Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lHjIgFtPDWPDFSjrSlj88WXStRQ.roa
File: lHjIgFtPDWPDFSjrSlj88WXStRQ.roa (raw, json)
Hash identifier: XNmfmf3fpyE/Mza1M8UMhdtwsf+t4sgdnim7hesc3fw=
Subject key identifier: 94:78:C8:80:5B:4F:0D:63:C3:15:28:EB:4A:58:FC:F1:65:D2:B5:14
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019077947D94741F80F2CD03679EBA5F3A71
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lHjIgFtPDWPDFSjrSlj88WXStRQ.roa
Signing time: Wed 03 Jul 2024 07:52:18 +0000
ROA not before: Wed 03 Jul 2024 07:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:94:7d:94:74:1f:80:f2:cd:03:67:9e:ba:5f:3a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jul 3 07:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9478c8805b4f0d63c31528eb4a58fcf165d2b514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0e:c2:8d:56:c3:c7:02:9a:6f:70:86:f6:0c:
e0:d9:0a:d3:4f:b5:1b:60:7b:15:09:9c:8f:6f:62:
40:e9:d0:89:ba:00:d1:70:58:ce:0f:78:ca:50:9d:
a6:d7:09:49:c1:1b:e7:01:bd:9b:00:d2:29:83:59:
32:dd:3a:91:e0:f1:24:94:e1:f1:4f:a3:8b:48:e0:
4a:40:9d:5f:a9:df:36:4d:09:53:91:91:a8:90:04:
36:65:c5:7d:8c:45:7a:89:3a:7c:25:15:0e:c3:6c:
6d:c1:a0:b4:19:70:5e:65:93:2e:76:1b:5e:98:e1:
56:97:13:1c:1a:03:d2:c6:46:cb:9f:35:22:ce:b2:
4d:6c:52:aa:8f:cc:26:71:6f:53:de:74:a8:59:8d:
57:c7:d9:f9:5d:ac:24:2b:e2:ea:9c:3b:47:60:8c:
c4:2e:7b:c6:7a:c4:8b:8a:53:e7:6b:43:ef:38:48:
f1:df:bb:ac:a0:2d:f9:5b:53:be:2b:bc:6d:2f:14:
9d:af:e7:da:1d:72:24:b9:0f:35:06:d2:e5:fa:ed:
a0:e1:ad:32:4a:be:2d:68:2a:b4:e4:e9:65:e7:1e:
88:78:2d:d0:1d:b4:75:6b:ed:11:3f:b7:2e:84:d7:
93:9f:f3:06:00:37:6c:2b:38:82:62:e7:c2:1b:b9:
5f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:C8:80:5B:4F:0D:63:C3:15:28:EB:4A:58:FC:F1:65:D2:B5:14
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lHjIgFtPDWPDFSjrSlj88WXStRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/23
91.228.15.0/24
94.154.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e5:cf:01:c0:ac:e1:e2:72:de:45:ba:c1:ff:a2:df:25:81:
0c:96:01:6b:7e:f2:59:62:22:4b:e2:9f:6b:e7:26:44:42:d6:
54:fe:82:31:5c:f2:4e:50:f0:fb:b0:82:e6:a6:e8:5d:4b:32:
7d:23:e5:df:97:e8:3d:38:82:f7:ab:80:fd:5c:d1:09:6a:b1:
1b:e0:27:3d:5b:51:86:18:f7:99:c5:0a:4e:77:e5:6a:5e:9b:
da:45:37:ad:3c:28:aa:9f:ce:14:3d:dd:5f:9b:16:9f:cb:99:
f1:bd:ad:45:a7:0e:f1:43:4e:ad:a6:9c:2f:d4:85:dc:6e:77:
7e:4d:5c:22:71:9a:96:d7:eb:e0:9c:b7:e2:3d:92:c3:52:ad:
40:a2:71:08:bf:e5:e4:14:76:24:ee:78:67:a0:07:0e:e3:98:
5e:d0:7e:7c:3f:7a:43:1f:88:f4:ab:4f:39:3f:9d:e7:b9:f5:
bf:9c:76:37:17:0a:bd:36:12:5b:20:ac:01:a9:2e:f0:68:7f:
2a:2e:ee:d1:00:fa:fe:ce:b9:dd:bc:2d:9c:3e:ee:fc:af:ed:
74:10:d3:4c:d1:19:50:ac:86:91:69:b9:a8:ec:aa:43:8b:24:
dd:7d:48:04:43:79:1b:17:5c:17:ca:0a:bb:62:db:66:25:f0:
1e:46:9a:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB3lH2UdB+A8s0DZ566XzpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNzAzMDc1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc4Yzg4MDViNGYwZDYzYzMxNTI4ZWI0YTU4ZmNmMTY1ZDJiNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA7CjVbDxwKab3CG9gzg2QrTT7Ub
YHsVCZyPb2JA6dCJugDRcFjOD3jKUJ2m1wlJwRvnAb2bANIpg1ky3TqR4PEklOHx
T6OLSOBKQJ1fqd82TQlTkZGokAQ2ZcV9jEV6iTp8JRUOw2xtwaC0GXBeZZMudhte
mOFWlxMcGgPSxkbLnzUizrJNbFKqj8wmcW9T3nSoWY1Xx9n5XawkK+LqnDtHYIzE
LnvGesSLilPna0PvOEjx37usoC35W1O+K7xtLxSdr+faHXIkuQ81BtLl+u2g4a0y
Sr4taCq05Oll5x6IeC3QHbR1a+0RP7cuhNeTn/MGADdsKziCYufCG7lf8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJR4yIBbTw1jwxUo60pY/PFl0rUUMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvbEhqSWdGdFBEV1BERlNqclNsajg4V1hTdFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+QMAwQA
W+QPAwQAXpogMA0GCSqGSIb3DQEBCwUAA4IBAQCN5c8BwKzh4nLeRbrB/6LfJYEM
lgFrfvJZYiJL4p9r5yZEQtZU/oIxXPJOUPD7sILmpuhdSzJ9I+Xfl+g9OIL3q4D9
XNEJarEb4Cc9W1GGGPeZxQpOd+VqXpvaRTetPCiqn84UPd1fmxafy5nxva1Fpw7x
Q06tppwv1IXcbnd+TVwicZqW1+vgnLfiPZLDUq1AonEIv+XkFHYk7nhnoAcO45he
0H58P3pDH4j0q085P53nufW/nHY3Fwq9NhJbIKwBqS7waH8qLu7RAPr+zrndvC2c
Pu78r+10ENNM0RlQrIaRabmo7KpDiyTdfUgEQ3kbF1wXygq7YttmJfAeRpo0
-----END CERTIFICATE-----
Generated at Fri Jul 5 13:08:45 2024 by rpki-client on console-fra.rpki-client.org