Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kgXihw-RpcNHpegcJe5X-tfz-HM.roa
File: kgXihw-RpcNHpegcJe5X-tfz-HM.roa (raw, json)
Hash identifier: 2ynPByNTRrmcR2uwkS28/W2Ui5bW0IsqLy0VllOIHKE=
Subject key identifier: 92:05:E2:87:0F:91:A5:C3:47:A5:E8:1C:25:EE:57:FA:D7:F3:F8:73
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018AF1473C8B880072BB0C4E42E287FE6B36
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kgXihw-RpcNHpegcJe5X-tfz-HM.roa
Signing time: Mon 02 Oct 2023 16:44:52 +0000
ROA not before: Mon 02 Oct 2023 16:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:47:3c:8b:88:00:72:bb:0c:4e:42:e2:87:fe:6b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 2 16:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9205e2870f91a5c347a5e81c25ee57fad7f3f873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:14:e3:84:72:81:ed:15:ce:7e:64:cc:39:24:
92:53:c3:42:89:89:25:ea:ca:9d:66:26:aa:ae:3d:
15:4a:37:62:ef:2a:b9:f4:d0:53:19:97:45:d4:0f:
a7:a4:96:5a:25:b1:67:2b:96:2c:4a:07:41:50:7d:
47:e0:f2:2e:c9:c0:51:ef:dc:c5:23:65:6e:2e:d7:
0a:ca:eb:68:41:b3:88:44:e6:a4:70:f4:b4:a7:cf:
19:14:65:36:28:0c:3f:48:91:cd:56:2b:51:ce:53:
2a:24:36:3d:f0:45:5e:c0:ee:d6:cb:41:a6:62:2d:
cf:39:f1:e9:1d:27:ff:10:9d:07:0c:67:77:7e:aa:
db:1c:74:94:f0:9d:d5:a3:2a:13:26:67:ce:73:8d:
5b:27:52:73:b6:81:27:ee:ab:7a:ad:f8:61:9c:d2:
7f:dd:85:62:41:75:c0:d6:87:eb:b4:44:46:1d:a7:
6c:c6:29:fb:6e:6a:a2:14:9e:e6:40:ee:a2:60:5a:
59:2b:62:6e:60:8c:b4:36:7a:39:c9:01:06:f5:47:
70:bc:a5:16:52:8d:45:9a:63:4f:b6:61:2d:63:5a:
9a:ec:68:de:ab:46:21:4c:d8:54:a1:9d:69:09:27:
f2:89:55:0a:2a:62:84:25:e7:5c:77:b6:2e:a7:67:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:05:E2:87:0F:91:A5:C3:47:A5:E8:1C:25:EE:57:FA:D7:F3:F8:73
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/kgXihw-RpcNHpegcJe5X-tfz-HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0-91.228.15.255
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:8f:98:f8:87:4f:08:d4:80:6d:7e:0b:ad:31:b5:46:c4:4c:
88:84:f3:82:ca:d4:56:c0:05:51:7f:0b:d8:4f:68:7b:1c:1c:
4e:b2:75:68:57:a3:97:50:98:eb:91:b4:cc:12:88:06:75:33:
2e:d0:1e:b6:57:f1:3b:7d:6e:d9:a2:84:b4:ec:d5:e1:f5:d9:
5b:24:b9:35:19:19:b8:c8:92:38:25:10:a5:2a:db:de:46:e3:
41:12:3e:9f:d0:ff:98:59:ea:bd:f2:2a:c5:fd:d5:e2:04:cd:
67:ea:23:b9:99:75:4b:ae:b6:27:81:71:cd:5d:d5:d2:56:05:
36:6f:84:89:4a:1f:c5:6c:10:37:0e:a7:4c:5f:79:f2:ab:02:
fe:61:60:ef:bb:ef:62:fe:ba:78:c8:a9:7c:66:cb:44:b4:41:
14:89:bb:b8:8a:01:11:6f:f6:e8:8e:38:8b:35:30:45:1e:f9:
29:1c:ba:d8:8c:67:99:7f:b6:d9:36:e3:20:1b:cc:21:49:62:
0a:2d:35:7d:52:74:e2:46:62:d5:d1:5a:2a:08:29:c1:51:b1:
e2:56:ac:1c:99:75:e1:dd:2a:8e:da:3c:9b:65:b3:f1:a5:22:
0a:db:49:7f:8f:71:c2:91:fa:b5:2c:a6:11:d7:f7:ce:87:86:
3b:af:e1:d3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrxRzyLiAByuwxOQuKH/ms2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDAyMTY0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA1ZTI4NzBmOTFhNWMzNDdhNWU4MWMyNWVlNTdmYWQ3ZjNmODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxTjhHKB7RXOfmTMOSSSU8NCiYkl
6sqdZiaqrj0VSjdi7yq59NBTGZdF1A+npJZaJbFnK5YsSgdBUH1H4PIuycBR79zF
I2VuLtcKyutoQbOIROakcPS0p88ZFGU2KAw/SJHNVitRzlMqJDY98EVewO7Wy0Gm
Yi3POfHpHSf/EJ0HDGd3fqrbHHSU8J3VoyoTJmfOc41bJ1JztoEn7qt6rfhhnNJ/
3YViQXXA1ofrtERGHadsxin7bmqiFJ7mQO6iYFpZK2JuYIy0Nno5yQEG9UdwvKUW
Uo1FmmNPtmEtY1qa7Gjeq0YhTNhUoZ1pCSfyiVUKKmKEJedcd7Yup2ebWQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJIF4ocPkaXDR6XoHCXuV/rX8/hzMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEva2dYaWh3LVJwY05IcGVnY0plNVgtdGZ6LUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABb5A0D
BARb5AADBAJemiADBABemiYwDQYJKoZIhvcNAQELBQADggEBAI6PmPiHTwjUgG1+
C60xtUbETIiE84LK1FbABVF/C9hPaHscHE6ydWhXo5dQmOuRtMwSiAZ1My7QHrZX
8Tt9btmihLTs1eH12VskuTUZGbjIkjglEKUq295G40ESPp/Q/5hZ6r3yKsX91eIE
zWfqI7mZdUuutieBcc1d1dJWBTZvhIlKH8VsEDcOp0xfefKrAv5hYO+772L+unjI
qXxmy0S0QRSJu7iKARFv9uiOOIs1MEUe+SkcutiMZ5l/ttk24yAbzCFJYgotNX1S
dOJGYtXRWioIKcFRseJWrByZdeHdKo7aPJtls/GlIgrbSX+PccKR+rUsphHX986H
hjuv4dM=
-----END CERTIFICATE-----
Generated at Tue Oct 3 10:33:27 2023 by rpki-client on console-ams.rpki-client.org