Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pxIwcwK0StpH2KfFEUoR6Xc9Tbo.roa
File: pxIwcwK0StpH2KfFEUoR6Xc9Tbo.roa (raw, json)
Hash identifier: 1PLZ0+2sVaA5TYzhjh/JrmzIwG2eGzTGdrCz9nqQ5OY=
Subject key identifier: A7:12:30:73:02:B4:4A:DA:47:D8:A7:C5:11:4A:11:E9:77:3D:4D:BA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0185F7E04385D5E7252B1B95288274D1E5A0
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pxIwcwK0StpH2KfFEUoR6Xc9Tbo.roa
Signing time: Sat 28 Jan 2023 10:15:47 +0000
ROA not before: Sat 28 Jan 2023 10:15:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.14.0/23 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:e0:43:85:d5:e7:25:2b:1b:95:28:82:74:d1:e5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 28 10:15:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a712307302b44ada47d8a7c5114a11e9773d4dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:14:c5:ac:14:d5:b5:9c:1e:2e:80:8a:d0:4c:
b4:bf:65:a7:ed:eb:36:42:03:10:e3:41:4a:03:08:
f7:5b:94:2e:02:b2:72:76:63:77:f8:b1:29:85:63:
01:42:b5:e9:d1:db:5a:df:c4:64:9c:51:5e:d5:dc:
be:14:43:71:ae:a8:9d:54:59:0e:4b:d2:0c:f9:d3:
d3:9f:5e:fb:20:94:4b:cf:fe:25:a1:d1:1a:49:a2:
3f:01:20:c0:5f:07:22:31:44:06:52:6b:43:7c:70:
f9:ae:fe:80:7d:e0:27:ec:72:84:6c:9f:37:a4:d9:
db:7e:8d:a8:61:69:65:28:31:b8:3a:e3:e6:d7:e9:
2f:cd:f1:a7:aa:9d:f9:ae:49:69:60:2c:c8:08:76:
34:5b:15:54:b2:da:ac:9d:7d:89:b0:a4:75:1f:d1:
09:85:be:99:94:f0:8d:10:f5:2a:9b:d6:34:81:63:
a8:fb:8a:34:d3:d2:35:51:41:10:a0:4f:4b:33:93:
64:fb:2f:f9:a5:7a:21:4e:b5:ba:ea:a0:91:1c:e7:
9e:b0:56:37:59:ef:27:ab:8b:91:96:ae:5f:a5:ad:
cb:5a:42:51:d4:17:4f:6f:3c:51:72:d6:6e:e2:b0:
0b:90:6c:21:a6:49:00:b9:0b:22:87:26:60:4d:1d:
3e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:12:30:73:02:B4:4A:DA:47:D8:A7:C5:11:4A:11:E9:77:3D:4D:BA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/pxIwcwK0StpH2KfFEUoR6Xc9Tbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.33.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
67:13:26:c0:55:5f:48:db:97:db:20:91:84:dc:4a:88:e4:ce:
ab:b8:10:49:8d:76:d9:9b:70:36:9b:6e:9b:17:89:44:c7:3c:
6d:d8:12:83:f0:d4:d9:93:b9:89:8c:3b:92:0f:75:c3:cc:5b:
41:b6:d3:9c:76:a2:03:61:8f:27:c0:f4:62:ec:5e:36:ad:e4:
fd:3d:86:28:31:a5:85:11:5e:bc:cd:89:ff:0d:16:e9:ee:b1:
49:51:4e:26:1f:6d:99:4a:e6:5c:4f:84:05:fd:98:0a:9a:b1:
d1:65:9e:1b:2f:4c:c9:20:43:ff:05:8f:43:d8:23:47:8f:73:
4d:c7:93:82:03:93:49:16:2c:19:66:eb:6c:a8:84:f7:b3:cf:
73:0d:c9:ab:ee:fc:f2:ad:fd:98:01:ab:f2:c2:f4:29:92:2d:
48:66:b3:de:4b:72:79:71:5e:5d:60:9c:71:aa:91:c2:97:b2:
ab:0c:71:ef:61:6b:1c:c7:77:c3:61:96:59:49:70:17:2a:23:
9e:c5:7a:53:ea:89:92:08:6e:f9:32:f7:6e:a2:f2:5f:84:77:
ef:ff:9c:30:a1:36:20:99:e9:95:02:c8:66:2a:b6:69:c1:c8:
ce:1f:74:70:8a:8d:0f:88:d4:0b:a5:3e:73:73:9c:64:83:57:
4b:0e:4e:1f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYX34EOF1eclKxuVKIJ00eWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwMTI4MTAxNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzEyMzA3MzAyYjQ0YWRhNDdkOGE3YzUxMTRhMTFlOTc3M2Q0ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRTFrBTVtZweLoCK0Ey0v2Wn7es2
QgMQ40FKAwj3W5QuArJydmN3+LEphWMBQrXp0dta38RknFFe1dy+FENxrqidVFkO
S9IM+dPTn177IJRLz/4lodEaSaI/ASDAXwciMUQGUmtDfHD5rv6AfeAn7HKEbJ83
pNnbfo2oYWllKDG4OuPm1+kvzfGnqp35rklpYCzICHY0WxVUstqsnX2JsKR1H9EJ
hb6ZlPCNEPUqm9Y0gWOo+4o009I1UUEQoE9LM5Nk+y/5pXohTrW66qCRHOeesFY3
We8nq4uRlq5fpa3LWkJR1BdPbzxRctZu4rALkGwhpkkAuQsihyZgTR0+XwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKcSMHMCtEraR9inxRFKEel3PU26MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvcHhJd2N3SzBTdHBIMktmRkVVb1I2WGM5VGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBABemiEDBABemiQwDQYJKoZIhvcNAQELBQADggEBAGcTJsBVX0jbl9sg
kYTcSojkzqu4EEmNdtmbcDabbpsXiUTHPG3YEoPw1NmTuYmMO5IPdcPMW0G205x2
ogNhjyfA9GLsXjat5P09higxpYURXrzNif8NFunusUlRTiYfbZlK5lxPhAX9mAqa
sdFlnhsvTMkgQ/8Fj0PYI0ePc03Hk4IDk0kWLBlm62yohPezz3MNyavu/PKt/ZgB
q/LC9CmSLUhms95LcnlxXl1gnHGqkcKXsqsMce9haxzHd8NhlllJcBcqI57FelPq
iZIIbvky926i8l+Ed+//nDChNiCZ6ZUCyGYqtmnByM4fdHCKjQ+I1AulPnNznGSD
V0sOTh8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org