Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hlJbgvqHVn0Y_WkFdgBDmSC4uN8.roa
File: hlJbgvqHVn0Y_WkFdgBDmSC4uN8.roa (raw, json)
Hash identifier: UaHx/zzi/7JdDhUrtCizjOM3Gh1AAobWeE2aFmQhr9M=
Subject key identifier: 86:52:5B:82:FA:87:56:7D:18:FD:69:05:76:00:43:99:20:B8:B8:DF
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018EAA7899637F1A6317E4F116BDA83CA6C4
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hlJbgvqHVn0Y_WkFdgBDmSC4uN8.roa
Signing time: Thu 04 Apr 2024 18:56:54 +0000
ROA not before: Thu 04 Apr 2024 18:56:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:aa:78:99:63:7f:1a:63:17:e4:f1:16:bd:a8:3c:a6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 4 18:56:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86525b82fa87567d18fd69057600439920b8b8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:59:aa:f9:e1:a3:90:18:b8:28:a8:ba:4f:
7f:dc:b8:35:61:73:a6:a7:7d:7a:f2:ec:d6:f4:ca:
0b:6e:c7:40:2d:72:ef:e8:82:35:71:01:d9:a1:61:
c7:49:08:d9:da:eb:27:f3:3c:26:6c:94:c0:76:27:
91:be:a6:60:8c:1c:42:22:02:fd:e3:69:ce:c8:05:
24:cb:5f:6d:aa:48:8c:27:db:d3:51:fe:13:d4:01:
98:ae:e0:80:1c:81:10:0d:4a:0e:b0:c2:00:3c:3f:
a1:43:76:32:52:fa:fb:42:f2:f0:aa:5e:64:a1:9c:
74:af:4d:3b:8d:b8:80:dd:ef:3a:77:ba:d1:ef:bf:
df:32:ce:e5:8f:50:5a:7c:bf:ac:87:c1:ed:be:c2:
90:95:e0:71:9e:32:01:d4:01:af:14:6a:e0:8d:a6:
18:ca:20:34:db:24:49:06:ba:19:32:28:39:83:3c:
77:cc:50:36:7c:ca:65:7a:da:b3:ff:77:a9:4f:8d:
83:b8:45:28:35:42:fd:88:2e:ef:53:d2:eb:ac:52:
1b:22:33:f7:44:4c:44:7a:a0:6d:a9:b5:75:2f:3c:
01:c9:fa:a7:f3:63:09:49:32:f5:60:44:ce:5a:a9:
d9:b6:cc:1f:11:df:73:27:a8:47:55:8c:f5:40:2f:
36:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:52:5B:82:FA:87:56:7D:18:FD:69:05:76:00:43:99:20:B8:B8:DF
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hlJbgvqHVn0Y_WkFdgBDmSC4uN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.14.255
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
42:1f:04:60:c3:ad:04:ee:78:7d:0a:18:fb:48:60:b4:84:e9:
87:7e:5b:e4:20:7c:1b:0f:65:66:74:9c:6c:b7:39:6c:33:df:
eb:d6:27:48:7b:b8:20:fb:66:22:54:76:b5:eb:95:06:30:7a:
40:ff:7b:2c:73:1d:d5:8b:5c:e1:40:e1:64:6c:98:06:09:f5:
0a:9f:c5:3e:4d:45:58:5d:3c:1d:5a:83:d3:c8:63:8e:fd:7b:
d2:a7:ca:51:24:2d:ef:44:84:d6:2d:61:65:ff:20:b4:a5:0e:
ce:38:dc:30:66:00:77:e7:3c:21:56:ab:20:1e:0d:24:67:0c:
88:74:e8:06:e0:5f:24:96:7b:79:00:d6:4f:41:72:0d:0d:28:
91:e3:bd:e8:c3:3e:44:b2:9f:77:66:c8:9b:70:fa:89:24:74:
70:db:04:7d:81:40:69:a8:a3:12:a5:c0:83:98:73:57:95:0a:
5e:77:5e:c0:27:e0:10:33:58:68:7d:f7:91:99:4d:3a:9c:d7:
3b:ca:93:d8:29:6d:59:4c:2c:95:ef:5b:21:f8:02:41:91:cb:
37:75:9c:eb:de:ad:56:f1:1a:1e:ca:30:ae:88:6a:67:50:84:
77:9d:7e:df:c7:26:6a:4a:1b:0a:50:ff:68:54:d0:d5:dc:bf:
2c:cd:b0:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY6qeJljfxpjF+TxFr2oPKbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDA0MTg1NjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUyNWI4MmZhODc1NjdkMThmZDY5MDU3NjAwNDM5OTIwYjhiOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHJZqvnho5AYuCiouk9/3Lg1YXOm
p3168uzW9MoLbsdALXLv6II1cQHZoWHHSQjZ2usn8zwmbJTAdieRvqZgjBxCIgL9
42nOyAUky19tqkiMJ9vTUf4T1AGYruCAHIEQDUoOsMIAPD+hQ3YyUvr7QvLwql5k
oZx0r007jbiA3e86d7rR77/fMs7lj1BafL+sh8HtvsKQleBxnjIB1AGvFGrgjaYY
yiA02yRJBroZMig5gzx3zFA2fMpletqz/3epT42DuEUoNUL9iC7vU9LrrFIbIjP3
RExEeqBtqbV1LzwByfqn82MJSTL1YETOWqnZtswfEd9zJ6hHVYz1QC82aQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIZSW4L6h1Z9GP1pBXYAQ5kguLjfMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaGxKYmd2cUhWbjBZX1drRmRnQkRtU0M0dU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABb5A0D
BABb5A4DBAFemiQwDQYJKoZIhvcNAQELBQADggEBAEIfBGDDrQTueH0KGPtIYLSE
6Yd+W+QgfBsPZWZ0nGy3OWwz3+vWJ0h7uCD7ZiJUdrXrlQYwekD/eyxzHdWLXOFA
4WRsmAYJ9QqfxT5NRVhdPB1ag9PIY479e9KnylEkLe9EhNYtYWX/ILSlDs443DBm
AHfnPCFWqyAeDSRnDIh06AbgXySWe3kA1k9Bcg0NKJHjvejDPkSyn3dmyJtw+okk
dHDbBH2BQGmooxKlwIOYc1eVCl53XsAn4BAzWGh995GZTTqc1zvKk9gpbVlMLJXv
WyH4AkGRyzd1nOverVbxGh7KMK6IamdQhHedft/HJmpKGwpQ/2hU0NXcvyzNsJA=
-----END CERTIFICATE-----
Generated at Fri Apr 5 13:01:16 2024 by rpki-client on console-ams.rpki-client.org