Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/opqujO4Itk876-tFrjRCEJYs4sw.roa
File: opqujO4Itk876-tFrjRCEJYs4sw.roa (raw, json)
Hash identifier: WVEVPAHKwjGekJUC77QJ0Uiw3ND4ZjjPSLpowCHqufM=
Subject key identifier: A2:9A:AE:8C:EE:08:B6:4F:3B:EB:EB:45:AE:34:42:10:96:2C:E2:CC
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018DB2D29672C64697376FCCB9873A8ECE69
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/opqujO4Itk876-tFrjRCEJYs4sw.roa
Signing time: Fri 16 Feb 2024 16:49:21 +0000
ROA not before: Fri 16 Feb 2024 16:49:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 23:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:d2:96:72:c6:46:97:37:6f:cc:b9:87:3a:8e:ce:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 16 16:49:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a29aae8cee08b64f3bebeb45ae344210962ce2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:10:97:72:90:50:89:ca:c1:1b:eb:d9:e2:b3:
24:37:92:22:de:ac:03:64:3c:36:fa:8c:7d:c8:e0:
88:3c:e0:89:5b:b9:c5:68:54:00:c0:02:f3:ed:9d:
a5:2b:89:52:24:17:f6:29:c0:df:e5:09:31:38:66:
ba:8b:57:46:19:fa:76:6c:b9:c1:87:33:57:b7:1b:
c3:b8:98:59:c9:e0:53:89:5c:06:b2:62:0a:06:1e:
39:67:db:45:e3:2a:b0:42:fd:59:fa:8a:0e:4d:56:
2d:1c:aa:15:57:c7:c5:5b:36:c9:cb:1a:40:a9:2b:
4f:61:f7:e2:cd:f4:05:a8:a5:3a:26:12:d6:e5:9b:
d0:0c:31:37:64:2d:4f:a1:b2:72:ac:3e:0e:10:d2:
e7:3b:07:69:42:81:38:9c:f1:95:f5:f5:46:d6:53:
e3:c5:4e:be:53:ab:bc:2e:c4:96:76:5e:9c:10:d9:
b7:37:36:86:99:fc:83:6c:9e:f5:e5:39:78:35:84:
ad:cb:80:e3:64:00:62:e0:e6:7d:1a:4a:9d:c9:d4:
4b:31:ab:9e:8c:95:0c:ad:89:da:9a:9d:bb:c7:c3:
40:33:11:d9:a6:10:53:d4:e7:48:9e:f3:ce:26:0a:
c7:f9:30:2c:77:cb:e5:12:af:17:fc:fc:e1:a0:b1:
80:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9A:AE:8C:EE:08:B6:4F:3B:EB:EB:45:AE:34:42:10:96:2C:E2:CC
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/opqujO4Itk876-tFrjRCEJYs4sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
66:30:05:ce:c2:1a:9b:42:16:66:3c:f7:72:2f:87:0a:15:a1:
eb:70:6a:d5:10:4c:a2:00:49:e2:fc:c9:2c:96:91:98:1f:41:
dd:7f:7a:09:c4:9b:42:6b:a2:21:7b:b3:fd:f8:b7:db:75:76:
43:f5:24:5e:6a:94:51:a6:7b:7f:77:aa:81:62:c2:ec:eb:84:
6a:db:af:ab:d0:f7:27:17:2e:43:29:52:ae:0b:54:7d:00:35:
a0:b5:d0:c9:e2:c0:80:64:65:1e:3d:32:aa:cf:ed:d3:9b:80:
82:39:b9:c7:74:86:93:73:ec:7a:40:4c:4e:93:b2:09:93:85:
c0:ac:37:24:7b:6f:4b:cb:9e:d6:38:a0:e8:b1:8e:0e:2b:4a:
c4:6c:24:2e:36:58:ae:67:40:e5:83:41:86:47:5a:f4:13:c8:
de:68:a6:52:d5:65:29:e9:04:d3:6a:a1:87:f1:21:6f:b6:4a:
d1:d3:31:47:c1:94:4b:c1:5f:b5:c5:05:52:b5:f5:3c:1f:44:
e3:36:70:cf:cd:ea:f6:12:61:07:63:12:38:ea:46:84:1e:85:
29:d3:aa:79:d7:31:64:55:aa:53:60:94:39:fb:7c:61:4c:65:
c1:66:2e:a5:59:20:32:29:87:02:93:21:58:74:fa:6e:9f:0f:
76:9d:69:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2y0pZyxkaXN2/MuYc6js5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMjE2MTY0OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjlhYWU4Y2VlMDhiNjRmM2JlYmViNDVhZTM0NDIxMDk2MmNlMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRCXcpBQicrBG+vZ4rMkN5Ii3qwD
ZDw2+ox9yOCIPOCJW7nFaFQAwALz7Z2lK4lSJBf2KcDf5QkxOGa6i1dGGfp2bLnB
hzNXtxvDuJhZyeBTiVwGsmIKBh45Z9tF4yqwQv1Z+ooOTVYtHKoVV8fFWzbJyxpA
qStPYffizfQFqKU6JhLW5ZvQDDE3ZC1PobJyrD4OENLnOwdpQoE4nPGV9fVG1lPj
xU6+U6u8LsSWdl6cENm3NzaGmfyDbJ715Tl4NYSty4DjZABi4OZ9GkqdydRLMaue
jJUMrYnamp27x8NAMxHZphBT1OdInvPOJgrH+TAsd8vlEq8X/PzhoLGAYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKKarozuCLZPO+vrRa40QhCWLOLMMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvb3BxdWpPNEl0azg3Ni10RnJqUkNFSllzNHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+QOAwQA
XpoiAwQBXpokMA0GCSqGSIb3DQEBCwUAA4IBAQBmMAXOwhqbQhZmPPdyL4cKFaHr
cGrVEEyiAEni/MkslpGYH0Hdf3oJxJtCa6Ihe7P9+LfbdXZD9SReapRRpnt/d6qB
YsLs64Rq26+r0PcnFy5DKVKuC1R9ADWgtdDJ4sCAZGUePTKqz+3Tm4CCObnHdIaT
c+x6QExOk7IJk4XArDcke29Ly57WOKDosY4OK0rEbCQuNliuZ0Dlg0GGR1r0E8je
aKZS1WUp6QTTaqGH8SFvtkrR0zFHwZRLwV+1xQVStfU8H0TjNnDPzer2EmEHYxI4
6kaEHoUp06p51zFkVapTYJQ5+3xhTGXBZi6lWSAyKYcCkyFYdPpunw92nWky
-----END CERTIFICATE-----
Generated at Sat Feb 17 00:15:50 2024 by rpki-client on console-ams.rpki-client.org