Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kUqMRSlDfveMT9ohq3IqXK3PGWI.roa
File: kUqMRSlDfveMT9ohq3IqXK3PGWI.roa (raw, json)
Hash identifier: JMqhaS2lnHyoKWIFiAtITzJenraKZiwwNDap5sEiJ9Q=
Subject key identifier: 91:4A:8C:45:29:43:7E:F7:8C:4F:DA:21:AB:72:2A:5C:AD:CF:19:62
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01907DDDFCDD1091BB116B8E4C391469FA53
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kUqMRSlDfveMT9ohq3IqXK3PGWI.roa
Signing time: Thu 04 Jul 2024 13:10:18 +0000
ROA not before: Thu 04 Jul 2024 13:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:dd:fc:dd:10:91:bb:11:6b:8e:4c:39:14:69:fa:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jul 4 13:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=914a8c4529437ef78c4fda21ab722a5cadcf1962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ca:92:da:2a:1a:46:3f:04:9e:f3:23:57:9d:
e7:ff:01:37:c0:eb:a5:1a:ab:ea:47:fe:87:16:ae:
b1:03:63:83:b5:b6:05:16:1b:87:e1:83:37:6e:54:
c0:43:e1:0e:b2:45:aa:6c:88:b9:64:6f:90:53:40:
6b:66:44:43:67:61:0d:10:c3:23:64:06:f7:de:15:
f3:ed:c0:46:0f:7b:5c:37:5d:17:8a:4c:36:46:8a:
c4:4e:a0:11:32:5d:46:4a:ac:e3:bf:d0:4b:f5:ce:
b8:97:07:51:b4:85:7c:9c:50:10:68:52:4a:e1:32:
bd:3b:f9:d1:8f:9f:97:b3:04:b0:da:30:89:6b:d3:
3d:3a:e2:d2:a7:62:05:02:a7:36:e3:47:50:25:bc:
3b:7b:66:c9:cd:34:1c:55:60:3a:0d:76:d6:89:4e:
93:0e:46:73:5f:06:54:45:09:20:0e:76:78:f6:43:
c9:94:12:6e:4a:e4:1d:a7:f5:ca:2f:28:9d:e0:14:
83:ef:c6:fe:1d:b1:9b:d7:c7:4a:1c:5f:66:ea:f6:
be:11:82:cf:25:d9:9f:a9:fb:8b:cf:ff:66:a1:4a:
1a:b4:f8:a6:db:ba:17:a0:64:96:6b:3d:00:ca:ce:
ae:45:63:32:61:6f:e4:d1:fe:d0:68:d6:ab:51:d1:
d7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4A:8C:45:29:43:7E:F7:8C:4F:DA:21:AB:72:2A:5C:AD:CF:19:62
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kUqMRSlDfveMT9ohq3IqXK3PGWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.34.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:3f:6d:87:67:50:4d:74:87:ef:fc:57:7f:d8:cf:12:96:7a:
1d:fa:cf:9f:cc:e0:51:37:a8:af:89:b8:e4:2c:7e:d9:02:59:
b5:01:35:e4:86:fd:c9:fb:0f:88:cf:20:48:fc:60:62:7e:31:
3b:0b:c7:a5:2f:2c:0a:e4:5b:27:9c:26:a1:59:56:7b:ec:86:
cd:d5:a4:93:cf:0f:63:84:5a:12:c9:ae:d1:ff:e8:1a:e0:87:
af:94:86:d5:13:5b:74:4b:22:a8:85:fa:dd:50:60:42:66:d3:
f0:16:70:4c:51:b4:3a:a3:f8:45:b0:99:cf:46:f7:9a:07:89:
aa:21:b7:9b:0b:83:48:64:0b:dd:62:02:f4:20:3d:12:33:10:
6d:62:ef:52:33:13:f3:55:df:ff:7d:5d:ce:01:ba:d2:b5:a0:
04:d7:49:7a:54:62:f0:80:10:a0:58:8a:84:eb:6f:fa:9c:22:
88:4d:49:51:20:81:6b:5c:60:ba:90:de:76:54:68:57:93:10:
10:fe:ce:95:5b:41:47:11:51:aa:e8:4a:72:d6:8a:95:4d:bd:
f9:9a:1f:8b:00:3b:64:b9:05:8d:ff:f1:74:0b:55:39:9a:8f:
22:8c:85:97:8c:e7:d4:e9:e5:5b:17:15:63:e2:f6:e0:b7:61:
37:d8:42:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB93fzdEJG7EWuOTDkUafpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNzA0MTMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRhOGM0NTI5NDM3ZWY3OGM0ZmRhMjFhYjcyMmE1Y2FkY2YxOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sqS2ioaRj8EnvMjV53n/wE3wOul
GqvqR/6HFq6xA2ODtbYFFhuH4YM3blTAQ+EOskWqbIi5ZG+QU0BrZkRDZ2ENEMMj
ZAb33hXz7cBGD3tcN10Xikw2RorETqARMl1GSqzjv9BL9c64lwdRtIV8nFAQaFJK
4TK9O/nRj5+XswSw2jCJa9M9OuLSp2IFAqc240dQJbw7e2bJzTQcVWA6DXbWiU6T
DkZzXwZURQkgDnZ49kPJlBJuSuQdp/XKLyid4BSD78b+HbGb18dKHF9m6va+EYLP
JdmfqfuLz/9moUoatPim27oXoGSWaz0Ays6uRWMyYW/k0f7QaNarUdHX9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJFKjEUpQ373jE/aIatyKlytzxliMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEva1VxTVJTbERmdmVNVDlvaHEzSXFYSzNQR1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QOAwQA
XpoiAwQAXpokMA0GCSqGSIb3DQEBCwUAA4IBAQCxP22HZ1BNdIfv/Fd/2M8Slnod
+s+fzOBRN6ivibjkLH7ZAlm1ATXkhv3J+w+IzyBI/GBifjE7C8elLywK5FsnnCah
WVZ77IbN1aSTzw9jhFoSya7R/+ga4IevlIbVE1t0SyKohfrdUGBCZtPwFnBMUbQ6
o/hFsJnPRveaB4mqIbebC4NIZAvdYgL0ID0SMxBtYu9SMxPzVd//fV3OAbrStaAE
10l6VGLwgBCgWIqE62/6nCKITUlRIIFrXGC6kN52VGhXkxAQ/s6VW0FHEVGq6Epy
1oqVTb35mh+LADtkuQWN//F0C1U5mo8ijIWXjOfU6eVbFxVj4vbgt2E32EJM
-----END CERTIFICATE-----
Generated at Fri Jul 5 13:08:45 2024 by rpki-client on console-fra.rpki-client.org