Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yAcFKY5cX5-FrX8-jYldK4QUhIQ.roa
File: yAcFKY5cX5-FrX8-jYldK4QUhIQ.roa (raw, json)
Hash identifier: KtF/d3QQoZ6pYOUrDnMHZcDwePvcuDDphCzrnRB4ZFY=
Subject key identifier: C8:07:05:29:8E:5C:5F:9F:85:AD:7F:3E:8D:89:5D:2B:84:14:84:84
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018DC32A8C307D966B008E56193938EAE259
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yAcFKY5cX5-FrX8-jYldK4QUhIQ.roa
Signing time: Mon 19 Feb 2024 20:59:21 +0000
ROA not before: Mon 19 Feb 2024 20:59:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c3:2a:8c:30:7d:96:6b:00:8e:56:19:39:38:ea:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 19 20:59:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c80705298e5c5f9f85ad7f3e8d895d2b84148484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:7a:ec:d2:08:d0:e1:86:86:5f:31:0e:c4:
74:07:91:57:06:30:69:87:cd:a5:de:7e:9d:42:88:
3f:ca:ee:41:bf:9c:ab:ca:a0:d7:90:7e:65:6d:d6:
f6:90:0a:33:c3:ec:0d:9b:5d:09:3e:8a:d1:cb:10:
1b:81:10:1b:b5:fe:85:ea:24:d1:40:89:17:07:14:
b2:b7:aa:42:7b:3f:ac:b5:cc:5d:d0:15:5f:e1:7e:
17:6c:4f:2b:8a:17:6d:60:85:71:a2:b1:b8:7f:a0:
7d:9c:39:cb:ee:93:14:15:65:a6:47:a9:57:65:5f:
73:3b:e1:73:77:a2:83:ed:24:15:83:59:8e:c7:b9:
10:7b:26:95:55:08:03:ea:ab:6f:e7:ec:fc:cd:68:
1d:ae:bc:3f:43:7d:c4:a1:65:fb:64:51:dc:be:f2:
11:8f:06:a6:1c:c6:0b:69:1b:fd:b3:e5:e5:94:0a:
a2:d5:25:09:31:9d:1e:6e:a1:7d:23:55:06:19:5c:
28:53:43:21:34:1c:b5:77:cc:3f:83:7f:3a:43:50:
71:4e:f4:fd:df:d2:b7:c6:8d:2f:68:87:10:34:de:
e4:5b:28:9f:5a:a4:1c:1c:38:d4:42:b5:e0:c1:50:
2c:f7:51:c1:ea:9f:e9:85:db:a7:b7:d6:2a:b7:d7:
dd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:07:05:29:8E:5C:5F:9F:85:AD:7F:3E:8D:89:5D:2B:84:14:84:84
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yAcFKY5cX5-FrX8-jYldK4QUhIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.14.0/24
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
97:bd:b4:e2:38:cc:e1:0f:df:41:2f:97:0b:ed:94:70:07:87:
6d:5b:7a:b7:e8:d1:32:ab:26:89:6a:f8:b4:40:5c:02:ab:74:
37:59:c8:11:dc:c9:9e:29:2e:9c:11:19:98:cb:52:3c:92:44:
08:22:aa:50:6b:c2:62:24:c7:a6:67:50:cf:14:12:35:31:e6:
f4:8f:4b:a9:e8:ef:c6:1c:63:78:7c:a7:51:33:8e:c0:a5:7c:
06:a3:27:a4:11:10:b8:f1:c9:3e:cc:36:33:2a:63:72:b1:a9:
3e:05:70:73:4b:2c:64:9f:04:5c:1e:02:58:34:e0:d2:a4:a0:
95:d5:44:36:c9:ec:fb:73:85:72:b3:eb:c0:4f:8a:42:36:c2:
f2:04:b9:3a:77:7d:67:ea:e5:c6:1b:e0:50:76:13:67:28:7b:
00:4e:c4:c8:28:c0:02:43:5a:e6:d6:41:22:1d:f0:18:5f:2e:
a6:c0:47:f5:5d:9f:b4:5a:87:f9:3b:2b:72:e0:03:9c:e6:29:
8d:a7:33:ce:a5:7e:ca:ea:43:70:08:9d:81:75:c9:32:ed:b7:
8d:d9:4d:a9:79:96:95:4a:e3:6f:0a:cc:c0:d2:55:32:77:78:
46:7e:ad:9d:e6:b4:24:a9:30:e2:93:6f:4b:63:28:a2:28:f9:
b5:83:78:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3DKowwfZZrAI5WGTk46uJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMjE5MjA1OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA3MDUyOThlNWM1ZjlmODVhZDdmM2U4ZDg5NWQyYjg0MTQ4NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YB67NII0OGGhl8xDsR0B5FXBjBp
h82l3n6dQog/yu5Bv5yryqDXkH5lbdb2kAozw+wNm10JPorRyxAbgRAbtf6F6iTR
QIkXBxSyt6pCez+stcxd0BVf4X4XbE8rihdtYIVxorG4f6B9nDnL7pMUFWWmR6lX
ZV9zO+Fzd6KD7SQVg1mOx7kQeyaVVQgD6qtv5+z8zWgdrrw/Q33EoWX7ZFHcvvIR
jwamHMYLaRv9s+XllAqi1SUJMZ0ebqF9I1UGGVwoU0MhNBy1d8w/g386Q1BxTvT9
39K3xo0vaIcQNN7kWyifWqQcHDjUQrXgwVAs91HB6p/phdunt9Yqt9fdtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMgHBSmOXF+fha1/Po2JXSuEFISEMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEveUFjRktZNWNYNS1Gclg4LWpZbGRLNFFVaElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QOAwQA
XpoiAwQBXpokMA0GCSqGSIb3DQEBCwUAA4IBAQCXvbTiOMzhD99BL5cL7ZRwB4dt
W3q36NEyqyaJavi0QFwCq3Q3WcgR3MmeKS6cERmYy1I8kkQIIqpQa8JiJMemZ1DP
FBI1Meb0j0up6O/GHGN4fKdRM47ApXwGoyekERC48ck+zDYzKmNysak+BXBzSyxk
nwRcHgJYNODSpKCV1UQ2yez7c4Vys+vAT4pCNsLyBLk6d31n6uXGG+BQdhNnKHsA
TsTIKMACQ1rm1kEiHfAYXy6mwEf1XZ+0Wof5Oyty4AOc5imNpzPOpX7K6kNwCJ2B
dcky7beN2U2peZaVSuNvCszA0lUyd3hGfq2d5rQkqTDik29LYyiiKPm1g3iW
-----END CERTIFICATE-----
Generated at Wed Feb 21 19:06:52 2024 by rpki-client on console-ams.rpki-client.org