Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h6PIZwDNwNScfp0iYZQY6BAFVZ4.roa
File: h6PIZwDNwNScfp0iYZQY6BAFVZ4.roa (raw, json)
Hash identifier: YvPLq+vHd0b5sOP64mFcC1bKpd5/tMBWI8fgJBlC244=
Subject key identifier: 87:A3:C8:67:00:CD:C0:D4:9C:7E:9D:22:61:94:18:E8:10:05:55:9E
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018F0731B37778852EDDC80B3C1C2BBB9DE9
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h6PIZwDNwNScfp0iYZQY6BAFVZ4.roa
Signing time: Mon 22 Apr 2024 19:04:08 +0000
ROA not before: Mon 22 Apr 2024 19:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 17:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:07:31:b3:77:78:85:2e:dd:c8:0b:3c:1c:2b:bb:9d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 22 19:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a3c86700cdc0d49c7e9d22619418e81005559e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:40:b0:74:53:a7:f8:42:09:a3:7d:02:5f:ca:
d8:4c:c7:53:29:43:74:cd:b3:14:a9:9b:bf:14:8b:
16:d6:73:06:fc:c4:79:98:cf:19:f9:3d:f9:4c:c0:
e4:7d:1d:45:bf:e4:34:f5:48:36:4b:be:b9:b4:33:
b6:d2:f6:7d:38:16:28:a7:dc:e1:ed:dd:77:bb:1a:
32:d6:2d:6c:3c:c5:fa:d6:37:cc:d0:f5:f2:07:a5:
0a:6f:90:59:3a:8b:6e:d1:e0:9e:d9:f1:8f:4c:da:
e1:6f:1e:9f:6c:ed:0f:d5:52:d3:70:b8:64:58:29:
e6:4d:95:59:2e:ea:42:8c:a4:56:1e:7b:71:f6:6f:
b2:ec:5c:4c:2a:70:51:46:7f:3b:cf:6e:11:84:ad:
08:f3:e4:b0:50:7d:0d:65:c2:1a:2a:83:5f:3b:39:
ea:d3:71:6c:89:32:a4:bb:96:ab:2c:bb:3b:c2:4c:
43:be:e7:39:cd:ca:03:09:dc:ad:96:91:82:6d:90:
2c:5d:4c:28:83:5d:f5:e3:4e:03:44:bf:3d:1c:de:
a0:d3:84:d0:f6:22:05:87:d7:93:f9:4b:66:00:1e:
a2:65:db:5a:dd:ea:a4:57:82:89:1a:fb:71:15:21:
e7:b0:41:d0:f8:fa:1e:88:3c:6d:e5:ea:af:a7:1a:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A3:C8:67:00:CD:C0:D4:9C:7E:9D:22:61:94:18:E8:10:05:55:9E
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/h6PIZwDNwNScfp0iYZQY6BAFVZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
26:0c:12:27:02:12:fe:81:51:28:51:7a:de:4c:49:6b:44:04:
9d:28:4c:03:d0:8a:20:d9:dd:52:a7:f0:51:22:7e:33:1a:b9:
a5:62:d1:1f:a3:a2:a8:bf:55:2f:e1:bd:58:53:76:cb:f8:00:
2a:22:e6:f7:52:8d:e7:4a:fe:50:ca:8a:e0:ee:f6:98:63:8b:
5a:b6:14:6b:55:b9:e0:37:66:4b:a1:2b:91:8a:87:a2:20:52:
a3:14:32:25:da:3e:8d:92:02:5f:03:8d:c1:66:04:4a:87:cc:
53:b5:5f:9b:5e:ee:d4:75:8a:b8:93:33:32:30:d2:e5:6f:c8:
5f:76:13:4b:b0:9c:d6:79:b6:ba:dd:ba:44:f0:d0:fe:d6:c6:
94:66:30:35:69:46:93:5f:42:28:af:36:14:31:73:00:26:50:
d0:22:8a:7e:53:60:1b:dc:21:dd:30:15:08:5a:c6:84:29:dc:
47:54:4f:4e:6c:96:f5:c8:58:70:ce:36:2d:50:b0:83:e8:40:
fa:d6:04:b7:a4:f5:fc:7b:85:0d:d9:e1:cc:69:82:71:41:e1:
3e:96:54:df:0f:48:ac:88:ac:e3:0a:2c:ac:c3:f6:72:77:44:
d8:67:20:34:4c:08:8b:62:17:76:7d:f9:2b:42:b3:8d:a0:e3:
59:b4:ab:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8HMbN3eIUu3cgLPBwru53pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDIyMTkwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2EzYzg2NzAwY2RjMGQ0OWM3ZTlkMjI2MTk0MThlODEwMDU1NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60CwdFOn+EIJo30CX8rYTMdTKUN0
zbMUqZu/FIsW1nMG/MR5mM8Z+T35TMDkfR1Fv+Q09Ug2S765tDO20vZ9OBYop9zh
7d13uxoy1i1sPMX61jfM0PXyB6UKb5BZOotu0eCe2fGPTNrhbx6fbO0P1VLTcLhk
WCnmTZVZLupCjKRWHntx9m+y7FxMKnBRRn87z24RhK0I8+SwUH0NZcIaKoNfOznq
03FsiTKku5arLLs7wkxDvuc5zcoDCdytlpGCbZAsXUwog131404DRL89HN6g04TQ
9iIFh9eT+UtmAB6iZdta3eqkV4KJGvtxFSHnsEHQ+PoeiDxt5eqvpxotXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIejyGcAzcDUnH6dImGUGOgQBVWeMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaDZQSVp3RE53TlNjZnAwaVlaUVk2QkFGVlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QOAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQAmDBInAhL+gVEoUXreTElrRASdKEwD0Iog
2d1Sp/BRIn4zGrmlYtEfo6Kov1Uv4b1YU3bL+AAqIub3Uo3nSv5Qyorg7vaYY4ta
thRrVbngN2ZLoSuRioeiIFKjFDIl2j6NkgJfA43BZgRKh8xTtV+bXu7UdYq4kzMy
MNLlb8hfdhNLsJzWeba63bpE8ND+1saUZjA1aUaTX0IorzYUMXMAJlDQIop+U2Ab
3CHdMBUIWsaEKdxHVE9ObJb1yFhwzjYtULCD6ED61gS3pPX8e4UN2eHMaYJxQeE+
llTfD0isiKzjCiysw/Zyd0TYZyA0TAiLYhd2ffkrQrONoONZtKv6
-----END CERTIFICATE-----
Generated at Wed Apr 24 19:55:25 2024 by rpki-client on console-fra.rpki-client.org