Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/qS5lwtZ8acRqsGvd539-6YZMOPo.roa
File: qS5lwtZ8acRqsGvd539-6YZMOPo.roa (raw, json)
Hash identifier: MuVMutQdEFN/WmVywodFMwoxKVuIvRlXxZ7MOnX4yw4=
Subject key identifier: A9:2E:65:C2:D6:7C:69:C4:6A:B0:6B:DD:E7:7F:7E:E9:86:4C:38:FA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018AE1D9C4DE681E795AF06F4E110D2D2F65
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/qS5lwtZ8acRqsGvd539-6YZMOPo.roa
Signing time: Fri 29 Sep 2023 16:50:59 +0000
ROA not before: Fri 29 Sep 2023 16:50:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47757
IP address blocks: 91.228.12.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:d9:c4:de:68:1e:79:5a:f0:6f:4e:11:0d:2d:2f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 29 16:50:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a92e65c2d67c69c46ab06bdde77f7ee9864c38fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ae:c5:ae:94:72:69:1f:30:f4:e3:0a:a1:5a:
6a:6b:cc:52:f7:48:bf:2c:82:3c:ae:85:9f:a8:9f:
46:af:81:c4:b7:7b:e8:af:44:ef:3b:9a:2e:a0:9c:
79:63:da:a6:c5:2d:59:77:bf:1d:cc:e1:3c:77:03:
19:7b:9a:05:f8:14:ac:67:96:fa:43:87:84:be:57:
d9:99:28:57:9e:01:86:7d:f2:b8:6e:ed:21:01:dd:
23:b2:24:fa:d2:61:a4:0d:23:8b:96:27:5b:3e:63:
15:38:2a:77:3a:fb:29:0b:d9:15:cf:c6:45:14:12:
2f:bb:69:11:6c:2d:3f:18:e4:a7:4c:de:71:ad:29:
98:d6:71:38:e0:47:cf:82:3b:db:21:67:98:dc:bf:
0f:d2:3c:02:4b:86:a0:b6:dd:8e:79:f7:b1:c9:bf:
47:ba:6e:2f:4f:51:ed:08:15:24:ce:39:01:a4:03:
51:ba:d7:3b:88:77:a4:3e:14:db:86:e0:bc:51:0b:
34:63:d0:09:25:f5:b5:a5:04:7c:48:18:d1:5b:5d:
dc:ca:41:df:64:54:55:47:95:18:0f:8b:86:ed:e1:
e2:98:1a:7b:cb:d0:30:9c:90:79:6f:67:e2:bc:fc:
c2:1f:7d:4c:62:fe:95:70:46:e9:0f:52:36:d2:7f:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2E:65:C2:D6:7C:69:C4:6A:B0:6B:DD:E7:7F:7E:E9:86:4C:38:FA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/qS5lwtZ8acRqsGvd539-6YZMOPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
94.154.34.0/24
Signature Algorithm: sha256WithRSAEncryption
59:3e:81:b0:81:b2:f9:e0:48:54:43:60:1e:96:a5:14:ae:d7:
bf:59:f4:e3:c7:b7:24:53:09:b1:66:4e:3e:7f:40:c3:86:32:
c6:1e:ec:7d:12:8b:27:8e:20:30:32:ad:82:61:82:d2:04:0f:
6e:c4:bd:ba:a6:e1:b6:19:c2:48:0b:4a:4e:1d:4a:db:2e:b9:
9b:10:e3:eb:26:95:17:ea:12:f2:31:90:0e:8f:0d:dc:20:94:
ce:60:13:d3:3f:c6:02:20:f0:51:7d:b7:2f:a2:04:e6:9b:26:
67:69:b8:65:c0:2a:27:1e:84:37:53:34:d8:ce:ca:39:5c:d5:
17:25:8e:e7:7f:c6:89:33:8d:e2:54:7b:96:2b:1f:79:3d:1a:
db:8a:36:cc:35:bc:a3:54:14:19:4e:20:c6:b2:e3:56:5e:67:
ac:f7:0d:7a:c6:3a:92:0e:f3:36:bb:c6:67:b4:b2:fb:be:0c:
fb:22:58:c7:24:30:bf:bc:6c:2c:71:b5:0f:e1:58:ce:cb:8d:
24:e3:6c:3d:51:bb:0c:fe:18:17:3b:1e:df:c6:b7:e3:32:5e:
67:2b:57:63:c2:a4:0c:f9:38:bf:39:c0:1a:17:34:f0:38:c4:
b1:bf:3a:5a:d0:ee:7b:fd:e6:ac:59:de:92:81:f7:10:34:bb:
b4:e3:53:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrh2cTeaB55WvBvThENLS9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTI5MTY1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJlNjVjMmQ2N2M2OWM0NmFiMDZiZGRlNzdmN2VlOTg2NGMzOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq7FrpRyaR8w9OMKoVpqa8xS90i/
LII8roWfqJ9Gr4HEt3vor0TvO5ouoJx5Y9qmxS1Zd78dzOE8dwMZe5oF+BSsZ5b6
Q4eEvlfZmShXngGGffK4bu0hAd0jsiT60mGkDSOLlidbPmMVOCp3OvspC9kVz8ZF
FBIvu2kRbC0/GOSnTN5xrSmY1nE44EfPgjvbIWeY3L8P0jwCS4agtt2Oefexyb9H
um4vT1HtCBUkzjkBpANRutc7iHekPhTbhuC8UQs0Y9AJJfW1pQR8SBjRW13cykHf
ZFRVR5UYD4uG7eHimBp7y9AwnJB5b2fivPzCH31MYv6VcEbpD1I20n/rPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKkuZcLWfGnEarBr3ed/fumGTDj6MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvcVM1bHd0WjhhY1Jxc0d2ZDUzOS02WVpNT1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QMAwQA
XpoiMA0GCSqGSIb3DQEBCwUAA4IBAQBZPoGwgbL54EhUQ2AelqUUrte/WfTjx7ck
UwmxZk4+f0DDhjLGHux9EosnjiAwMq2CYYLSBA9uxL26puG2GcJIC0pOHUrbLrmb
EOPrJpUX6hLyMZAOjw3cIJTOYBPTP8YCIPBRfbcvogTmmyZnabhlwConHoQ3UzTY
zso5XNUXJY7nf8aJM43iVHuWKx95PRrbijbMNbyjVBQZTiDGsuNWXmes9w16xjqS
DvM2u8ZntLL7vgz7IljHJDC/vGwscbUP4VjOy40k42w9UbsM/hgXOx7fxrfjMl5n
K1djwqQM+Ti/OcAaFzTwOMSxvzpa0O57/easWd6SgfcQNLu041Ml
-----END CERTIFICATE-----
Generated at Tue Oct 3 10:33:27 2023 by rpki-client on console-ams.rpki-client.org