Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pLpbyfetHhltoKO5__-57WBFr4Y.roa
File: pLpbyfetHhltoKO5__-57WBFr4Y.roa (raw, json)
Hash identifier: uMWi2J2V9zdaxgmg3Mh3IuBkIOqkYY54lJc061AFLbM=
Subject key identifier: A4:BA:5B:C9:F7:AD:1E:19:6D:A0:A3:B9:FF:FF:B9:ED:60:45:AF:86
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018B3CA5479FB356A1BA9AAA28537888CEF4
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pLpbyfetHhltoKO5__-57WBFr4Y.roa
Signing time: Tue 17 Oct 2023 07:59:06 +0000
ROA not before: Tue 17 Oct 2023 07:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:a5:47:9f:b3:56:a1:ba:9a:aa:28:53:78:88:ce:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 17 07:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ba5bc9f7ad1e196da0a3b9ffffb9ed6045af86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8b:eb:ea:46:3d:bc:62:0b:2b:1e:75:5b:c7:
d3:32:cb:aa:8d:a8:97:1b:18:32:06:97:da:f7:1c:
e1:e0:5a:e0:8a:cf:82:b1:06:6d:55:19:f4:74:2c:
62:47:04:f2:f7:83:bf:10:17:57:86:48:71:3e:ea:
6b:66:72:71:36:f8:1f:cf:08:3e:12:99:75:ed:5c:
32:2c:9d:c2:c8:fd:f6:f2:41:6a:29:26:2d:84:10:
49:1b:c8:74:a4:c3:ba:77:b0:e8:81:cf:8c:9d:be:
e6:90:01:8f:33:95:db:30:1d:90:a7:d8:b5:e0:c3:
ae:6d:cf:3c:43:df:3a:60:69:4c:1e:a1:23:8a:0d:
1c:8e:d0:9c:3c:c5:e0:20:7e:3e:ed:1f:d3:9c:06:
9f:dd:d2:51:49:8c:0d:04:2d:f3:cd:0e:02:66:fe:
b7:b4:df:45:5a:e1:95:d1:a6:6b:9b:58:8c:68:bf:
94:e0:ea:59:70:46:3f:52:c5:3d:95:23:a2:b5:36:
87:75:80:dc:c0:7f:ee:9b:a3:17:5e:11:07:85:98:
9a:1e:98:f4:b7:1b:c5:d8:6d:ef:2d:91:72:e8:9f:
9d:e3:02:63:a4:e3:c1:57:d4:83:1c:3f:59:c1:aa:
78:c4:cd:a3:11:50:15:e8:3c:76:72:5d:d9:53:d5:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BA:5B:C9:F7:AD:1E:19:6D:A0:A3:B9:FF:FF:B9:ED:60:45:AF:86
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pLpbyfetHhltoKO5__-57WBFr4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
91.228.15.0/24
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
15:f4:2a:51:45:2f:48:17:36:81:d7:c4:7b:cd:92:76:69:79:
06:5c:37:5f:7d:a8:06:5e:49:16:36:75:62:77:81:ca:9a:75:
35:cb:bb:73:66:44:06:15:7e:70:1e:55:01:5a:2e:e6:4a:2f:
23:eb:9c:a4:84:0b:57:38:85:10:a4:d0:85:51:00:d3:d2:1c:
08:cb:66:60:23:f0:31:33:74:11:d2:86:75:b6:55:5a:0d:7b:
ea:1d:6f:ba:0d:b1:f3:1a:50:4b:11:7e:cd:1b:5e:45:1f:fc:
12:f7:22:9e:a1:42:a6:d6:c3:39:67:94:14:3b:dc:58:98:61:
eb:67:05:24:b0:c6:a7:ba:67:7c:23:b6:df:d5:14:6b:0c:6d:
e0:aa:02:fb:e2:6e:29:34:e8:2f:46:1b:1f:51:bb:44:13:cb:
d9:0a:8c:d5:69:c8:2c:f9:54:49:0f:b6:e0:4d:75:0a:11:1f:
6f:a8:64:a3:77:c3:07:ac:71:d0:52:21:88:e7:6d:c4:5d:3c:
ef:31:94:fa:5f:af:28:da:f7:a1:d4:c7:f3:a2:30:b9:b9:87:
ad:8a:28:5b:8e:d6:4e:d2:52:bf:35:3a:7e:10:a7:1e:7e:21:
e4:9b:a2:ed:46:5d:71:3c:ca:00:0b:c3:7b:6e:35:18:c2:40:
ca:5a:8e:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs8pUefs1ahupqqKFN4iM70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDE3MDc1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJhNWJjOWY3YWQxZTE5NmRhMGEzYjlmZmZmYjllZDYwNDVhZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4vr6kY9vGILKx51W8fTMsuqjaiX
GxgyBpfa9xzh4Frgis+CsQZtVRn0dCxiRwTy94O/EBdXhkhxPuprZnJxNvgfzwg+
Epl17VwyLJ3CyP328kFqKSYthBBJG8h0pMO6d7Dogc+Mnb7mkAGPM5XbMB2Qp9i1
4MOubc88Q986YGlMHqEjig0cjtCcPMXgIH4+7R/TnAaf3dJRSYwNBC3zzQ4CZv63
tN9FWuGV0aZrm1iMaL+U4OpZcEY/UsU9lSOitTaHdYDcwH/um6MXXhEHhZiaHpj0
txvF2G3vLZFy6J+d4wJjpOPBV9SDHD9Zwap4xM2jEVAV6Dx2cl3ZU9WPWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKS6W8n3rR4ZbaCjuf//ue1gRa+GMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvcExwYnlmZXRIaGx0b0tPNV9fLTU3V0JGcjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+QNAwQA
W+QPAwQCXpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQAV9CpRRS9IFzaB18R7
zZJ2aXkGXDdffagGXkkWNnVid4HKmnU1y7tzZkQGFX5wHlUBWi7mSi8j65ykhAtX
OIUQpNCFUQDT0hwIy2ZgI/AxM3QR0oZ1tlVaDXvqHW+6DbHzGlBLEX7NG15FH/wS
9yKeoUKm1sM5Z5QUO9xYmGHrZwUksManumd8I7bf1RRrDG3gqgL74m4pNOgvRhsf
UbtEE8vZCozVacgs+VRJD7bgTXUKER9vqGSjd8MHrHHQUiGI523EXTzvMZT6X68o
2veh1MfzojC5uYetiihbjtZO0lK/NTp+EKcefiHkm6LtRl1xPMoAC8N7bjUYwkDK
Wo4V
-----END CERTIFICATE-----
Generated at Wed Oct 18 16:10:28 2023 by rpki-client on console-ams.rpki-client.org