Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kN8k6oj3NkHS87pQj0iIsWcJAQo.roa
File: kN8k6oj3NkHS87pQj0iIsWcJAQo.roa (raw, json)
Hash identifier: PU4C0w8yxKe8645uh3p8YOniqOTmBUWDAq10OpUubag=
Subject key identifier: 90:DF:24:EA:88:F7:36:41:D2:F3:BA:50:8F:48:88:B1:67:09:01:0A
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018DA7F8E0673CE21B28FC78D8DE8D4AF903
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kN8k6oj3NkHS87pQj0iIsWcJAQo.roa
Signing time: Wed 14 Feb 2024 14:15:21 +0000
ROA not before: Wed 14 Feb 2024 14:15:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 09:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:f8:e0:67:3c:e2:1b:28:fc:78:d8:de:8d:4a:f9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 14 14:15:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90df24ea88f73641d2f3ba508f4888b16709010a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fb:85:8e:bf:e9:4e:e0:ed:5b:74:f1:18:1a:
51:9b:9c:a4:98:2a:d4:22:32:cc:58:5a:d7:4f:65:
92:1a:29:60:32:7d:c9:22:b1:2c:f7:c5:8e:82:6d:
64:f4:d8:f2:86:70:de:67:32:fc:5f:68:1f:9c:03:
59:cc:4d:75:90:7b:96:52:9b:2c:e3:f7:66:86:4c:
f4:29:4a:13:6c:cc:06:35:f3:b8:f4:78:a8:91:8b:
da:56:21:9d:fe:cf:24:56:32:4c:24:e9:63:4d:10:
37:d3:ad:a9:02:da:be:b5:d2:73:ff:14:d5:a0:28:
f0:2c:82:6a:62:60:bc:f6:cf:e8:83:11:07:24:23:
40:a7:c4:24:22:a3:ab:00:40:01:26:fd:98:e1:d1:
13:23:91:1e:31:f2:24:0e:65:a2:ae:40:0a:fc:2c:
2c:cc:6a:7e:0e:2e:00:e9:ad:a2:06:81:df:24:ac:
80:e3:bb:e1:91:65:12:cd:29:e7:aa:27:c4:8d:fc:
84:1c:5d:84:08:91:6a:0d:5b:22:a0:8c:d3:bb:75:
20:3f:09:c4:c7:db:b0:82:1a:9b:c3:01:63:22:2f:
e3:0c:c1:c4:4a:e3:74:5a:99:b1:01:7f:e2:0a:bc:
35:d0:33:3e:7f:53:95:a4:ba:28:0d:b4:47:43:41:
f7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DF:24:EA:88:F7:36:41:D2:F3:BA:50:8F:48:88:B1:67:09:01:0A
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kN8k6oj3NkHS87pQj0iIsWcJAQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
4a:ff:93:4c:10:14:6b:01:08:0f:94:fc:83:db:62:0a:0d:f8:
2b:05:52:a0:4c:b9:eb:d6:33:4b:68:be:10:e0:87:52:9a:3b:
ed:1d:95:8c:af:69:93:cf:2b:64:80:8f:b7:fa:ac:25:d8:48:
1e:20:9a:2b:1b:56:69:01:dd:be:84:fb:3f:9b:46:d6:74:e4:
76:52:49:6c:6e:13:ef:fe:f7:06:79:f4:6a:99:1a:be:99:39:
b4:9b:de:e5:e4:e1:af:af:fa:32:7a:43:18:d1:89:00:5c:08:
70:16:ad:7d:00:4b:56:7d:ff:dd:a1:12:b1:78:e6:52:62:8e:
0c:75:a8:5e:1e:5f:c5:06:68:d6:aa:b4:e0:1e:84:f7:3f:77:
ca:15:a1:2d:b8:d0:49:d9:49:fb:5c:73:52:87:04:20:6d:28:
f0:0f:60:22:7a:97:4e:26:e8:48:4f:9e:5d:0b:ad:fc:87:b8:
f5:5d:63:16:ad:ec:5c:53:ce:cb:2e:e4:12:52:84:c1:ec:52:
d6:4f:03:ec:b8:b7:52:ab:67:c9:75:ef:7d:46:f1:18:ee:2b:
29:c2:d7:b0:9d:4d:f3:1a:a8:08:9a:9a:0d:c9:45:a0:a2:09:
b3:2b:85:67:83:d5:e5:52:17:ae:1d:83:be:d7:6c:b1:c9:45:
3b:8f:5a:b5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2n+OBnPOIbKPx42N6NSvkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMjE0MTQxNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGRmMjRlYTg4ZjczNjQxZDJmM2JhNTA4ZjQ4ODhiMTY3MDkwMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvuFjr/pTuDtW3TxGBpRm5ykmCrU
IjLMWFrXT2WSGilgMn3JIrEs98WOgm1k9NjyhnDeZzL8X2gfnANZzE11kHuWUpss
4/dmhkz0KUoTbMwGNfO49HiokYvaViGd/s8kVjJMJOljTRA3062pAtq+tdJz/xTV
oCjwLIJqYmC89s/ogxEHJCNAp8QkIqOrAEABJv2Y4dETI5EeMfIkDmWirkAK/Cws
zGp+Di4A6a2iBoHfJKyA47vhkWUSzSnnqifEjfyEHF2ECJFqDVsioIzTu3UgPwnE
x9uwghqbwwFjIi/jDMHESuN0WpmxAX/iCrw10DM+f1OVpLooDbRHQ0H3NwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJDfJOqI9zZB0vO6UI9IiLFnCQEKMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEva044azZvajNOa0hTODdwUWowaUlzV2NKQVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW+QMMAwD
BAVemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAEr/k0wQFGsBCA+U/IPbYgoN
+CsFUqBMuevWM0tovhDgh1KaO+0dlYyvaZPPK2SAj7f6rCXYSB4gmisbVmkB3b6E
+z+bRtZ05HZSSWxuE+/+9wZ59GqZGr6ZObSb3uXk4a+v+jJ6QxjRiQBcCHAWrX0A
S1Z9/92hErF45lJijgx1qF4eX8UGaNaqtOAehPc/d8oVoS240EnZSftcc1KHBCBt
KPAPYCJ6l04m6EhPnl0LrfyHuPVdYxat7FxTzssu5BJShMHsUtZPA+y4t1KrZ8l1
731G8RjuKynC17CdTfMaqAiamg3JRaCiCbMrhWeD1eVSF64dg77XbLHJRTuPWrU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org