifier: FE:7A:5A:3C:FA:D4:78:C9:19:77:16:71:92:21:C8:7A:F5:27:39:FA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CC7257D0E8B539EFF5F5FFFDB326EDB0A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_npaPPrUeMkZdxZxkiHIevUnOfo.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7d:0e:8b:53:9e:ff:5f:5f:ff:db:32:6e:db:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe7a5a3cfad478c9197716719221c87af52739fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:14:91:f9:ce:b0:9b:bb:fc:fb:51:61:da:
ca:06:85:ea:af:28:1e:db:37:fc:6f:1c:88:30:ef:
01:78:ea:bb:75:54:a8:91:7f:76:83:c3:da:16:23:
b3:a0:04:f4:50:bb:f0:b4:25:5f:82:16:d4:64:94:
c1:13:a0:0d:58:43:65:00:ed:5a:53:3d:8a:9e:2c:
db:87:45:cb:c3:fa:96:c4:41:82:a9:2c:6a:6e:02:
e6:2b:0a:d0:2a:40:1c:30:b5:3f:77:86:0f:bc:73:
2a:d2:34:cf:50:28:5e:f4:fb:ed:5b:1a:da:5b:8b:
22:87:b9:a3:91:6d:12:d8:01:1d:be:fc:d0:b3:55:
e7:04:bb:e2:25:7d:df:31:06:d0:c5:70:07:6f:62:
06:70:56:45:a1:9c:6c:34:e3:26:1a:cc:ad:a0:75:
f5:20:4e:36:6e:85:3a:60:e0:3b:c5:e1:b0:0d:7c:
37:71:73:3d:87:f9:f6:48:53:7f:97:05:e2:cf:04:
3f:f4:1f:a5:15:f6:35:a3:af:65:3b:d7:cb:53:35:
8d:51:bc:7f:1b:36:98:78:c7:61:f8:19:3b:57:9a:
a5:4b:81:77:74:7b:38:7e:7e:26:6e:41:6b:6f:b5:
1a:25:21:43:7d:d9:92:ea:aa:14:94:c0:5e:4a:bb:
0a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7A:5A:3C:FA:D4:78:C9:19:77:16:71:92:21:C8:7A:F5:27:39:FA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/_npaPPrUeMkZdxZxkiHIevUnOfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/23
91.228.15.0/24
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
74:0a:29:f1:48:b5:8c:90:e9:63:39:38:59:86:57:5b:05:3a:
02:d9:8b:de:bf:57:6a:30:bc:8b:f7:12:dc:71:57:0e:0c:17:
ea:8e:96:2e:9c:54:3f:74:42:2d:17:3a:d6:d5:20:d7:7e:7c:
f4:a4:f1:c5:c2:56:24:86:fb:59:f7:2a:db:05:69:f0:cb:46:
50:4a:cc:63:f9:19:5f:cf:03:11:55:7e:0f:1d:68:35:62:43:
f9:3a:14:9f:7c:d1:62:13:01:bc:08:5d:9f:75:57:90:9a:9b:
82:87:4b:fd:04:73:ea:1c:3b:bd:a1:1b:ef:7a:74:b3:f1:a7:
b6:98:48:80:b9:3a:fb:ed:b9:0e:2e:2f:23:d6:29:2c:7b:a2:
8f:3c:15:12:8e:04:a3:a3:3c:32:2c:71:89:fe:60:31:fb:20:
c4:ee:06:89:df:80:80:24:2e:a3:f5:be:c7:40:f4:ef:3c:36:
1d:96:f5:b8:74:c0:a2:0e:7e:7a:24:17:d6:2e:8b:58:24:11:
6f:41:cb:4d:29:d4:a0:7d:70:c9:34:ce:c6:87:12:ff:26:50:
e9:8c:35:0c:d1:d7:df:9a:0e:02:1e:89:9f:b8:18:c4:2a:96:
44:46:ad:ab:7a:d8:48:77:24:b1:98:09:71:59:8b:8d:81:d4:
91:34:09:a6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJX0Oi1Oe/19f/9sybtsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTdhNWEzY2ZhZDQ3OGM5MTk3NzE2NzE5MjIxYzg3YWY1MjczOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmocUkfnOsJu7/PtRYdrKBoXqryge
2zf8bxyIMO8BeOq7dVSokX92g8PaFiOzoAT0ULvwtCVfghbUZJTBE6ANWENlAO1a
Uz2Knizbh0XLw/qWxEGCqSxqbgLmKwrQKkAcMLU/d4YPvHMq0jTPUChe9PvtWxra
W4sih7mjkW0S2AEdvvzQs1XnBLviJX3fMQbQxXAHb2IGcFZFoZxsNOMmGsytoHX1
IE42boU6YOA7xeGwDXw3cXM9h/n2SFN/lwXizwQ/9B+lFfY1o69lO9fLUzWNUbx/
GzaYeMdh+Bk7V5qlS4F3dHs4fn4mbkFrb7UaJSFDfdmS6qoUlMBeSrsKaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP56Wjz61HjJGXcWcZIhyHr1Jzn6MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvX25wYVBQclVlTWtaZHhaeGtpSElldlVuT2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW+QMAwQA
W+QPMAwDBAVemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAHQKKfFItYyQ6WM5
OFmGV1sFOgLZi96/V2owvIv3EtxxVw4MF+qOli6cVD90Qi0XOtbVINd+fPSk8cXC
ViSG+1n3KtsFafDLRlBKzGP5GV/PAxFVfg8daDViQ/k6FJ980WITAbwIXZ91V5Ca
m4KHS/0Ec+ocO72hG+96dLPxp7aYSIC5OvvtuQ4uLyPWKSx7oo88FRKOBKOjPDIs
cYn+YDH7IMTuBonfgIAkLqP1vsdA9O88Nh2W9bh0wKIOfnokF9Yui1gkEW9By00p
1KB9cMk0zsaHEv8mUOmMNQzR19+aDgIeiZ+4GMQqlkRGrat62Eh3JLGYCXFZi42B
1JE0CaY=
-----END CERTIFICATE-----
Generated at Wed Jan 3 19:17:25 2024 by rpki-client on console-fra.rpki-client.org