Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cYo3l7ZLgOz8CLnFtLOSq1xPRKA.roa
File: cYo3l7ZLgOz8CLnFtLOSq1xPRKA.roa (raw, json)
Hash identifier: n4a/F5jZ+HEvo2bHxwtuszE1pCPeEstQ8QPV+p+HJ88=
Subject key identifier: 71:8A:37:97:B6:4B:80:EC:FC:08:B9:C5:B4:B3:92:AB:5C:4F:44:A0
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018BA0D5ECE05A93003AD3AF56729E2B4E5D
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cYo3l7ZLgOz8CLnFtLOSq1xPRKA.roa
Signing time: Sun 05 Nov 2023 18:54:16 +0000
ROA not before: Sun 05 Nov 2023 18:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:d5:ec:e0:5a:93:00:3a:d3:af:56:72:9e:2b:4e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 5 18:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=718a3797b64b80ecfc08b9c5b4b392ab5c4f44a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:04:1d:ec:4c:47:00:86:cf:5e:4c:34:fe:
a4:93:71:ea:ad:c6:7f:7e:4b:4c:74:64:fb:9f:84:
1a:86:87:b3:10:fd:7e:3b:66:2b:60:bc:f9:3a:4b:
d7:5f:81:b5:46:3a:ba:1c:5a:82:ab:54:4d:76:8d:
77:77:d6:ba:25:99:8f:c0:a6:7a:41:e6:a2:3c:a3:
61:54:14:1d:38:aa:0c:1a:98:f3:1f:0f:7a:d6:fd:
58:80:08:a8:22:10:67:e6:07:48:10:72:da:49:e0:
d3:4b:19:e6:10:2b:c4:15:ce:b4:83:c9:ab:75:14:
d7:ab:17:11:c9:26:21:80:bc:0d:ef:dc:4e:cc:55:
a1:a7:d5:7f:b6:71:69:16:bb:eb:35:fd:16:92:b1:
5c:8a:0c:1a:f9:8f:15:1d:d6:8b:97:e7:62:16:6d:
cf:b4:82:a7:86:88:1b:91:2e:00:b2:97:e0:34:3a:
2f:4b:cd:67:05:e4:96:61:10:71:fd:72:93:33:7e:
e3:08:20:73:fe:ba:b0:16:90:68:b0:b3:ba:c8:d0:
ae:f4:e3:eb:68:c7:a0:71:5e:db:ca:e3:25:1c:1c:
d3:08:8b:cb:fb:c2:fa:75:0a:d9:81:ac:de:d4:01:
4a:33:c4:47:e2:01:24:c2:cf:bc:42:e5:52:f0:24:
30:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8A:37:97:B6:4B:80:EC:FC:08:B9:C5:B4:B3:92:AB:5C:4F:44:A0
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cYo3l7ZLgOz8CLnFtLOSq1xPRKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8c:33:d4:5f:51:f3:4f:df:38:3d:67:de:42:22:d3:8a:dd:
5c:3a:f4:59:de:f6:2e:50:4f:67:b0:43:6e:67:80:37:13:66:
cf:72:2b:fa:a5:34:0f:a3:a8:a0:75:29:a2:93:5d:5d:1b:3f:
d0:9f:6f:67:35:2d:fe:f7:cc:13:db:b4:6f:e3:f3:89:f9:4c:
ec:e8:aa:54:83:88:ca:f5:2d:ea:c8:5f:65:59:e2:5c:82:26:
c4:f3:62:44:e6:ec:0d:64:da:c4:50:a9:cc:9a:ac:48:e9:df:
49:2d:af:c4:ef:14:73:74:60:2b:c3:f5:2b:b9:03:ee:b4:ec:
ff:89:34:7a:6e:68:8c:c2:03:96:a7:95:23:39:d2:8d:9d:0a:
b5:7f:97:eb:60:36:79:8f:88:b2:4f:a0:5f:55:e3:83:a9:da:
2d:03:30:98:88:f7:6e:be:b7:d0:19:fd:c4:71:89:82:d6:bd:
20:e2:6c:cd:bf:05:8e:d1:9b:84:89:3e:4a:de:3b:31:6f:eb:
e8:c5:c0:74:0f:c3:51:96:40:fc:3a:9a:b0:99:da:14:98:58:
c5:e5:43:35:a7:ba:f1:ec:27:66:fa:97:a4:c4:c8:f5:cc:3b:
a2:77:91:8d:77:4e:9c:aa:71:e1:d4:db:46:a9:be:3a:28:ff:
b5:b1:7c:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYug1ezgWpMAOtOvVnKeK05dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTA1MTg1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MThhMzc5N2I2NGI4MGVjZmMwOGI5YzViNGIzOTJhYjVjNGY0NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVkEHexMRwCGz15MNP6kk3HqrcZ/
fktMdGT7n4QahoezEP1+O2YrYLz5OkvXX4G1Rjq6HFqCq1RNdo13d9a6JZmPwKZ6
QeaiPKNhVBQdOKoMGpjzHw961v1YgAioIhBn5gdIEHLaSeDTSxnmECvEFc60g8mr
dRTXqxcRySYhgLwN79xOzFWhp9V/tnFpFrvrNf0WkrFcigwa+Y8VHdaLl+diFm3P
tIKnhogbkS4AspfgNDovS81nBeSWYRBx/XKTM37jCCBz/rqwFpBosLO6yNCu9OPr
aMegcV7byuMlHBzTCIvL+8L6dQrZgaze1AFKM8RH4gEkws+8QuVS8CQwzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGKN5e2S4Ds/Ai5xbSzkqtcT0SgMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvY1lvM2w3WkxnT3o4Q0xuRnRMT1NxMXhQUktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QPMA0G
CSqGSIb3DQEBCwUAA4IBAQBvjDPUX1HzT984PWfeQiLTit1cOvRZ3vYuUE9nsENu
Z4A3E2bPciv6pTQPo6igdSmik11dGz/Qn29nNS3+98wT27Rv4/OJ+Uzs6KpUg4jK
9S3qyF9lWeJcgibE82JE5uwNZNrEUKnMmqxI6d9JLa/E7xRzdGArw/UruQPutOz/
iTR6bmiMwgOWp5UjOdKNnQq1f5frYDZ5j4iyT6BfVeODqdotAzCYiPduvrfQGf3E
cYmC1r0g4mzNvwWO0ZuEiT5K3jsxb+voxcB0D8NRlkD8OpqwmdoUmFjF5UM1p7rx
7Cdm+pekxMj1zDuid5GNd06cqnHh1NtGqb46KP+1sXzL
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:28 2024 by rpki-client on console-ams.rpki-client.org