Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/xbdzWu9uXQNXv7j9X_-PzrSIfgs.roa
File: xbdzWu9uXQNXv7j9X_-PzrSIfgs.roa (raw, json)
Hash identifier: y1X0CrcV4LkFco2iA+nFqoVkT99fKuLENs/dU+oiA1o=
Subject key identifier: C5:B7:73:5A:EF:6E:5D:03:57:BF:B8:FD:5F:FF:8F:CE:B4:88:7E:0B
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018B42C014C27A484D9FA691B0187379CBEB
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/xbdzWu9uXQNXv7j9X_-PzrSIfgs.roa
Signing time: Wed 18 Oct 2023 12:26:06 +0000
ROA not before: Wed 18 Oct 2023 12:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:c0:14:c2:7a:48:4d:9f:a6:91:b0:18:73:79:cb:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 18 12:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5b7735aef6e5d0357bfb8fd5fff8fceb4887e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:41:a6:74:aa:f7:77:b4:79:6d:e4:66:df:
96:be:1f:b1:19:d4:1c:8d:37:0d:06:e2:6b:30:76:
14:b7:f7:1d:23:12:a6:50:3a:f2:dc:22:69:85:32:
3b:10:94:f6:f6:28:8f:2c:1b:54:ce:47:9a:f4:a1:
80:8f:db:31:da:0e:ca:89:6a:5b:7e:fb:88:b8:ec:
e1:ad:c6:4a:e8:70:1e:73:10:89:87:3c:67:d1:08:
60:c4:4c:d4:cb:6e:a3:3e:2d:9b:23:ef:10:0d:29:
e3:03:60:88:c2:01:e5:47:04:bc:6a:90:e3:b6:b0:
59:0e:52:9c:04:85:c2:45:1c:4a:e1:70:67:d7:9d:
48:21:bf:c0:0b:4a:16:e5:4d:35:8f:33:db:b1:e0:
c2:e9:5f:bb:ac:5c:fc:5c:ef:26:7b:67:50:02:44:
f9:c1:32:7e:8b:c6:59:1a:1b:4b:f1:2e:76:47:57:
96:06:43:e7:67:a0:33:a6:be:63:3f:88:3c:b8:60:
ac:86:55:6d:8e:57:85:74:a8:7b:4a:90:9e:15:db:
8e:1d:5e:29:4c:8f:61:c2:1e:4e:47:2a:a9:b9:40:
cf:f8:1b:51:f8:43:8f:df:6e:70:c2:d1:fb:73:af:
b6:34:b8:aa:a7:b9:f0:b9:9a:e3:f6:89:25:2e:17:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B7:73:5A:EF:6E:5D:03:57:BF:B8:FD:5F:FF:8F:CE:B4:88:7E:0B
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/xbdzWu9uXQNXv7j9X_-PzrSIfgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/23
94.154.34.0-94.154.36.255
Signature Algorithm: sha256WithRSAEncryption
9e:03:2d:6c:18:8c:1b:d0:6a:12:79:bc:40:bc:62:5a:c2:de:
87:44:b7:89:3a:68:b9:ca:c5:1a:fe:9a:66:8a:46:37:47:93:
6e:02:16:19:bc:66:7b:c5:73:cb:f4:c7:f9:6e:e2:37:b6:31:
ae:53:54:88:0e:77:de:56:ad:f3:d7:74:39:79:18:6b:26:06:
e4:99:46:f5:cf:fa:32:9c:fd:e2:43:5d:cd:74:4b:b5:7f:36:
e1:30:16:c0:05:e9:98:b8:a1:74:3c:fb:8f:e5:99:14:2f:f1:
d8:ea:a7:18:0b:36:28:99:b8:40:d8:75:41:84:d3:4a:16:a1:
43:cf:b4:d7:ff:9d:5f:fb:df:e2:f3:8f:9a:0f:bf:57:1b:53:
6a:6a:cf:f9:a0:f7:96:1b:64:35:f6:d2:37:cf:39:65:d4:4f:
e5:4a:65:53:f6:37:60:a4:95:d2:aa:a9:ca:7c:9f:de:73:70:
cf:c5:30:9f:d7:39:f2:e8:6f:d2:1f:b5:6f:63:43:6e:2d:ba:
c2:cc:43:d0:e1:0e:ad:b1:d2:65:04:8f:3a:47:75:b8:3f:4e:
e5:33:b5:49:9a:c9:be:1f:a8:18:10:ff:76:df:16:68:93:ca:
23:40:ab:53:d0:a3:b8:01:9b:92:26:a8:60:ca:c0:6c:23:e8:
13:3a:58:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYtCwBTCekhNn6aRsBhzecvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMDE4MTIyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI3NzM1YWVmNmU1ZDAzNTdiZmI4ZmQ1ZmZmOGZjZWI0ODg3ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+BBpnSq93e0eW3kZt+Wvh+xGdQc
jTcNBuJrMHYUt/cdIxKmUDry3CJphTI7EJT29iiPLBtUzkea9KGAj9sx2g7KiWpb
fvuIuOzhrcZK6HAecxCJhzxn0QhgxEzUy26jPi2bI+8QDSnjA2CIwgHlRwS8apDj
trBZDlKcBIXCRRxK4XBn151IIb/AC0oW5U01jzPbseDC6V+7rFz8XO8me2dQAkT5
wTJ+i8ZZGhtL8S52R1eWBkPnZ6Azpr5jP4g8uGCshlVtjleFdKh7SpCeFduOHV4p
TI9hwh5ORyqpuUDP+BtR+EOP325wwtH7c6+2NLiqp7nwuZrj9oklLhdxywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMW3c1rvbl0DV7+4/V//j860iH4LMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEveGJkeld1OXVYUU5YdjdqOVhfLVB6clNJZmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW+QOMAwD
BAFemiIDBABemiQwDQYJKoZIhvcNAQELBQADggEBAJ4DLWwYjBvQahJ5vEC8YlrC
3odEt4k6aLnKxRr+mmaKRjdHk24CFhm8ZnvFc8v0x/lu4je2Ma5TVIgOd95WrfPX
dDl5GGsmBuSZRvXP+jKc/eJDXc10S7V/NuEwFsAF6Zi4oXQ8+4/lmRQv8djqpxgL
NiiZuEDYdUGE00oWoUPPtNf/nV/73+Lzj5oPv1cbU2pqz/mg95YbZDX20jfPOWXU
T+VKZVP2N2CkldKqqcp8n95zcM/FMJ/XOfLob9IftW9jQ24tusLMQ9DhDq2x0mUE
jzpHdbg/TuUztUmayb4fqBgQ/3bfFmiTyiNAq1PQo7gBm5ImqGDKwGwj6BM6WII=
-----END CERTIFICATE-----
Generated at Wed Oct 18 16:20:09 2023 by rpki-client on console-fra.rpki-client.org