Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/v1Wh8ge3pgtTMyayUNUvfmrL_ZY.roa
File: v1Wh8ge3pgtTMyayUNUvfmrL_ZY.roa (raw, json)
Hash identifier: U4rWTnASsbMn3JGvdj3dwRS5uGSb1HaJ+RY3d274BDg=
Subject key identifier: BF:55:A1:F2:07:B7:A6:0B:53:33:26:B2:50:D5:2F:7E:6A:CB:FD:96
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018F1122DDBF43D2731A48B01D2559C1D9C7
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/v1Wh8ge3pgtTMyayUNUvfmrL_ZY.roa
Signing time: Wed 24 Apr 2024 17:24:08 +0000
ROA not before: Wed 24 Apr 2024 17:24:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 09:18:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:22:dd:bf:43:d2:73:1a:48:b0:1d:25:59:c1:d9:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 24 17:24:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf55a1f207b7a60b533326b250d52f7e6acbfd96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d2:53:ed:69:c9:0a:0d:3c:a8:27:a3:61:4b:
33:df:ed:97:6c:e1:b5:2b:31:a4:9d:08:63:39:2c:
7b:ea:03:8e:ba:c1:9e:f0:e2:1c:1f:2a:64:0f:32:
65:d3:0e:ad:6d:5f:9d:8a:8a:cb:99:1f:95:ae:24:
a6:18:74:db:71:9c:d7:ae:e9:8b:16:09:de:75:70:
20:78:32:c2:dc:62:e1:87:a6:21:fb:1b:ff:38:21:
69:ab:19:d9:45:51:be:92:4c:67:22:e1:b2:73:80:
15:a7:8f:23:bf:0a:10:81:ad:4a:70:6e:06:3f:d3:
bc:86:5a:e6:45:93:64:54:a2:5c:d4:9f:f1:f1:16:
bf:1e:cd:1a:a7:19:bb:4b:ba:3d:dd:01:45:5f:3a:
44:ee:9c:ca:12:7d:60:1e:8d:ba:23:83:37:e4:17:
7b:38:98:3f:49:76:7d:f3:a3:4e:ee:c2:f8:cc:5c:
42:70:7b:fd:a3:e0:01:8f:e1:80:70:56:60:ff:e4:
17:8c:1d:49:aa:da:46:31:13:db:ff:29:bf:c1:f6:
41:4c:78:20:19:a5:bf:08:ab:d0:45:5e:ee:63:60:
d5:96:e0:57:0f:05:3d:11:9b:69:81:39:e1:6c:32:
cf:47:b4:7a:e1:ac:d4:b5:98:f5:3b:c7:f0:98:07:
58:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:55:A1:F2:07:B7:A6:0B:53:33:26:B2:50:D5:2F:7E:6A:CB:FD:96
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/v1Wh8ge3pgtTMyayUNUvfmrL_ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:e4:85:af:8d:ac:b1:3c:ac:93:2f:23:9d:31:1f:ae:89:c1:
9a:76:d5:69:da:c6:20:46:74:80:ef:0b:1d:21:98:3f:9e:f0:
79:f6:1b:99:ad:1d:24:d0:0d:ed:d3:90:62:0b:fd:9b:2e:1a:
89:27:9e:aa:e8:71:5b:c9:7c:08:04:a4:2f:79:c0:77:66:cb:
85:e2:50:7c:44:5f:40:23:12:33:25:99:3a:d5:e4:61:e9:d9:
60:eb:6f:46:8e:26:3a:fd:c7:a2:c5:a6:38:c3:b9:9d:14:2e:
ef:a1:be:df:1e:ea:26:33:c0:e7:30:ac:10:00:0a:9c:87:54:
5a:58:92:0b:99:60:79:4a:0d:0f:b9:7b:8e:17:a9:70:e8:d5:
7d:05:af:f4:76:00:c8:37:46:df:a4:04:c0:9c:be:56:66:52:
7f:e6:9c:18:51:e7:f8:4e:3d:ac:b0:10:d6:65:65:31:20:f8:
b9:0e:e7:a9:ea:8d:78:fc:ce:87:79:48:fd:a0:63:78:89:38:
53:bc:2c:40:8a:c3:c3:d9:2a:5c:20:56:f2:96:07:b8:7e:f9:
a1:3c:3a:ee:17:89:44:e7:b0:23:9e:2c:99:ff:36:04:aa:2f:
15:e9:c3:8b:40:2b:94:44:c3:8b:6d:e2:2d:50:df:7b:1f:8a:
05:f8:af:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8RIt2/Q9JzGkiwHSVZwdnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDI0MTcyNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU1YTFmMjA3YjdhNjBiNTMzMzI2YjI1MGQ1MmY3ZTZhY2JmZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdJT7WnJCg08qCejYUsz3+2XbOG1
KzGknQhjOSx76gOOusGe8OIcHypkDzJl0w6tbV+diorLmR+VriSmGHTbcZzXrumL
FgnedXAgeDLC3GLhh6Yh+xv/OCFpqxnZRVG+kkxnIuGyc4AVp48jvwoQga1KcG4G
P9O8hlrmRZNkVKJc1J/x8Ra/Hs0apxm7S7o93QFFXzpE7pzKEn1gHo26I4M35Bd7
OJg/SXZ986NO7sL4zFxCcHv9o+ABj+GAcFZg/+QXjB1JqtpGMRPb/ym/wfZBTHgg
GaW/CKvQRV7uY2DVluBXDwU9EZtpgTnhbDLPR7R64azUtZj1O8fwmAdYuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL9VofIHt6YLUzMmslDVL35qy/2WMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvdjFXaDhnZTNwZ3RUTXlheVVOVXZmbXJMX1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QOAwQB
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQC35IWvjayxPKyTLyOdMR+uicGadtVp2sYg
RnSA7wsdIZg/nvB59huZrR0k0A3t05BiC/2bLhqJJ56q6HFbyXwIBKQvecB3ZsuF
4lB8RF9AIxIzJZk61eRh6dlg629GjiY6/ceixaY4w7mdFC7vob7fHuomM8DnMKwQ
AAqch1RaWJILmWB5Sg0PuXuOF6lw6NV9Ba/0dgDIN0bfpATAnL5WZlJ/5pwYUef4
Tj2ssBDWZWUxIPi5Duep6o14/M6HeUj9oGN4iThTvCxAisPD2SpcIFbylge4fvmh
PDruF4lE57AjniyZ/zYEqi8V6cOLQCuURMOLbeItUN97H4oF+K85
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org