Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wlOOVqx5EE32hekNe2evkfvEM7w.roa
File: wlOOVqx5EE32hekNe2evkfvEM7w.roa (raw, json)
Hash identifier: IRlsVF7qukOAj1U3CJAZxZCOKRXLSFon7/bEblVtdR4=
Subject key identifier: C2:53:8E:56:AC:79:10:4D:F6:85:E9:0D:7B:67:AF:91:FB:C4:33:BC
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019082910EC3E3F297E0F413FD8599FC8F73
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wlOOVqx5EE32hekNe2evkfvEM7w.roa
Signing time: Fri 05 Jul 2024 11:04:22 +0000
ROA not before: Fri 05 Jul 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 17:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:91:0e:c3:e3:f2:97:e0:f4:13:fd:85:99:fc:8f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jul 5 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2538e56ac79104df685e90d7b67af91fbc433bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:81:b8:81:4b:35:96:b7:d4:b5:c5:63:51:07:
34:f8:16:5e:56:f5:26:01:1f:38:77:ac:de:78:97:
07:b4:6a:3d:28:00:87:f1:5d:c5:71:c3:8b:23:d3:
ee:eb:ce:ae:8e:87:3c:42:15:42:8d:a2:8d:67:3e:
04:d4:0e:32:99:09:6f:1e:6c:4c:70:b1:e6:e6:18:
93:3e:fe:5f:76:26:b9:ea:a4:77:57:9b:da:a3:35:
7c:d4:40:b0:23:cf:b5:e2:88:e0:1b:58:87:f7:e8:
a7:9c:6f:22:37:c0:40:da:90:55:fb:4e:7a:8f:14:
de:78:8c:1b:01:70:4f:b7:0c:94:c6:6b:42:8a:fc:
93:8c:e9:a3:48:7b:4f:f1:04:64:f2:0e:6b:d8:2e:
66:05:1e:56:14:68:3a:f7:bb:3a:21:06:a3:8d:0a:
f5:51:69:78:ec:f8:8a:51:78:ad:41:6c:fa:f7:5d:
2e:7b:a8:fa:9d:6d:8a:e5:4c:06:4c:fd:4f:25:c4:
e7:4b:20:3d:72:47:af:58:a9:fa:f1:9e:87:39:0b:
20:b1:79:76:cb:47:b0:c5:fa:af:f8:25:07:9d:1d:
a5:5d:a8:b5:79:98:c8:63:01:77:07:ad:85:b1:21:
f7:e2:a0:86:36:f1:16:c8:c7:24:dc:b0:87:71:cf:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:53:8E:56:AC:79:10:4D:F6:85:E9:0D:7B:67:AF:91:FB:C4:33:BC
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/wlOOVqx5EE32hekNe2evkfvEM7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/23
91.228.15.0/24
Signature Algorithm: sha256WithRSAEncryption
00:09:46:98:51:ba:28:7f:1a:a7:cd:81:53:87:4e:6d:87:bb:
02:86:54:4a:9e:48:af:c0:76:cd:23:13:a0:13:a8:a4:e0:78:
1d:fa:0e:ff:ef:63:27:e0:87:19:7c:6f:2d:bf:2e:fc:f0:4a:
77:62:22:5e:d9:f9:c2:44:83:08:05:b0:47:26:f9:24:0b:31:
77:de:84:a9:9e:22:7c:a0:cf:1d:ef:ee:54:7a:5d:ab:d7:3b:
d3:3c:b2:a4:4a:57:34:e4:0f:1b:7e:61:46:99:d8:09:42:ea:
40:6d:0b:6d:63:5d:c1:c5:b7:c7:8e:9b:47:a6:1b:1b:4f:ba:
e5:9e:88:de:81:be:8b:81:c3:27:6e:ab:c5:a0:67:1a:81:38:
67:7d:75:f5:e1:3f:11:5e:a2:16:f0:ad:bb:9e:f9:1a:5f:4e:
d1:dd:95:26:ec:66:e4:05:e5:e4:47:73:ef:7a:e6:9d:5e:7d:
63:d8:0f:8e:82:cd:7b:7f:b6:d0:89:8e:50:74:5a:44:e3:26:
e9:44:e4:ce:e2:6f:fd:4f:da:62:98:3a:4f:07:0f:3f:a3:a6:
51:e2:11:5d:1e:12:a4:cd:3e:51:b1:73:19:fc:88:72:41:18:
c0:96:4a:b0:a4:b9:76:b9:a2:4d:e2:c0:d8:8d:4e:af:f0:ae:
23:74:1f:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCCkQ7D4/KX4PQT/YWZ/I9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwNzA1MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjUzOGU1NmFjNzkxMDRkZjY4NWU5MGQ3YjY3YWY5MWZiYzQzM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4G4gUs1lrfUtcVjUQc0+BZeVvUm
AR84d6zeeJcHtGo9KACH8V3FccOLI9Pu686ujoc8QhVCjaKNZz4E1A4ymQlvHmxM
cLHm5hiTPv5fdia56qR3V5vaozV81ECwI8+14ojgG1iH9+innG8iN8BA2pBV+056
jxTeeIwbAXBPtwyUxmtCivyTjOmjSHtP8QRk8g5r2C5mBR5WFGg697s6IQajjQr1
UWl47PiKUXitQWz6910ue6j6nW2K5UwGTP1PJcTnSyA9ckevWKn68Z6HOQsgsXl2
y0ewxfqv+CUHnR2lXai1eZjIYwF3B62FsSH34qCGNvEWyMck3LCHcc8SGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMJTjlaseRBN9oXpDXtnr5H7xDO8MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvd2xPT1ZxeDVFRTMyaGVrTmUyZXZrZnZFTTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+QMAwQA
W+QPMA0GCSqGSIb3DQEBCwUAA4IBAQAACUaYUboofxqnzYFTh05th7sChlRKnkiv
wHbNIxOgE6ik4Hgd+g7/72Mn4IcZfG8tvy788Ep3YiJe2fnCRIMIBbBHJvkkCzF3
3oSpniJ8oM8d7+5Uel2r1zvTPLKkSlc05A8bfmFGmdgJQupAbQttY13BxbfHjptH
phsbT7rlnojegb6LgcMnbqvFoGcagThnfXX14T8RXqIW8K27nvkaX07R3ZUm7Gbk
BeXkR3PveuadXn1j2A+Ogs17f7bQiY5QdFpE4ybpROTO4m/9T9pimDpPBw8/o6ZR
4hFdHhKkzT5RsXMZ/IhyQRjAlkqwpLl2uaJN4sDYjU6v8K4jdB8n
-----END CERTIFICATE-----
Generated at Fri Jul 12 19:09:31 2024 by rpki-client on console-fra.rpki-client.org