Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wGE5ONmNmh2nSC6O3XEyxGboyh4.roa
File: wGE5ONmNmh2nSC6O3XEyxGboyh4.roa (raw, json)
Hash identifier: ZV15RSvWE/UiwG71nGAPboz4N6EPfFQfUA6U9krxmp4=
Subject key identifier: C0:61:39:38:D9:8D:9A:1D:A7:48:2E:8E:DD:71:32:C4:66:E8:CA:1E
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CE8D40F6852070D5E453193A383725978
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wGE5ONmNmh2nSC6O3XEyxGboyh4.roa
Signing time: Mon 08 Jan 2024 11:27:40 +0000
ROA not before: Mon 08 Jan 2024 11:27:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 17:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:d4:0f:68:52:07:0d:5e:45:31:93:a3:83:72:59:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 8 11:27:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0613938d98d9a1da7482e8edd7132c466e8ca1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:27:ce:5b:bd:67:ee:18:47:d5:73:04:ed:c1:
bd:52:dc:60:1c:8d:67:53:de:11:98:bf:9a:b9:f5:
2d:52:d2:2b:53:cf:37:07:1c:b1:1c:81:8f:46:fb:
d2:22:c3:5e:00:04:c4:3f:d6:ba:2f:77:1d:f8:98:
b3:7f:a1:1e:ec:19:e8:3c:58:50:8e:3a:68:30:d1:
fe:e4:fc:ee:d9:11:89:7d:6b:24:37:bf:fb:f8:78:
27:fc:43:46:5a:a5:64:5d:4c:15:f0:11:fd:a2:00:
e8:6f:a8:ae:4f:04:96:af:b3:45:10:34:5f:03:ef:
35:95:34:a8:0b:52:73:c9:ed:6b:70:a7:cc:3b:f2:
f5:b4:b3:f7:2b:0b:81:3e:9e:43:65:25:be:68:81:
32:19:24:61:5a:ad:26:81:e3:c5:cd:7d:bc:a6:31:
ce:87:2e:5b:df:53:ee:76:60:88:c2:85:36:c2:99:
a8:8b:84:b4:65:59:51:96:a4:97:f9:d0:6e:45:d4:
18:26:5a:51:fd:24:2e:1f:1d:3e:78:03:5c:bc:f9:
1e:a2:26:9d:83:9b:5d:ad:4f:66:85:b0:7e:9d:ec:
2e:7f:64:ee:94:59:2b:bd:b8:aa:be:2f:a4:8e:3f:
59:5d:cd:43:de:3f:55:89:02:17:99:32:dc:e9:80:
d9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:61:39:38:D9:8D:9A:1D:A7:48:2E:8E:DD:71:32:C4:66:E8:CA:1E
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wGE5ONmNmh2nSC6O3XEyxGboyh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.35.0-94.154.37.255
Signature Algorithm: sha256WithRSAEncryption
3b:81:e2:db:ba:0e:88:a0:ff:49:3a:5d:5d:16:c4:18:17:55:
4b:6d:36:70:fc:bd:08:6d:40:1b:38:cc:b4:2f:9c:59:36:2b:
54:73:af:0b:23:21:0d:7b:bb:87:f6:b0:73:b6:1a:cc:f6:07:
44:32:96:13:f7:73:e0:15:87:d0:a7:a7:22:7d:b1:b7:69:7a:
79:81:af:44:20:b6:37:17:cf:c0:ee:5c:eb:46:22:f4:88:5b:
da:b0:92:de:7d:0c:2e:0e:95:b7:d8:c5:ab:d4:6f:93:94:f1:
08:7f:60:d6:4e:2d:6e:8d:a9:97:88:55:95:9d:9a:bb:c7:3a:
2f:8a:7f:2c:d5:a7:bf:a8:cc:04:5d:3d:a6:b0:f5:43:2c:4d:
28:88:84:9d:ae:f4:59:60:29:b8:f9:13:41:c0:14:8e:e3:a9:
ef:13:31:36:eb:66:0c:ba:fd:de:67:ff:dd:be:ae:81:44:a6:
95:90:af:57:3e:4a:c1:96:d9:a7:d9:16:3f:a9:76:6b:5d:93:
cd:3b:8c:82:c1:5d:c7:b5:29:91:cf:44:0c:3f:09:ce:1a:30:
aa:5a:bc:7b:8c:9b:29:33:63:66:77:a5:f3:e7:29:4a:2c:64:
f0:8a:52:e1:de:d1:84:86:05:8e:ee:18:78:12:0d:9f:70:34:
3e:74:0a:87
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzo1A9oUgcNXkUxk6ODcll4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTA4MTEyNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDYxMzkzOGQ5OGQ5YTFkYTc0ODJlOGVkZDcxMzJjNDY2ZThjYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyfOW71n7hhH1XME7cG9UtxgHI1n
U94RmL+aufUtUtIrU883BxyxHIGPRvvSIsNeAATEP9a6L3cd+Jizf6Ee7BnoPFhQ
jjpoMNH+5Pzu2RGJfWskN7/7+Hgn/ENGWqVkXUwV8BH9ogDob6iuTwSWr7NFEDRf
A+81lTSoC1Jzye1rcKfMO/L1tLP3KwuBPp5DZSW+aIEyGSRhWq0mgePFzX28pjHO
hy5b31PudmCIwoU2wpmoi4S0ZVlRlqSX+dBuRdQYJlpR/SQuHx0+eANcvPkeoiad
g5tdrU9mhbB+newuf2TulFkrvbiqvi+kjj9ZXc1D3j9ViQIXmTLc6YDZUwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMBhOTjZjZodp0gujt1xMsRm6MoeMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvd0dFNU9ObU5taDJuU0M2TzNYRXl4R2JveWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+QMAwQB
W+QOMAwDBABemiMDBAFemiQwDQYJKoZIhvcNAQELBQADggEBADuB4tu6Doig/0k6
XV0WxBgXVUttNnD8vQhtQBs4zLQvnFk2K1RzrwsjIQ17u4f2sHO2Gsz2B0QylhP3
c+AVh9CnpyJ9sbdpenmBr0QgtjcXz8DuXOtGIvSIW9qwkt59DC4OlbfYxavUb5OU
8Qh/YNZOLW6NqZeIVZWdmrvHOi+KfyzVp7+ozARdPaaw9UMsTSiIhJ2u9FlgKbj5
E0HAFI7jqe8TMTbrZgy6/d5n/92+roFEppWQr1c+SsGW2afZFj+pdmtdk807jILB
Xce1KZHPRAw/Cc4aMKpavHuMmykzY2Z3pfPnKUosZPCKUuHe0YSGBY7uGHgSDZ9w
ND50Coc=
-----END CERTIFICATE-----
Generated at Wed Jan 10 21:58:41 2024 by rpki-client on console-fra.rpki-client.org