Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cxhPy4RQSrKUSXPG1UX6nskM3OQ.roa
File: cxhPy4RQSrKUSXPG1UX6nskM3OQ.roa (raw, json)
Hash identifier: iqLjCOUCEmVlWAG9+8Ar3k6mGkwah6Y2eaiL9yx3Ph0=
Subject key identifier: 73:18:4F:CB:84:50:4A:B2:94:49:73:C6:D5:45:FA:9E:C9:0C:DC:E4
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018DA8D92F8BC6B2C393DD02CE42583633DA
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cxhPy4RQSrKUSXPG1UX6nskM3OQ.roa
Signing time: Wed 14 Feb 2024 18:20:21 +0000
ROA not before: Wed 14 Feb 2024 18:20:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
91.228.14.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 16:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:d9:2f:8b:c6:b2:c3:93:dd:02:ce:42:58:36:33:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 14 18:20:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73184fcb84504ab2944973c6d545fa9ec90cdce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:56:c2:14:dc:90:3a:be:08:a9:08:12:d5:
35:b3:aa:80:91:af:67:d1:7b:60:8b:44:12:56:d7:
0c:6d:6e:39:f5:ab:32:d4:4c:e0:ba:fc:4d:64:75:
86:96:d9:0c:04:ad:1d:8f:99:cb:7f:f8:8b:ad:9d:
b8:c3:cc:4a:9f:29:b1:f9:59:63:60:58:1a:39:c5:
0b:c3:a8:f7:b3:fa:63:16:94:fb:0f:bf:f0:fa:f3:
34:2c:ef:8e:6b:2b:e4:4b:62:c8:0f:ea:92:06:1f:
a9:5a:e2:a3:b9:5f:95:cd:19:2a:48:59:95:bf:db:
48:6e:d8:47:49:0e:a7:e1:10:d6:6f:82:45:43:8b:
57:7f:b4:a3:e3:9f:5d:fb:7f:ff:80:cb:7d:22:10:
99:f7:79:7e:62:ef:4e:d2:42:cb:75:5d:c3:68:6b:
f6:e5:33:e0:40:83:c9:1e:64:b7:19:06:fb:e9:89:
23:20:01:b2:83:cd:b5:c8:4d:16:ef:97:1f:80:5d:
d4:0e:3c:a4:5e:1c:09:fc:2e:00:23:cd:a9:f8:db:
d8:58:d9:90:51:06:7e:0b:ab:95:13:8a:d2:dd:f0:
4b:f3:06:db:39:d1:46:8a:67:77:06:2b:3a:ff:df:
13:a6:2f:a2:05:b9:74:3c:e3:f3:43:c9:6c:12:8d:
7d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:18:4F:CB:84:50:4A:B2:94:49:73:C6:D5:45:FA:9E:C9:0C:DC:E4
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/cxhPy4RQSrKUSXPG1UX6nskM3OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
84:73:bc:3a:4b:50:24:5a:4d:8c:01:23:46:dc:87:79:d8:fe:
a9:a8:4e:db:1e:50:f4:4e:ef:da:b0:c9:fe:c5:47:6f:9b:b7:
5c:17:93:5b:c7:77:5a:91:fe:08:23:cb:d5:6b:fe:28:ea:e6:
cf:f9:9b:9f:56:57:e5:77:61:d6:08:d6:51:48:3f:cd:77:17:
da:8e:08:7f:a0:35:2e:4a:13:25:f7:47:3a:19:60:39:65:d9:
95:0f:82:ce:68:0d:12:31:4f:47:a0:22:30:a9:c9:37:32:39:
59:5c:68:e4:4b:27:75:d2:f3:c2:4d:e3:3f:46:c4:d7:92:e9:
35:3d:99:ea:5b:52:f8:8c:31:11:52:bf:53:29:34:af:2c:9f:
fc:4a:93:27:b6:f9:4c:af:f7:ec:d5:b6:d2:a9:b0:1b:85:63:
b9:05:1f:86:9a:11:55:d4:2c:17:48:a8:cf:91:ff:56:fc:b9:
20:4f:e8:55:8a:8c:2a:71:44:88:bc:c9:3e:8e:3c:67:e1:63:
b2:73:06:77:34:44:9c:a7:c4:22:22:3f:26:1c:94:18:9a:21:
fe:0b:7f:51:67:af:86:62:96:15:4d:5e:a7:f7:ed:c0:30:24:
2f:fe:3f:30:9c:23:8d:62:6a:de:d1:ec:e1:0e:77:bf:3c:86:
31:9a:1a:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2o2S+LxrLDk90CzkJYNjPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMjE0MTgyMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE4NGZjYjg0NTA0YWIyOTQ0OTczYzZkNTQ1ZmE5ZWM5MGNkY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBpWwhTckDq+CKkIEtU1s6qAka9n
0Xtgi0QSVtcMbW459asy1EzguvxNZHWGltkMBK0dj5nLf/iLrZ24w8xKnymx+Vlj
YFgaOcULw6j3s/pjFpT7D7/w+vM0LO+OayvkS2LID+qSBh+pWuKjuV+VzRkqSFmV
v9tIbthHSQ6n4RDWb4JFQ4tXf7Sj459d+3//gMt9IhCZ93l+Yu9O0kLLdV3DaGv2
5TPgQIPJHmS3GQb76YkjIAGyg821yE0W75cfgF3UDjykXhwJ/C4AI82p+NvYWNmQ
UQZ+C6uVE4rS3fBL8wbbOdFGimd3Bis6/98Tpi+iBbl0POPzQ8lsEo197wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHMYT8uEUEqylElzxtVF+p7JDNzkMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvY3hoUHk0UlFTcktVU1hQRzFVWDZuc2tNM09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+QOAwQA
XpoiAwQBXpokMA0GCSqGSIb3DQEBCwUAA4IBAQCEc7w6S1AkWk2MASNG3Id52P6p
qE7bHlD0Tu/asMn+xUdvm7dcF5Nbx3dakf4II8vVa/4o6ubP+ZufVlfld2HWCNZR
SD/Ndxfajgh/oDUuShMl90c6GWA5ZdmVD4LOaA0SMU9HoCIwqck3MjlZXGjkSyd1
0vPCTeM/RsTXkuk1PZnqW1L4jDERUr9TKTSvLJ/8SpMntvlMr/fs1bbSqbAbhWO5
BR+GmhFV1CwXSKjPkf9W/LkgT+hViowqcUSIvMk+jjxn4WOycwZ3NEScp8QiIj8m
HJQYmiH+C39RZ6+GYpYVTV6n9+3AMCQv/j8wnCONYmre0ezhDne/PIYxmho9
-----END CERTIFICATE-----
Generated at Fri Feb 16 21:17:45 2024 by rpki-client on console-ams.rpki-client.org