Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/PSfWzubeU4jBvo2Soc1ncFk9Buo.roa
File: PSfWzubeU4jBvo2Soc1ncFk9Buo.roa (raw, json)
Hash identifier: h0x+02IFCoeZ0wqPRFXmwT0XJVdlLkNTr5COzTrc8aU=
Subject key identifier: 3D:27:D6:CE:E6:DE:53:88:C1:BE:8D:92:A1:CD:67:70:59:3D:06:EA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01937CD40530BBD6D3D34ED7A860FE492370
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/PSfWzubeU4jBvo2Soc1ncFk9Buo.roa
Signing time: Sat 30 Nov 2024 11:28:09 +0000
ROA not before: Sat 30 Nov 2024 11:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 91.228.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7c:d4:05:30:bb:d6:d3:d3:4e:d7:a8:60:fe:49:23:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 30 11:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d27d6cee6de5388c1be8d92a1cd6770593d06ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:cc:fc:cf:64:78:d6:b1:72:c8:9d:d5:81:
3e:6b:a1:49:19:a4:20:8d:ef:40:e8:ad:94:41:e5:
ab:08:9c:6b:95:8e:f5:9a:13:ff:1b:ff:bb:7a:02:
86:04:07:cd:01:f3:df:64:19:7c:24:f9:71:cd:94:
c6:ce:a3:7b:eb:ba:f4:44:68:8c:05:2d:bf:45:39:
25:08:87:1a:ee:f5:aa:3c:db:e6:46:dc:ae:cc:30:
46:c5:cb:b7:7a:b4:19:ec:2e:51:e3:48:56:0f:57:
ce:d1:94:42:04:91:e0:b8:a4:df:44:71:53:b4:57:
c6:73:44:b9:18:bf:08:4d:e8:9e:17:ff:86:35:27:
c2:13:8d:8d:da:90:84:57:2d:35:69:d1:cf:16:4f:
37:7b:17:32:4f:90:6f:7b:58:ec:46:20:58:5d:b4:
d1:bc:9f:ae:62:c9:1a:04:f9:b1:ae:f9:30:d8:d7:
07:f2:b4:40:dd:47:7c:7d:eb:8f:5a:4c:d1:7d:c4:
40:87:df:f0:9a:44:3e:78:f5:ce:34:12:cd:32:e0:
0e:3d:f7:18:45:3a:d4:21:c6:ba:c2:e7:23:08:b9:
5a:c0:0d:d9:57:97:56:35:57:06:58:3e:c9:27:c8:
35:76:ce:a5:ce:be:0b:ea:64:b6:3a:d4:8d:ab:8a:
18:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:27:D6:CE:E6:DE:53:88:C1:BE:8D:92:A1:CD:67:70:59:3D:06:EA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/PSfWzubeU4jBvo2Soc1ncFk9Buo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:bd:57:cf:97:3f:c2:a1:44:e8:99:91:ec:3f:34:61:7f:93:
78:30:4a:d5:5e:24:a7:a3:a3:ee:1b:de:af:48:45:8f:92:97:
2b:1c:5b:60:03:46:00:8f:28:92:8d:1b:57:9d:d9:44:4c:4e:
97:fa:14:02:40:1b:17:e0:b8:b1:d1:bd:b8:b5:3a:ad:c1:04:
85:9a:67:5b:04:17:3a:a8:ab:8e:25:98:ed:c9:e3:fc:17:e4:
3e:ba:88:1d:01:22:f9:90:7f:56:d4:1a:2d:40:f4:87:8d:05:
ce:56:e2:60:f3:f4:cf:b6:36:87:9c:68:03:9d:ca:09:db:1a:
1d:16:23:79:ba:c5:b3:5b:9f:18:24:1c:d3:0d:9a:6e:18:b2:
8d:1a:66:f1:18:3e:9b:0d:8f:a0:60:6a:1c:25:6c:d1:e6:e8:
52:35:99:53:52:4d:0c:b7:18:69:ad:87:76:66:48:65:e4:29:
fe:af:76:cf:ef:34:47:81:77:56:00:79:60:1b:3d:98:fc:37:
58:6a:93:13:0a:ed:4a:62:0a:93:98:ec:e9:a7:53:50:da:44:
2f:4b:44:79:9b:6e:fa:7b:d9:90:68:f0:4e:fc:9f:cc:74:e4:
36:6c:c7:ed:7d:6d:5b:ee:57:80:70:c9:0d:72:74:fc:cd:14:
5c:9c:25:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN81AUwu9bT007XqGD+SSNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQxMTMwMTEyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDI3ZDZjZWU2ZGU1Mzg4YzFiZThkOTJhMWNkNjc3MDU5M2QwNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu/M/M9keNaxcsid1YE+a6FJGaQg
je9A6K2UQeWrCJxrlY71mhP/G/+7egKGBAfNAfPfZBl8JPlxzZTGzqN767r0RGiM
BS2/RTklCIca7vWqPNvmRtyuzDBGxcu3erQZ7C5R40hWD1fO0ZRCBJHguKTfRHFT
tFfGc0S5GL8ITeieF/+GNSfCE42N2pCEVy01adHPFk83excyT5Bve1jsRiBYXbTR
vJ+uYskaBPmxrvkw2NcH8rRA3Ud8feuPWkzRfcRAh9/wmkQ+ePXONBLNMuAOPfcY
RTrUIca6wucjCLlawA3ZV5dWNVcGWD7JJ8g1ds6lzr4L6mS2OtSNq4oYCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0n1s7m3lOIwb6NkqHNZ3BZPQbqMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvUFNmV3p1YmVVNGpCdm8yU29jMW5jRms5QnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QPMA0G
CSqGSIb3DQEBCwUAA4IBAQAqvVfPlz/CoUTomZHsPzRhf5N4MErVXiSno6PuG96v
SEWPkpcrHFtgA0YAjyiSjRtXndlETE6X+hQCQBsX4Lix0b24tTqtwQSFmmdbBBc6
qKuOJZjtyeP8F+Q+uogdASL5kH9W1BotQPSHjQXOVuJg8/TPtjaHnGgDncoJ2xod
FiN5usWzW58YJBzTDZpuGLKNGmbxGD6bDY+gYGocJWzR5uhSNZlTUk0MtxhprYd2
Zkhl5Cn+r3bP7zRHgXdWAHlgGz2Y/DdYapMTCu1KYgqTmOzpp1NQ2kQvS0R5m276
e9mQaPBO/J/MdOQ2bMftfW1b7leAcMkNcnT8zRRcnCUg
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:02:02 2025 by rpki-client