Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/tOhisovKbvnKSd_Na3959HXKkac.roa
File: tOhisovKbvnKSd_Na3959HXKkac.roa (raw, json)
Hash identifier: 3HscSLSM6esqpPhJ/JN+dCgTFjjiXe+8t1vwz5yhOJs=
Subject key identifier: B4:E8:62:B2:8B:CA:6E:F9:CA:49:DF:CD:6B:7F:79:F4:75:CA:91:A7
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018A6FB41078CD519E2BFD6ACF75BBF4E52F
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/tOhisovKbvnKSd_Na3959HXKkac.roa
Signing time: Thu 07 Sep 2023 12:53:06 +0000
ROA not before: Thu 07 Sep 2023 12:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:b4:10:78:cd:51:9e:2b:fd:6a:cf:75:bb:f4:e5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Sep 7 12:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e862b28bca6ef9ca49dfcd6b7f79f475ca91a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:72:96:ed:dc:63:f9:7c:d6:50:c8:d5:c2:e0:
7c:ec:0b:75:53:e3:b1:ef:4a:de:01:83:81:55:f8:
1c:0b:c8:51:b2:85:56:80:60:72:0a:e9:0b:8b:ab:
7e:89:78:66:57:df:c4:b3:5b:06:ac:ba:fa:bf:af:
20:a2:9b:bf:4d:80:3b:50:4a:f5:8d:e4:13:1f:27:
85:35:dc:08:2c:e5:66:7b:5e:b0:af:2a:35:99:bd:
b5:1a:22:2c:87:6c:9f:c9:a2:45:79:d9:56:86:d1:
b6:1c:ec:c9:7b:3a:9f:b0:76:69:80:81:1c:f1:24:
85:fe:1d:44:41:96:d9:ff:ea:d0:2c:6f:5e:eb:ca:
b4:0e:16:8f:ad:ae:5a:b0:21:7e:07:69:b8:1e:37:
90:37:8b:fb:03:57:5f:e3:1c:3f:d9:2a:72:2f:26:
01:9f:a2:2e:78:bf:77:0f:3a:5e:f7:d2:96:63:59:
d6:37:cd:d4:4e:df:ea:75:c7:60:ac:e3:ff:1d:c3:
be:5d:3e:4d:8d:b6:bd:97:85:d3:d8:33:81:c5:ea:
d5:ec:0b:90:e0:ad:02:9f:71:f3:48:63:49:45:7a:
d1:82:91:d4:71:a2:a3:8a:4b:65:26:d9:aa:66:de:
8f:2b:c8:7e:25:61:97:87:13:7b:d6:55:17:b4:96:
bf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E8:62:B2:8B:CA:6E:F9:CA:49:DF:CD:6B:7F:79:F4:75:CA:91:A7
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/tOhisovKbvnKSd_Na3959HXKkac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
01:dc:ce:b8:04:78:1c:b1:d1:11:ab:f7:8b:fe:92:cb:df:e7:
b6:e8:f1:d2:cf:21:2e:28:54:97:e4:f2:bd:c5:08:ed:43:2c:
11:71:9c:cf:54:85:59:5e:b7:c1:ba:15:b0:2e:68:de:18:7f:
35:3a:e2:64:e3:07:d9:4e:ad:3c:91:93:0e:6c:93:3b:7d:58:
52:0e:67:3c:d0:2f:55:ab:8b:a1:83:b9:e1:34:2c:1c:25:c2:
ce:16:c5:80:2b:b8:e4:87:19:ea:a1:34:8f:c9:e0:99:ef:c7:
c4:63:68:f8:80:a1:b8:24:77:c0:de:3a:e6:e0:6c:51:b2:b9:
ed:92:71:08:a2:ad:58:a1:ae:d8:49:e1:34:03:06:0d:1e:46:
7d:49:ab:9d:ae:cc:8f:e9:b1:a1:09:43:c3:eb:53:bb:ee:d0:
37:0b:31:f4:e0:21:e2:37:b4:30:0b:c2:50:a2:5e:f9:21:da:
c6:d2:70:91:e2:86:0a:45:b1:1f:9d:9f:77:0e:26:9d:8b:4e:
76:bd:57:e3:fc:83:ce:f4:8e:4d:54:ff:9c:fe:b2:5f:1a:fb:
47:e3:76:f5:e0:5d:44:bb:4c:0b:84:93:9f:10:ee:19:f7:ea:
78:e7:c9:87:54:e6:7d:92:2d:84:5c:31:b6:72:a0:39:6d:54:
7b:0a:24:0d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpvtBB4zVGeK/1qz3W79OUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTA3MTI1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU4NjJiMjhiY2E2ZWY5Y2E0OWRmY2Q2YjdmNzlmNDc1Y2E5MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHKW7dxj+XzWUMjVwuB87At1U+Ox
70reAYOBVfgcC8hRsoVWgGByCukLi6t+iXhmV9/Es1sGrLr6v68gopu/TYA7UEr1
jeQTHyeFNdwILOVme16wryo1mb21GiIsh2yfyaJFedlWhtG2HOzJezqfsHZpgIEc
8SSF/h1EQZbZ/+rQLG9e68q0DhaPra5asCF+B2m4HjeQN4v7A1df4xw/2SpyLyYB
n6IueL93Dzpe99KWY1nWN83UTt/qdcdgrOP/HcO+XT5Njba9l4XT2DOBxerV7AuQ
4K0Cn3HzSGNJRXrRgpHUcaKjiktlJtmqZt6PK8h+JWGXhxN71lUXtJa/AQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLToYrKLym75yknfzWt/efR1ypGnMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvdE9oaXNvdktidm5LU2RfTmEzOTU5SFhLa2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW+QMMAwD
BAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBAAHczrgEeByx0RGr
94v+ksvf57bo8dLPIS4oVJfk8r3FCO1DLBFxnM9UhVlet8G6FbAuaN4YfzU64mTj
B9lOrTyRkw5skzt9WFIOZzzQL1Wri6GDueE0LBwlws4WxYAruOSHGeqhNI/J4Jnv
x8RjaPiAobgkd8DeOubgbFGyue2ScQiirVihrthJ4TQDBg0eRn1Jq52uzI/psaEJ
Q8PrU7vu0DcLMfTgIeI3tDALwlCiXvkh2sbScJHihgpFsR+dn3cOJp2LTna9V+P8
g870jk1U/5z+sl8a+0fjdvXgXUS7TAuEk58Q7hn36njnyYdU5n2SLYRcMbZyoDlt
VHsKJA0=
-----END CERTIFICATE-----
Generated at Fri Sep 8 18:44:03 2023 by rpki-client on console-ams.rpki-client.org