Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hmdNJ7PnSClrlZRfBTw5cwKYk6s.roa
File: hmdNJ7PnSClrlZRfBTw5cwKYk6s.roa (raw, json)
Hash identifier: g5Swvwaesn/2OSE/yZMY3lqRGaIOG0ghqe/94Y5et7I=
Subject key identifier: 86:67:4D:27:B3:E7:48:29:6B:95:94:5F:05:3C:39:73:02:98:93:AB
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018F19B2B4E245CCC484AC92E9B2E7A0D8D2
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hmdNJ7PnSClrlZRfBTw5cwKYk6s.roa
Signing time: Fri 26 Apr 2024 09:18:13 +0000
ROA not before: Fri 26 Apr 2024 09:18:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 05:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:b2:b4:e2:45:cc:c4:84:ac:92:e9:b2:e7:a0:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 26 09:18:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86674d27b3e748296b95945f053c3973029893ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c5:6d:ff:d1:7d:dd:0f:30:f7:27:7b:e3:89:
55:96:37:c5:18:14:c1:5d:98:c3:6d:3e:0d:1f:2e:
4b:6c:27:c6:04:8d:8b:3d:94:b0:35:30:87:78:c0:
03:bb:ba:04:f6:f4:23:ed:03:8e:06:39:8b:a0:89:
d5:11:1f:c1:83:b4:8c:79:96:4c:4e:b7:91:b0:f1:
d3:6b:67:c6:0b:d9:f1:40:0d:6b:29:7a:22:45:37:
ca:bd:1a:6e:3d:59:dd:f4:48:20:78:fa:2d:1c:77:
98:35:9d:bc:76:9b:89:8f:81:75:7d:68:76:06:a6:
cc:85:fb:21:89:45:69:3b:32:49:59:87:8b:c0:0d:
38:a8:ff:d1:d1:35:17:5e:33:39:15:59:18:c9:54:
48:bf:27:8f:bf:84:89:0d:78:dd:ac:a2:e4:f9:ee:
a4:e4:84:73:f5:b5:32:db:df:6d:00:9c:7c:17:48:
34:99:93:cc:f9:b7:7e:61:5b:33:20:92:2b:2e:e1:
1c:a0:49:46:82:9e:67:4d:1f:1a:1d:0f:48:86:65:
c0:2d:8b:95:16:5c:2f:43:57:2f:3b:60:e1:76:7b:
19:e6:bb:25:0b:31:0d:86:db:db:51:1c:df:c4:53:
91:7c:fb:63:af:8f:c0:f3:96:4b:0e:5b:6f:b1:d7:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:67:4D:27:B3:E7:48:29:6B:95:94:5F:05:3C:39:73:02:98:93:AB
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/hmdNJ7PnSClrlZRfBTw5cwKYk6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c7:5c:95:a5:34:ad:c3:31:a1:ac:46:4a:52:2b:35:5d:ed:
7d:7d:6f:fa:1a:41:fc:d6:8d:e0:79:58:6a:d7:c8:f5:f3:de:
1f:56:0b:4c:95:5b:c4:53:f5:92:a8:20:19:6a:7f:be:15:0f:
a8:62:4f:ef:2b:5b:81:6d:56:d5:56:85:96:fe:9a:b2:f1:14:
37:b2:f9:e0:1d:3d:75:83:55:d9:00:0e:d2:20:9d:20:06:14:
a6:cc:b6:00:6e:a3:25:dd:76:03:2d:66:dd:5d:d3:d5:4e:26:
47:39:27:bd:83:2e:43:d1:ba:be:c0:34:68:d5:85:08:a4:88:
20:46:63:7b:5c:36:65:db:84:cd:04:c6:89:29:d9:87:6a:25:
f0:2f:78:b9:a8:09:73:af:51:c3:58:6f:c1:d6:6f:de:96:c7:
0b:a0:d9:b4:66:24:e0:05:77:8a:85:ff:aa:33:18:63:bd:7e:
09:29:bd:e5:b8:17:51:00:82:f3:04:53:a0:94:f1:ff:83:89:
90:fe:69:71:d9:1a:bc:d5:a2:83:02:af:bf:a2:01:5e:27:bf:
a4:0e:5f:7f:b3:24:58:a3:9a:50:44:d7:ce:ea:b0:da:eb:a2:
72:47:f9:71:e6:5b:f0:2d:f9:c9:8d:de:6a:8c:51:d8:52:ea:
b5:9d:52:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8ZsrTiRczEhKyS6bLnoNjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDI2MDkxODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY3NGQyN2IzZTc0ODI5NmI5NTk0NWYwNTNjMzk3MzAyOTg5M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsVt/9F93Q8w9yd744lVljfFGBTB
XZjDbT4NHy5LbCfGBI2LPZSwNTCHeMADu7oE9vQj7QOOBjmLoInVER/Bg7SMeZZM
TreRsPHTa2fGC9nxQA1rKXoiRTfKvRpuPVnd9EggePotHHeYNZ28dpuJj4F1fWh2
BqbMhfshiUVpOzJJWYeLwA04qP/R0TUXXjM5FVkYyVRIvyePv4SJDXjdrKLk+e6k
5IRz9bUy299tAJx8F0g0mZPM+bd+YVszIJIrLuEcoElGgp5nTR8aHQ9IhmXALYuV
FlwvQ1cvO2DhdnsZ5rslCzENhtvbURzfxFORfPtjr4/A85ZLDltvsdeT6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZnTSez50gpa5WUXwU8OXMCmJOrMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaG1kTko3UG5TQ2xybFpSZkJUdzVjd0tZazZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QOAwQA
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQCZx1yVpTStwzGhrEZKUis1Xe19fW/6GkH8
1o3geVhq18j1894fVgtMlVvEU/WSqCAZan++FQ+oYk/vK1uBbVbVVoWW/pqy8RQ3
svngHT11g1XZAA7SIJ0gBhSmzLYAbqMl3XYDLWbdXdPVTiZHOSe9gy5D0bq+wDRo
1YUIpIggRmN7XDZl24TNBMaJKdmHaiXwL3i5qAlzr1HDWG/B1m/elscLoNm0ZiTg
BXeKhf+qMxhjvX4JKb3luBdRAILzBFOglPH/g4mQ/mlx2Rq81aKDAq+/ogFeJ7+k
Dl9/syRYo5pQRNfO6rDa66JyR/lx5lvwLfnJjd5qjFHYUuq1nVKh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org