Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wRIjf3m7WJXn0mR8XjyT6mycqO0.roa
File: wRIjf3m7WJXn0mR8XjyT6mycqO0.roa (raw, json)
Hash identifier: Xo6YpPe3Y8/Vpx/nYcP5n5Hb5UA1pYTNC92hhDMd+ro=
Subject key identifier: C1:12:23:7F:79:BB:58:95:E7:D2:64:7C:5E:3C:93:EA:6C:9C:A8:ED
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018F1035BE4EB779FF50D11DE3168EF98411
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wRIjf3m7WJXn0mR8XjyT6mycqO0.roa
Signing time: Wed 24 Apr 2024 13:05:08 +0000
ROA not before: Wed 24 Apr 2024 13:05:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 91.228.12.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 15:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:35:be:4e:b7:79:ff:50:d1:1d:e3:16:8e:f9:84:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Apr 24 13:05:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c112237f79bb5895e7d2647c5e3c93ea6c9ca8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5c:71:05:dc:1e:7b:17:f9:6f:77:8d:9a:50:
0d:c3:90:96:6b:ba:72:28:b5:28:4e:61:aa:e1:2f:
b3:17:48:d9:45:85:6a:38:49:1c:f6:41:4f:8a:75:
ee:62:30:99:15:68:c7:d5:a7:82:0f:aa:87:93:39:
67:83:70:59:a0:8b:c7:ef:bc:84:65:57:5e:da:0c:
06:b2:a9:ba:5b:f3:be:19:01:5b:79:ef:e4:c2:6a:
59:c7:d4:7d:23:f2:ae:86:f2:bf:88:98:77:14:f1:
b0:a0:bc:a7:5e:bc:bd:c2:2e:4e:a4:f2:6d:3c:9d:
ce:03:21:32:6f:03:9a:20:1e:60:95:82:9c:b1:7b:
b8:e4:a9:ef:d3:26:af:a1:85:8e:c7:4f:95:08:7e:
10:ec:6d:f1:d0:f6:12:8b:00:af:16:28:29:36:13:
c7:12:41:da:e5:ef:99:60:d0:70:8f:26:8f:0f:d2:
12:03:13:a4:e4:da:ea:45:ff:b7:c6:d9:c0:65:36:
61:e6:58:9b:3c:42:1d:17:d5:9e:e8:19:27:0f:6a:
a7:b5:2b:6a:d2:a8:d7:96:c7:d7:df:62:8f:21:41:
dc:0a:96:f9:21:e6:8f:1b:13:b2:1d:3a:a0:e8:51:
1f:25:ff:97:77:13:4f:a6:c4:41:f5:e1:99:b3:21:
87:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:12:23:7F:79:BB:58:95:E7:D2:64:7C:5E:3C:93:EA:6C:9C:A8:ED
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wRIjf3m7WJXn0mR8XjyT6mycqO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
94.154.32.0/24
Signature Algorithm: sha256WithRSAEncryption
11:37:91:21:e5:07:0e:6e:ce:6e:91:38:1d:ee:1c:1e:f5:2e:
e5:bf:1a:75:ff:4f:c9:c3:47:68:50:c0:a0:75:82:25:79:58:
a0:bd:7c:24:c9:6b:e8:71:a5:14:13:22:78:0d:0d:6e:94:0e:
6a:41:cc:a6:06:75:26:97:ab:bf:28:db:d3:a5:48:f5:ee:87:
6c:33:08:01:5c:cb:5a:4a:38:6f:0c:5a:11:e3:33:ba:b6:c3:
45:d9:bd:1c:4c:be:b1:fc:40:e1:64:2d:04:2c:2f:f5:21:49:
2a:69:20:00:31:46:bd:50:ff:e7:1d:15:9b:c8:fe:d1:32:0c:
c7:94:60:a4:39:fb:3f:31:6b:7f:07:ad:30:a4:0f:57:9d:50:
cc:59:03:db:95:16:c4:c1:6f:30:0b:75:2c:38:47:ba:e6:17:
88:d9:18:13:31:e8:de:07:95:dd:53:93:b6:af:e6:1d:5e:ab:
a7:4f:36:3c:b2:e8:d2:21:98:13:3c:c8:e4:3e:61:a0:92:c2:
8c:4b:dd:83:f9:93:f0:4c:f5:5c:36:4f:15:f6:2a:57:82:d2:
78:8e:32:2e:07:26:ed:89:19:c6:3b:8a:14:fb:23:79:0d:e7:
7f:b8:21:61:92:4b:66:1d:32:94:ef:3c:ad:1a:cf:29:e6:e2:
b2:d2:d2:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8QNb5Ot3n/UNEd4xaO+YQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNDI0MTMwNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTEyMjM3Zjc5YmI1ODk1ZTdkMjY0N2M1ZTNjOTNlYTZjOWNhOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllxxBdweexf5b3eNmlANw5CWa7py
KLUoTmGq4S+zF0jZRYVqOEkc9kFPinXuYjCZFWjH1aeCD6qHkzlng3BZoIvH77yE
ZVde2gwGsqm6W/O+GQFbee/kwmpZx9R9I/KuhvK/iJh3FPGwoLynXry9wi5OpPJt
PJ3OAyEybwOaIB5glYKcsXu45Knv0yavoYWOx0+VCH4Q7G3x0PYSiwCvFigpNhPH
EkHa5e+ZYNBwjyaPD9ISAxOk5NrqRf+3xtnAZTZh5libPEIdF9We6BknD2qntStq
0qjXlsfX32KPIUHcCpb5IeaPGxOyHTqg6FEfJf+XdxNPpsRB9eGZsyGHkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMESI395u1iV59JkfF48k+psnKjtMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvd1JJamYzbTdXSlhuMG1SOFhqeVQ2bXljcU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QMAwQA
XpogMA0GCSqGSIb3DQEBCwUAA4IBAQARN5Eh5QcObs5ukTgd7hwe9S7lvxp1/0/J
w0doUMCgdYIleVigvXwkyWvocaUUEyJ4DQ1ulA5qQcymBnUml6u/KNvTpUj17ods
MwgBXMtaSjhvDFoR4zO6tsNF2b0cTL6x/EDhZC0ELC/1IUkqaSAAMUa9UP/nHRWb
yP7RMgzHlGCkOfs/MWt/B60wpA9XnVDMWQPblRbEwW8wC3UsOEe65heI2RgTMeje
B5XdU5O2r+YdXqunTzY8sujSIZgTPMjkPmGgksKMS92D+ZPwTPVcNk8V9ipXgtJ4
jjIuBybtiRnGO4oU+yN5Ded/uCFhkktmHTKU7zytGs8p5uKy0tIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org