Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ykiX5rltA6pKwmtE2GFdxLaaSxk.roa
File: ykiX5rltA6pKwmtE2GFdxLaaSxk.roa (raw, json)
Hash identifier: Z5o0DXfRJoFO2dol0dJRVfDDsdEj4jLjXpQKJhiejxs=
Subject key identifier: CA:48:97:E6:B9:6D:03:AA:4A:C2:6B:44:D8:61:5D:C4:B6:9A:4B:19
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018DD0A2D3CF3AE0543E8C78AE33E6D40A5D
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ykiX5rltA6pKwmtE2GFdxLaaSxk.roa
Signing time: Thu 22 Feb 2024 11:45:48 +0000
ROA not before: Thu 22 Feb 2024 11:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47585
IP address blocks: 91.228.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 05:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:a2:d3:cf:3a:e0:54:3e:8c:78:ae:33:e6:d4:0a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Feb 22 11:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca4897e6b96d03aa4ac26b44d8615dc4b69a4b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1b:53:60:ac:fc:0c:82:2b:fc:e6:1e:d9:a9:
4f:aa:dc:a7:77:e5:7e:90:a9:00:d5:dc:02:28:ef:
d6:64:c1:a8:07:67:c5:47:07:ff:7f:d2:f9:81:7f:
07:83:5c:a7:66:23:d2:1c:f3:a1:53:86:e7:95:47:
15:bb:78:87:36:36:97:f1:79:e7:bc:6e:87:2d:93:
2a:1c:83:ed:c7:c6:fa:30:51:66:a8:11:d2:b6:35:
9e:ac:00:a6:24:89:c5:54:7a:bf:0b:e0:81:27:75:
dd:a3:50:17:61:98:7f:06:10:1f:ef:b3:5e:2b:a5:
61:b8:c0:10:ba:5e:ac:68:94:56:cb:93:3b:d1:aa:
11:cd:c7:7e:0c:b1:d0:96:4c:05:97:d8:34:3c:c5:
97:09:93:fc:28:c8:da:a4:8b:75:55:5c:e1:3e:b5:
30:04:b7:51:94:7a:1d:fe:2d:a8:f8:06:27:06:90:
a8:02:e9:cf:e1:f3:ba:48:f8:66:28:c1:2a:b3:01:
d9:f5:f8:a6:2a:56:d9:08:33:fb:7c:ec:a8:5a:7c:
73:45:c3:58:12:6d:60:bd:92:5d:65:7c:e4:88:cd:
91:aa:bd:e6:b7:e3:f9:89:83:78:fc:14:c0:27:8d:
89:ee:e4:49:38:a8:4e:3b:97:37:07:2c:b2:e8:0e:
18:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:97:E6:B9:6D:03:AA:4A:C2:6B:44:D8:61:5D:C4:B6:9A:4B:19
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/ykiX5rltA6pKwmtE2GFdxLaaSxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d0:b0:e4:6c:73:49:3f:06:7f:a0:10:9d:87:be:6a:ba:e5:
af:62:8e:5b:9a:80:38:f0:c4:f4:ce:20:ab:31:54:e7:3b:66:
4a:74:91:01:68:f9:db:65:14:04:94:16:a3:7d:6c:94:fb:20:
0f:9e:87:72:c8:c6:dd:b5:4a:f8:88:36:77:b0:54:7f:c3:2b:
22:9a:1f:af:05:8d:8b:5a:c8:ca:94:5f:51:5b:5c:a4:d4:b3:
ca:7d:80:77:a0:fe:3b:64:43:80:b0:6d:3b:12:4d:c7:00:89:
e4:05:7b:2c:60:f3:e1:6d:7c:7f:e3:38:f9:93:c8:6c:16:b6:
3a:19:e3:26:c2:4f:36:5b:3f:d1:f7:db:59:b7:6b:2d:be:4c:
8a:32:81:36:ca:81:8d:4c:ea:13:44:59:7f:67:b3:d4:8d:5d:
5c:14:27:ef:72:03:21:f3:25:d8:45:e9:17:19:ce:16:a0:f0:
e7:05:ab:c8:46:b9:39:dc:4f:06:06:0a:73:16:0f:35:7b:dc:
cb:8d:13:b1:ba:e9:4e:95:34:1d:b8:2e:07:46:4c:60:e5:95:
8a:c6:99:88:c3:08:33:eb:03:ec:50:a1:34:5e:df:55:a5:10:
84:50:4d:3c:2a:e6:c5:cb:df:7a:06:64:68:bc:05:a8:ee:9e:
ef:93:6a:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3QotPPOuBUPox4rjPm1ApdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMjIyMTE0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ4OTdlNmI5NmQwM2FhNGFjMjZiNDRkODYxNWRjNGI2OWE0YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBtTYKz8DIIr/OYe2alPqtynd+V+
kKkA1dwCKO/WZMGoB2fFRwf/f9L5gX8Hg1ynZiPSHPOhU4bnlUcVu3iHNjaX8Xnn
vG6HLZMqHIPtx8b6MFFmqBHStjWerACmJInFVHq/C+CBJ3Xdo1AXYZh/BhAf77Ne
K6VhuMAQul6saJRWy5M70aoRzcd+DLHQlkwFl9g0PMWXCZP8KMjapIt1VVzhPrUw
BLdRlHod/i2o+AYnBpCoAunP4fO6SPhmKMEqswHZ9fimKlbZCDP7fOyoWnxzRcNY
Em1gvZJdZXzkiM2Rqr3mt+P5iYN4/BTAJ42J7uRJOKhOO5c3Byyy6A4Y+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpIl+a5bQOqSsJrRNhhXcS2mksZMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEveWtpWDVybHRBNnBLd210RTJHRmR4TGFhU3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QMMA0G
CSqGSIb3DQEBCwUAA4IBAQA80LDkbHNJPwZ/oBCdh75quuWvYo5bmoA48MT0ziCr
MVTnO2ZKdJEBaPnbZRQElBajfWyU+yAPnodyyMbdtUr4iDZ3sFR/wysimh+vBY2L
WsjKlF9RW1yk1LPKfYB3oP47ZEOAsG07Ek3HAInkBXssYPPhbXx/4zj5k8hsFrY6
GeMmwk82Wz/R99tZt2stvkyKMoE2yoGNTOoTRFl/Z7PUjV1cFCfvcgMh8yXYRekX
Gc4WoPDnBavIRrk53E8GBgpzFg81e9zLjROxuulOlTQduC4HRkxg5ZWKxpmIwwgz
6wPsUKE0Xt9VpRCEUE08KubFy996BmRovAWo7p7vk2qt
-----END CERTIFICATE-----
Generated at Thu Mar 21 08:04:09 2024 by rpki-client on console-ams.rpki-client.org