Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h-ZI09FK6PZBMhxJW2reFN44cpY.roa
File: h-ZI09FK6PZBMhxJW2reFN44cpY.roa (raw, json)
Hash identifier: DNSFZP2R+hD0/oUYSP4PUvZrrIbovNNSjOq8vFTHEt8=
Subject key identifier: 87:E6:48:D3:D1:4A:E8:F6:41:32:1C:49:5B:6A:DE:14:DE:38:72:96
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01903F99FBFF5EF1B77D1D3203BCC9C44B14
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h-ZI09FK6PZBMhxJW2reFN44cpY.roa
Signing time: Sat 22 Jun 2024 10:59:34 +0000
ROA not before: Sat 22 Jun 2024 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 09:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:99:fb:ff:5e:f1:b7:7d:1d:32:03:bc:c9:c4:4b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jun 22 10:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87e648d3d14ae8f641321c495b6ade14de387296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:96:28:12:fc:40:17:2d:3f:f7:e2:cc:65:5c:
b1:e7:6d:ad:a8:fe:a5:ff:47:05:bb:08:16:0b:cc:
e7:0a:ba:09:0d:8c:84:76:4f:dc:2c:ef:0d:e3:51:
b9:4e:a3:e9:fb:98:be:a6:03:99:b9:3d:83:4d:d2:
2c:02:a5:ce:34:d9:04:96:3f:2c:e5:a5:de:d3:d8:
d9:a2:7e:13:4e:83:13:b8:cd:26:a2:30:88:7c:73:
44:90:94:bc:d9:c4:f7:f6:71:91:7a:1e:ef:c3:ed:
11:bc:9c:11:ff:36:0c:ac:3f:db:9b:b1:25:eb:6c:
42:1b:58:86:41:05:bf:d1:7f:1f:0f:2c:b4:22:37:
61:33:d0:9b:a1:b1:f5:bd:00:83:86:db:4a:ec:79:
b8:fd:8f:c7:de:35:3f:ff:d5:d8:fb:d6:c2:d9:fd:
80:3e:bd:4d:a6:38:a2:71:33:a5:41:6e:d7:a8:b3:
bf:cf:45:3d:39:fa:48:a1:1b:70:b3:13:8a:b3:79:
fe:84:7f:8c:2b:09:5d:da:0c:7b:b6:fe:a7:33:ba:
1e:80:8f:e1:aa:c4:b6:23:77:94:a2:1a:55:f2:d8:
50:4d:8d:10:ff:34:c4:21:fd:40:82:ea:a4:c3:0c:
07:82:ff:c2:e8:61:26:33:11:2f:fd:fe:ea:fa:29:
ba:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E6:48:D3:D1:4A:E8:F6:41:32:1C:49:5B:6A:DE:14:DE:38:72:96
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h-ZI09FK6PZBMhxJW2reFN44cpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:ef:78:22:7f:cb:88:8d:a9:78:03:72:93:86:0f:23:23:0c:
49:e8:c7:1b:27:92:26:bb:56:c5:03:aa:c8:bf:82:f4:f8:76:
dd:ec:56:f0:2b:7d:c7:97:18:59:a0:23:db:a5:73:27:ea:e1:
cf:8f:89:69:2b:11:9d:67:31:a9:4a:13:cb:69:0f:cb:34:72:
da:5f:6b:4f:df:34:89:c0:d1:ad:c1:b0:0b:7a:81:35:cd:25:
23:2b:c9:74:10:5f:0e:3b:dc:2b:4d:a0:ab:ed:55:f2:fd:ae:
25:30:8f:48:5e:9b:a2:94:1a:33:ed:a7:4a:f7:21:07:b4:4e:
6e:ef:f0:d6:eb:36:26:59:4e:c3:b0:b7:9f:e9:ed:8a:1a:01:
83:3c:5c:d2:31:5a:6a:84:5c:00:49:92:97:9c:19:02:bb:8e:
50:5c:ec:d1:a9:7d:76:22:ad:cd:b0:73:81:fc:c4:4d:16:a6:
49:1a:87:77:f4:af:4f:23:09:13:b2:ed:62:3a:22:74:97:bb:
4d:92:28:d9:e4:ce:40:a7:df:78:39:df:95:30:92:6c:43:4f:
ae:df:b8:4a:87:ae:fd:ad:43:ac:48:7b:26:70:2a:4a:c9:e9:
c5:ff:35:f6:38:f3:17:05:df:3d:ec:a5:dc:f2:fa:98:e5:94:
7a:d0:45:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZA/mfv/XvG3fR0yA7zJxEsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNjIyMTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U2NDhkM2QxNGFlOGY2NDEzMjFjNDk1YjZhZGUxNGRlMzg3Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZYoEvxAFy0/9+LMZVyx522tqP6l
/0cFuwgWC8znCroJDYyEdk/cLO8N41G5TqPp+5i+pgOZuT2DTdIsAqXONNkElj8s
5aXe09jZon4TToMTuM0mojCIfHNEkJS82cT39nGReh7vw+0RvJwR/zYMrD/bm7El
62xCG1iGQQW/0X8fDyy0IjdhM9CbobH1vQCDhttK7Hm4/Y/H3jU//9XY+9bC2f2A
Pr1NpjiicTOlQW7XqLO/z0U9OfpIoRtwsxOKs3n+hH+MKwld2gx7tv6nM7oegI/h
qsS2I3eUohpV8thQTY0Q/zTEIf1AguqkwwwHgv/C6GEmMxEv/f7q+im6twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfmSNPRSuj2QTIcSVtq3hTeOHKWMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaC1aSTA5Rks2UFpCTWh4SlcycmVGTjQ0Y3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+QOMA0G
CSqGSIb3DQEBCwUAA4IBAQCn73gif8uIjal4A3KThg8jIwxJ6McbJ5Imu1bFA6rI
v4L0+Hbd7FbwK33HlxhZoCPbpXMn6uHPj4lpKxGdZzGpShPLaQ/LNHLaX2tP3zSJ
wNGtwbALeoE1zSUjK8l0EF8OO9wrTaCr7VXy/a4lMI9IXpuilBoz7adK9yEHtE5u
7/DW6zYmWU7DsLef6e2KGgGDPFzSMVpqhFwASZKXnBkCu45QXOzRqX12Iq3NsHOB
/MRNFqZJGod39K9PIwkTsu1iOiJ0l7tNkijZ5M5Ap994Od+VMJJsQ0+u37hKh679
rUOsSHsmcCpKyenF/zX2OPMXBd897KXc8vqY5ZR60EVU
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:53:24 2024 by rpki-client on console-ams.rpki-client.org