Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sjtKDgHyegmzXRrDNs-dWyn89YU.roa
File: sjtKDgHyegmzXRrDNs-dWyn89YU.roa (raw, json)
Hash identifier: VTiLK4N6pqzZ59VhiXKvztOOWna2EGd1PsOsjg6YW3w=
Subject key identifier: B2:3B:4A:0E:01:F2:7A:09:B3:5D:1A:C3:36:CF:9D:5B:29:FC:F5:85
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018B81C1126DFB27DB7F8FA2520FB3B9D8F2
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sjtKDgHyegmzXRrDNs-dWyn89YU.roa
Signing time: Mon 30 Oct 2023 18:03:15 +0000
ROA not before: Mon 30 Oct 2023 18:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:c1:12:6d:fb:27:db:7f:8f:a2:52:0f:b3:b9:d8:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 30 18:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b23b4a0e01f27a09b35d1ac336cf9d5b29fcf585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cf:51:62:c9:6e:c9:50:5e:2f:02:d2:09:39:
11:41:46:f8:bc:ae:35:c0:54:8c:40:f3:b8:0c:68:
37:ad:f4:e5:22:9b:f3:89:a1:25:d6:94:5c:ef:6b:
18:6b:dc:62:7e:8d:8e:41:51:63:9c:a3:da:53:eb:
b7:ac:ae:23:6a:26:2a:3b:71:22:fa:4c:3e:a5:0b:
68:a3:80:2e:9e:14:7e:be:3a:79:f9:cc:ac:03:f4:
a5:a9:1d:78:7d:de:7a:a4:8d:93:99:66:8c:ab:a1:
9c:3c:1b:03:1a:43:f3:16:27:55:e8:75:9f:88:c4:
f6:75:ba:a6:49:f3:63:6e:c9:81:a5:61:17:30:58:
45:97:0f:a2:d9:ce:b3:61:db:cc:74:a5:1c:3b:5c:
ae:a3:1e:6f:6e:11:89:bb:79:11:02:05:3d:08:c9:
07:f9:fd:f2:d3:e8:c3:7a:6d:8f:70:f2:7e:87:df:
0b:4e:ab:5b:f0:8e:89:37:98:0f:14:0e:cf:cb:b6:
fc:02:eb:f9:36:19:02:53:e9:43:dd:4b:49:c4:92:
b4:5c:7f:63:59:52:e8:f1:81:ad:f1:f7:6b:26:39:
70:a4:b5:13:64:a3:ac:e6:87:e6:47:9a:a2:77:4f:
18:66:fa:55:25:d0:6c:63:35:b3:16:fc:53:e7:2b:
a1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3B:4A:0E:01:F2:7A:09:B3:5D:1A:C3:36:CF:9D:5B:29:FC:F5:85
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sjtKDgHyegmzXRrDNs-dWyn89YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
91.228.15.0/24
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b4:b3:fe:74:3d:38:d0:72:6d:80:c1:8e:ac:65:0c:58:8e:
b9:12:21:19:ad:5f:88:f0:7e:d6:87:f0:47:7c:ad:2b:8c:56:
a1:26:98:25:98:cf:61:6c:8b:16:65:3e:b6:6e:10:e8:31:8c:
cb:d3:61:d5:9f:59:3f:e2:ed:ec:3a:5d:af:25:db:02:df:3f:
2d:cb:35:d1:3f:60:5a:80:a6:2d:18:f4:94:66:65:41:32:b8:
53:09:1c:ac:e8:99:e9:25:60:3d:a0:5e:37:70:20:de:44:64:
05:84:91:85:b0:82:01:01:dd:9c:e0:d2:2b:61:85:59:8c:7d:
60:0c:03:44:96:df:60:7b:f1:44:d8:84:0a:19:9f:94:6f:90:
38:f9:dd:bf:b1:a8:f7:c5:f9:a1:90:92:c3:cc:56:3c:64:1a:
3d:c9:df:fe:47:a3:fc:bb:79:09:46:9c:51:87:3a:64:c8:f9:
74:e1:a5:9c:6d:ba:9a:ef:7c:d4:8b:86:7d:71:75:c7:14:b6:
c7:7d:29:2c:54:ee:73:0b:ac:25:5a:89:42:06:3e:e3:77:5e:
b6:95:4f:67:c9:b3:e4:b1:dd:51:2d:69:a9:bc:64:18:e8:8e:
55:f1:6a:c0:e9:bb:5c:58:5c:07:7f:46:43:04:5a:45:02:80:
7f:6a:f9:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuBwRJt+yfbf4+iUg+zudjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDMwMTgwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjNiNGEwZTAxZjI3YTA5YjM1ZDFhYzMzNmNmOWQ1YjI5ZmNmNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc9RYsluyVBeLwLSCTkRQUb4vK41
wFSMQPO4DGg3rfTlIpvziaEl1pRc72sYa9xifo2OQVFjnKPaU+u3rK4jaiYqO3Ei
+kw+pQtoo4AunhR+vjp5+cysA/SlqR14fd56pI2TmWaMq6GcPBsDGkPzFidV6HWf
iMT2dbqmSfNjbsmBpWEXMFhFlw+i2c6zYdvMdKUcO1yuox5vbhGJu3kRAgU9CMkH
+f3y0+jDem2PcPJ+h98LTqtb8I6JN5gPFA7Py7b8Auv5NhkCU+lD3UtJxJK0XH9j
WVLo8YGt8fdrJjlwpLUTZKOs5ofmR5qid08YZvpVJdBsYzWzFvxT5yuh1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLI7Sg4B8noJs10awzbPnVsp/PWFMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvc2p0S0RnSHllZ216WFJyRE5zLWRXeW44OVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+QNAwQA
W+QPAwQCXpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQC0tLP+dD040HJtgMGO
rGUMWI65EiEZrV+I8H7Wh/BHfK0rjFahJpglmM9hbIsWZT62bhDoMYzL02HVn1k/
4u3sOl2vJdsC3z8tyzXRP2BagKYtGPSUZmVBMrhTCRys6JnpJWA9oF43cCDeRGQF
hJGFsIIBAd2c4NIrYYVZjH1gDANElt9ge/FE2IQKGZ+Ub5A4+d2/saj3xfmhkJLD
zFY8ZBo9yd/+R6P8u3kJRpxRhzpkyPl04aWcbbqa73zUi4Z9cXXHFLbHfSksVO5z
C6wlWolCBj7jd162lU9nybPksd1RLWmpvGQY6I5V8WrA6btcWFwHf0ZDBFpFAoB/
avmK
-----END CERTIFICATE-----
Generated at Fri Nov 3 13:10:47 2023 by rpki-client on console-ams.rpki-client.org