Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dGzlTs9IDj9F--fo9JR_tlaanKM.roa
File: dGzlTs9IDj9F--fo9JR_tlaanKM.roa (raw, json)
Hash identifier: h11qXMgapN4iqXC3nbvXxVK8sJcx8Oftzog1fyTo4Gw=
Subject key identifier: 74:6C:E5:4E:CF:48:0E:3F:45:FB:E7:E8:F4:94:7F:B6:56:9A:9C:A3
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CC7257CC6A338551DDF5E57D3DDCEC471
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dGzlTs9IDj9F--fo9JR_tlaanKM.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 09:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7c:c6:a3:38:55:1d:df:5e:57:d3:dd:ce:c4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=746ce54ecf480e3f45fbe7e8f4947fb6569a9ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:36:cc:66:2c:c0:e6:02:b2:32:bb:d5:6b:
d5:89:77:b5:2e:ae:97:0a:3e:4f:46:f6:a9:e9:61:
93:e3:a9:07:72:5e:d6:c0:15:e4:b8:48:85:01:58:
e1:23:5b:e1:b9:a4:10:6f:71:f7:b9:a1:78:b3:70:
d5:ce:a9:39:b2:79:3c:0f:e8:9c:27:89:87:b1:fe:
84:48:59:1b:fa:e6:90:8f:c5:52:d0:fb:a8:2e:2b:
cc:e5:9e:41:bb:da:52:d6:f1:5c:11:56:42:3b:70:
54:f9:16:4e:8e:d9:5d:ce:ff:be:ad:fb:f4:c4:1f:
40:63:38:2a:6b:50:58:43:eb:cd:22:6d:e8:2f:46:
ff:cb:73:ef:52:70:d1:1c:98:32:75:d0:a1:54:b7:
c4:09:0e:ad:0c:3f:30:9a:11:5b:8b:f0:b8:e2:90:
6d:65:31:2b:2c:91:7f:36:68:5b:59:15:89:2b:15:
de:f4:9f:1c:9f:da:1d:e4:7c:f1:c9:7f:ce:d2:df:
f5:a5:fc:d0:44:74:c4:c2:d7:44:37:c0:2c:dd:76:
f4:1d:e8:f3:ce:bc:46:f2:a7:6a:7d:bb:a5:c1:b0:
2d:0f:46:b3:11:55:ff:b4:14:c9:03:ec:6a:95:7b:
1e:84:69:36:2c:e0:91:84:a0:c2:65:87:a3:39:46:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6C:E5:4E:CF:48:0E:3F:45:FB:E7:E8:F4:94:7F:B6:56:9A:9C:A3
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dGzlTs9IDj9F--fo9JR_tlaanKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.32.0/24
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
80:bc:ad:49:cb:35:d7:63:63:ed:a9:aa:3c:fd:ff:2d:05:ae:
de:93:32:88:0f:33:76:7a:99:db:ac:fb:50:0d:b6:7c:03:51:
b6:ce:af:10:49:ce:b6:60:a6:3e:e2:17:b2:d3:fa:ef:9c:ed:
4a:11:b1:5d:66:19:68:e3:8c:32:ec:96:ce:cb:30:e2:25:5d:
dd:10:39:bb:e1:3d:95:bb:9e:da:0f:43:89:8f:0b:4f:fb:85:
82:b6:ce:83:f5:bc:b8:38:fd:27:e1:ab:c7:9a:6f:2e:08:49:
34:05:8f:59:6c:42:f0:09:74:32:b0:c3:01:6e:80:a5:40:16:
65:21:4d:45:ac:80:be:e9:fa:05:39:7d:9b:ae:b5:80:25:bf:
48:df:32:97:42:5d:b2:2b:e1:2d:13:4e:4a:67:80:4d:66:d0:
d2:8f:b1:c9:61:b7:34:b9:da:1c:5e:51:d1:ae:c7:cb:9f:bd:
d7:c7:4d:8c:1b:0d:e5:16:fb:2b:9d:8c:7c:69:2c:e7:d8:d2:
8f:40:47:87:e2:c9:03:e4:eb:7f:86:f5:11:cb:7c:fd:00:80:
2a:11:0e:32:3c:f1:5f:3f:8f:7e:6a:4c:13:98:6e:f8:58:78:
b5:fc:4e:94:c8:f6:6c:9e:c8:1a:cc:44:a9:49:7d:7c:b1:f0:
37:c4:74:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJXzGozhVHd9eV9PdzsRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZjZTU0ZWNmNDgwZTNmNDVmYmU3ZThmNDk0N2ZiNjU2OWE5Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRE2zGYswOYCsjK71WvViXe1Lq6X
Cj5PRvap6WGT46kHcl7WwBXkuEiFAVjhI1vhuaQQb3H3uaF4s3DVzqk5snk8D+ic
J4mHsf6ESFkb+uaQj8VS0PuoLivM5Z5Bu9pS1vFcEVZCO3BU+RZOjtldzv++rfv0
xB9AYzgqa1BYQ+vNIm3oL0b/y3PvUnDRHJgyddChVLfECQ6tDD8wmhFbi/C44pBt
ZTErLJF/NmhbWRWJKxXe9J8cn9od5HzxyX/O0t/1pfzQRHTEwtdEN8As3Xb0Hejz
zrxG8qdqfbulwbAtD0azEVX/tBTJA+xqlXsehGk2LOCRhKDCZYejOUb7EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHRs5U7PSA4/Rfvn6PSUf7ZWmpyjMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvZEd6bFRzOUlEajlGLS1mbzlKUl90bGFhbktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QNAwQA
XpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQCAvK1JyzXXY2Ptqao8/f8tBa7e
kzKIDzN2epnbrPtQDbZ8A1G2zq8QSc62YKY+4hey0/rvnO1KEbFdZhlo44wy7JbO
yzDiJV3dEDm74T2Vu57aD0OJjwtP+4WCts6D9by4OP0n4avHmm8uCEk0BY9ZbELw
CXQysMMBboClQBZlIU1FrIC+6foFOX2brrWAJb9I3zKXQl2yK+EtE05KZ4BNZtDS
j7HJYbc0udocXlHRrsfLn73Xx02MGw3lFvsrnYx8aSzn2NKPQEeH4skD5Ot/hvUR
y3z9AIAqEQ4yPPFfP49+akwTmG74WHi1/E6UyPZsnsgazESpSX18sfA3xHRj
-----END CERTIFICATE-----
Generated at Sat Mar 9 11:30:55 2024 by rpki-client on console-fra.rpki-client.org