Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/iz429lLu9i4BPk7LSyJMxPrOCfo.roa
File: iz429lLu9i4BPk7LSyJMxPrOCfo.roa (raw, json)
Hash identifier: fl5YSuiZsZrFoybSQouuvQxKBFLFMbOjI0Ox6KDZqYc=
Subject key identifier: 8B:3E:36:F6:52:EE:F6:2E:01:3E:4E:CB:4B:22:4C:C4:FA:CE:09:FA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0189C0EFF2CE81544A57D7547FAF707C55A5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/iz429lLu9i4BPk7LSyJMxPrOCfo.roa
Signing time: Fri 04 Aug 2023 14:24:57 +0000
ROA not before: Fri 04 Aug 2023 14:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.228.12.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 09:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:ef:f2:ce:81:54:4a:57:d7:54:7f:af:70:7c:55:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Aug 4 14:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3e36f652eef62e013e4ecb4b224cc4face09fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:d0:44:83:5d:41:77:e7:2d:1e:64:e3:9f:
0e:99:3f:30:3d:bb:33:24:99:0e:b8:f1:85:46:98:
b8:4c:5c:5b:f5:93:09:dd:01:f7:dd:b1:2a:82:ef:
42:29:ac:b9:0c:a8:e0:6b:99:86:c0:8b:dc:0d:c0:
b1:cb:34:2b:0a:af:de:37:7e:23:a5:63:db:4b:29:
af:82:22:85:cf:10:52:88:cb:bc:b6:5c:e0:8f:48:
fa:b9:08:ab:b0:42:9d:11:b5:a4:f1:1f:5f:d6:31:
8a:06:a5:c6:7f:5a:30:1c:98:27:1a:8f:8d:09:00:
30:64:d1:f9:40:7f:11:9b:3e:3c:a1:e3:28:93:2c:
f0:11:c7:ce:7c:b3:71:f2:08:5c:88:75:95:12:cf:
ff:1a:1b:9d:a0:71:ab:cf:1f:05:1c:f6:18:04:b0:
a4:7c:55:4d:10:6e:16:6e:09:25:ec:90:f6:cf:8e:
df:32:eb:31:cf:a6:33:ca:a6:06:13:26:ca:ed:04:
63:fe:e8:02:58:fe:9b:91:34:55:55:ea:ad:eb:ce:
25:16:52:4f:fe:16:d0:2e:f0:22:e0:91:3b:d1:8e:
5b:3c:5c:59:b4:d8:12:6c:a9:5b:e8:84:c5:ae:59:
8c:a7:ac:52:9f:2d:02:f4:12:8d:1c:c2:b4:98:69:
e1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3E:36:F6:52:EE:F6:2E:01:3E:4E:CB:4B:22:4C:C4:FA:CE:09:FA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/iz429lLu9i4BPk7LSyJMxPrOCfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
94.154.33.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
b2:57:cc:e9:e0:04:2e:1e:64:b1:c3:1b:66:ad:d4:ce:95:f2:
ee:4e:6d:35:3f:97:7c:2e:fb:95:97:d2:2b:a4:3a:ea:fc:f4:
4f:56:b0:d7:8a:5f:61:bf:45:93:a7:43:f4:67:b6:4e:ef:b6:
58:c5:1a:99:0c:91:a7:95:11:8e:ee:3b:73:89:15:fc:c5:2e:
2e:93:d9:1c:aa:f0:f7:ac:0a:93:bb:56:30:55:e3:34:f5:02:
ec:66:67:76:27:e9:ee:19:3c:90:b1:be:bf:08:d1:9c:9b:e8:
f8:84:d7:46:fa:3a:8b:e9:15:17:ff:f2:46:8a:45:f1:ec:1e:
d6:02:5b:47:24:11:4f:db:5e:a7:6d:f0:a7:80:aa:ce:16:7d:
bf:80:be:b8:25:8f:0a:e8:82:0d:47:2e:36:c9:d2:0a:32:c3:
87:91:97:60:1e:1b:e5:16:1e:5e:b7:4d:78:47:f7:2b:5f:66:
15:60:4e:65:2f:b5:7d:ab:cc:78:ee:62:5e:b6:53:07:4a:15:
1e:62:ea:c5:f3:12:af:25:21:f5:9e:53:20:ad:1b:ac:4f:30:
c9:c9:34:86:99:3f:fe:7f:d2:0f:c1:90:e7:b0:ab:52:8d:e8:
11:b4:86:16:e3:d5:7a:01:ef:8d:23:bc:0f:8d:0f:90:04:ba:
d9:08:f0:95
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnA7/LOgVRKV9dUf69wfFWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwODA0MTQyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNlMzZmNjUyZWVmNjJlMDEzZTRlY2I0YjIyNGNjNGZhY2UwOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsDQRINdQXfnLR5k458OmT8wPbsz
JJkOuPGFRpi4TFxb9ZMJ3QH33bEqgu9CKay5DKjga5mGwIvcDcCxyzQrCq/eN34j
pWPbSymvgiKFzxBSiMu8tlzgj0j6uQirsEKdEbWk8R9f1jGKBqXGf1owHJgnGo+N
CQAwZNH5QH8Rmz48oeMokyzwEcfOfLNx8ghciHWVEs//GhudoHGrzx8FHPYYBLCk
fFVNEG4Wbgkl7JD2z47fMusxz6YzyqYGEybK7QRj/ugCWP6bkTRVVeqt684lFlJP
/hbQLvAi4JE70Y5bPFxZtNgSbKlb6ITFrlmMp6xSny0C9BKNHMK0mGnh1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIs+NvZS7vYuAT5Oy0siTMT6zgn6MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvaXo0MjlsTHU5aTRCUGs3TFN5Sk14UHJPQ2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+QMMAwD
BABemiEDBABemiQwDQYJKoZIhvcNAQELBQADggEBALJXzOngBC4eZLHDG2at1M6V
8u5ObTU/l3wu+5WX0iukOur89E9WsNeKX2G/RZOnQ/Rntk7vtljFGpkMkaeVEY7u
O3OJFfzFLi6T2Ryq8PesCpO7VjBV4zT1AuxmZ3Yn6e4ZPJCxvr8I0Zyb6PiE10b6
OovpFRf/8kaKRfHsHtYCW0ckEU/bXqdt8KeAqs4Wfb+Avrgljwrogg1HLjbJ0goy
w4eRl2AeG+UWHl63TXhH9ytfZhVgTmUvtX2rzHjuYl62UwdKFR5i6sXzEq8lIfWe
UyCtG6xPMMnJNIaZP/5/0g/BkOewq1KN6BG0hhbj1XoB740jvA+ND5AEutkI8JU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org