Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dWr91lZONaZnN58CXbagbDLM7MM.roa
File: dWr91lZONaZnN58CXbagbDLM7MM.roa (raw, json)
Hash identifier: Bfp6/XNsvZwgTeUY3UGHgohC7R1aUlR/FTBNqfLbJpQ=
Subject key identifier: 75:6A:FD:D6:56:4E:35:A6:67:37:9F:02:5D:B6:A0:6C:32:CC:EC:C3
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0190A69C0BF01DBC2AD0328CE0E5CDAFF1B2
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dWr91lZONaZnN58CXbagbDLM7MM.roa
Signing time: Fri 12 Jul 2024 11:02:42 +0000
ROA not before: Fri 12 Jul 2024 11:02:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 17:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:9c:0b:f0:1d:bc:2a:d0:32:8c:e0:e5:cd:af:f1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jul 12 11:02:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756afdd6564e35a667379f025db6a06c32ccecc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bd:9c:cb:97:78:24:82:5a:72:3a:35:b3:97:
47:61:98:b2:1e:a4:89:b6:4c:ea:a2:21:a6:09:c9:
09:2c:4a:d4:46:d7:72:5d:0d:b7:76:20:77:c2:5a:
b7:bc:f3:75:5f:61:86:51:11:2c:28:95:0f:de:9b:
36:36:90:d5:2d:57:57:0e:97:e5:86:17:e6:53:6b:
b7:10:26:55:7d:b1:5b:ef:db:18:01:f3:cd:9e:ba:
bd:e2:08:fd:53:fb:00:46:5f:2c:e9:a5:a5:da:b3:
ea:97:ae:25:3a:83:3b:1d:3a:db:59:13:4b:5f:f1:
44:cc:30:f6:d2:65:db:0c:5a:18:ee:c6:a4:d8:e4:
90:38:10:d4:88:dd:28:78:6d:a0:42:f1:5b:67:72:
79:17:b1:75:41:b7:c2:ac:9b:64:8e:af:1b:1d:88:
cc:b4:63:fc:c7:a8:7c:eb:4d:2e:7c:ea:3f:68:94:
08:ba:c5:b0:03:06:e9:e6:e6:00:28:38:a8:ff:df:
81:6f:63:97:17:04:65:08:d4:4d:23:7c:d3:ae:0f:
db:1f:b3:55:87:71:95:67:fb:6c:0f:cf:af:ae:bb:
9c:0a:65:4c:ec:83:9f:4c:cd:8b:55:9d:c1:df:56:
40:30:55:1e:31:70:6e:69:f1:5f:42:74:b1:35:52:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:FD:D6:56:4E:35:A6:67:37:9F:02:5D:B6:A0:6C:32:CC:EC:C3
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dWr91lZONaZnN58CXbagbDLM7MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.15.255
94.154.32.0/24
94.154.35.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
02:0e:29:b8:f5:ec:fb:30:7e:59:38:f9:57:87:ef:43:a2:66:
7d:67:95:f8:a6:a3:a1:bc:8e:16:e7:97:e4:45:c6:98:b6:bb:
e3:57:17:f6:37:3a:6a:3a:66:1b:9b:2e:20:2e:29:72:6c:8a:
0c:27:28:6a:b6:d5:aa:37:85:74:a8:c6:96:db:2f:b9:1a:dc:
97:81:a0:b7:43:03:df:3d:a7:72:4d:47:f0:9a:70:0d:8d:3a:
ae:1d:26:bd:b4:c5:59:7c:f6:bd:36:6a:d7:b0:b9:2b:83:c1:
80:cf:a0:a4:13:2f:db:1d:00:b2:e2:3d:c4:ea:da:c9:62:5d:
bd:81:a0:6f:b1:3b:e7:f5:62:0c:09:ad:26:ea:81:ac:32:0c:
b0:c0:c8:52:01:f8:58:2c:f9:a2:ae:8b:43:f3:e6:82:ea:3c:
c1:8a:3c:4f:91:3c:82:97:fa:0c:c2:64:94:bc:2b:55:13:8d:
4e:6f:e8:79:20:ba:d1:07:a5:6e:ae:91:fc:ed:ac:43:f7:f9:
72:d4:aa:79:9f:32:f0:0a:0f:d0:ca:ae:ae:41:56:da:e3:90:
41:5d:a3:20:25:1d:3d:76:c4:32:52:33:2a:eb:d5:9f:75:f7:
d5:df:d2:d5:7b:10:6f:63:84:ca:ea:17:d9:9b:74:5d:e4:f2:
9b:0b:71:3b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZCmnAvwHbwq0DKM4OXNr/GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNzEyMTEwMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZhZmRkNjU2NGUzNWE2NjczNzlmMDI1ZGI2YTA2YzMyY2NlY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b2cy5d4JIJacjo1s5dHYZiyHqSJ
tkzqoiGmCckJLErURtdyXQ23diB3wlq3vPN1X2GGUREsKJUP3ps2NpDVLVdXDpfl
hhfmU2u3ECZVfbFb79sYAfPNnrq94gj9U/sARl8s6aWl2rPql64lOoM7HTrbWRNL
X/FEzDD20mXbDFoY7sak2OSQOBDUiN0oeG2gQvFbZ3J5F7F1QbfCrJtkjq8bHYjM
tGP8x6h8600ufOo/aJQIusWwAwbp5uYAKDio/9+Bb2OXFwRlCNRNI3zTrg/bH7NV
h3GVZ/tsD8+vrrucCmVM7IOfTM2LVZ3B31ZAMFUeMXBuafFfQnSxNVKJyQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHVq/dZWTjWmZzefAl22oGwyzOzDMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvZFdyOTFsWk9OYVpuTjU4Q1hiYWdiRExNN01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABb5A0D
BARb5AADBABemiAwDAMEAF6aIwMEAF6aJjANBgkqhkiG9w0BAQsFAAOCAQEAAg4p
uPXs+zB+WTj5V4fvQ6JmfWeV+KajobyOFueX5EXGmLa741cX9jc6ajpmG5suIC4p
cmyKDCcoarbVqjeFdKjGltsvuRrcl4Ggt0MD3z2nck1H8JpwDY06rh0mvbTFWXz2
vTZq17C5K4PBgM+gpBMv2x0AsuI9xOrayWJdvYGgb7E75/ViDAmtJuqBrDIMsMDI
UgH4WCz5oq6LQ/Pmguo8wYo8T5E8gpf6DMJklLwrVRONTm/oeSC60Qelbq6R/O2s
Q/f5ctSqeZ8y8AoP0MqurkFW2uOQQV2jICUdPXbEMlIzKuvVn3X31d/S1XsQb2OE
yuoX2Zt0XeTymwtxOw==
-----END CERTIFICATE-----
Generated at Fri Jul 12 20:12:25 2024 by rpki-client on console-ams.rpki-client.org