Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HfMxwt0J0V2wq6rz35tBJMbqBNg.roa
File: HfMxwt0J0V2wq6rz35tBJMbqBNg.roa (raw, json)
Hash identifier: Yk35GXLcZqBhAGWU8Qbt1XsWeaXHBKsHFoKntHfHxOA=
Subject key identifier: 1D:F3:31:C2:DD:09:D1:5D:B0:AB:AA:F3:DF:9B:41:24:C6:EA:04:D8
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018E127CA01F9A08648953DC0DF060558062
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HfMxwt0J0V2wq6rz35tBJMbqBNg.roa
Signing time: Wed 06 Mar 2024 06:39:01 +0000
ROA not before: Wed 06 Mar 2024 06:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.221.232.0/24 maxlen: 24
185.126.156.0/23 maxlen: 24
185.126.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 03:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:7c:a0:1f:9a:08:64:89:53:dc:0d:f0:60:55:80:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Mar 6 06:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1df331c2dd09d15db0abaaf3df9b4124c6ea04d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:39:07:f9:44:ff:62:da:9f:03:f0:ce:2b:b3:
e7:5a:8a:82:ba:ad:48:19:a0:a1:db:f7:a3:ae:25:
2a:11:3c:8d:c0:a9:9f:67:6d:f4:d9:0d:ea:e7:8f:
cc:46:39:f3:0e:81:59:36:fc:e4:0e:d0:bf:24:6b:
63:32:fd:f2:f2:8e:3b:6b:b4:f4:6c:10:7f:4f:4a:
7a:9d:99:94:1e:25:c1:8c:be:10:a0:95:93:dd:d1:
29:29:2e:a3:df:27:20:5f:ee:c5:ce:e6:39:17:44:
4e:61:9a:a5:8f:a6:20:4e:8d:b2:89:21:d3:c8:1e:
de:9f:21:66:cb:ba:c0:03:65:4a:d8:67:48:59:20:
66:5c:e5:7b:c3:59:fd:17:a7:c4:cd:b1:c9:32:7b:
df:98:c3:fa:82:b0:4c:c6:b8:df:f6:5f:b8:81:27:
48:7d:5a:e5:d6:64:97:1c:68:7c:ca:ba:8e:92:68:
42:40:1d:b5:10:22:63:20:02:03:9d:c5:5a:ff:de:
2d:14:03:47:b1:1b:61:09:18:ea:da:b4:b2:4b:6d:
9b:01:0e:4c:d2:49:03:63:ec:9a:ee:23:49:78:47:
8b:76:46:9f:a9:e1:2a:e9:97:0d:23:18:4e:aa:2b:
7a:34:dc:26:e0:fc:ee:19:11:9f:cd:df:d3:2a:2e:
a6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F3:31:C2:DD:09:D1:5D:B0:AB:AA:F3:DF:9B:41:24:C6:EA:04:D8
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/HfMxwt0J0V2wq6rz35tBJMbqBNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
185.126.156.0/22
Signature Algorithm: sha256WithRSAEncryption
52:02:6f:35:ef:06:54:33:73:19:b0:22:b0:94:2a:3d:a1:ed:
03:12:9c:d4:d6:71:ad:a2:69:4e:60:86:01:89:d4:f6:dc:36:
f5:83:e0:30:40:15:fc:99:9a:24:9c:14:19:09:a5:31:fb:8a:
e3:a2:31:5b:36:8f:f9:5b:64:85:1e:e7:74:eb:1b:6b:c7:e9:
95:5e:7f:4c:08:46:25:65:db:04:29:86:62:aa:60:00:83:f2:
6d:19:a8:c3:86:c9:2e:c9:a2:a6:7f:51:f5:c3:ca:eb:f8:64:
72:50:26:e3:31:22:e7:94:c6:1d:53:6d:92:f5:b0:21:be:9a:
6e:d1:30:fb:67:ae:52:4a:53:c2:4b:8b:fc:3c:22:59:54:13:
b4:77:14:b0:5f:37:5a:d1:77:b6:0b:86:44:c4:ba:33:57:f3:
80:3c:ec:ee:6d:b6:6f:a8:b3:05:d5:03:68:17:f1:da:01:38:
0f:dc:3a:e6:b5:8b:5a:49:b5:32:ff:e1:1f:a5:17:d9:90:7e:
06:a7:b6:c4:8d:18:77:cf:cc:da:58:de:55:dd:87:7a:12:a3:
d7:83:d2:61:a7:03:2c:4b:c8:39:7b:eb:27:e8:f9:c7:34:c6:
6d:b8:19:cf:85:fc:ba:fb:5a:4d:36:f7:20:d0:41:31:96:3a:
55:7f:00:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4SfKAfmghkiVPcDfBgVYBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwMzA2MDYzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGYzMzFjMmRkMDlkMTVkYjBhYmFhZjNkZjliNDEyNGM2ZWEwNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTkH+UT/YtqfA/DOK7PnWoqCuq1I
GaCh2/ejriUqETyNwKmfZ2302Q3q54/MRjnzDoFZNvzkDtC/JGtjMv3y8o47a7T0
bBB/T0p6nZmUHiXBjL4QoJWT3dEpKS6j3ycgX+7FzuY5F0ROYZqlj6YgTo2yiSHT
yB7enyFmy7rAA2VK2GdIWSBmXOV7w1n9F6fEzbHJMnvfmMP6grBMxrjf9l+4gSdI
fVrl1mSXHGh8yrqOkmhCQB21ECJjIAIDncVa/94tFANHsRthCRjq2rSyS22bAQ5M
0kkDY+ya7iNJeEeLdkafqeEq6ZcNIxhOqit6NNwm4PzuGRGfzd/TKi6mCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3zMcLdCdFdsKuq89+bQSTG6gTYMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvSGZNeHd0MEowVjJ3cTZyejM1dEJKTWJxQk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW93oAwQC
uX6cMA0GCSqGSIb3DQEBCwUAA4IBAQBSAm817wZUM3MZsCKwlCo9oe0DEpzU1nGt
omlOYIYBidT23Db1g+AwQBX8mZoknBQZCaUx+4rjojFbNo/5W2SFHud06xtrx+mV
Xn9MCEYlZdsEKYZiqmAAg/JtGajDhskuyaKmf1H1w8rr+GRyUCbjMSLnlMYdU22S
9bAhvppu0TD7Z65SSlPCS4v8PCJZVBO0dxSwXzda0Xe2C4ZExLozV/OAPOzubbZv
qLMF1QNoF/HaATgP3DrmtYtaSbUy/+EfpRfZkH4Gp7bEjRh3z8zaWN5V3Yd6EqPX
g9JhpwMsS8g5e+sn6PnHNMZtuBnPhfy6+1pNNvcg0EExljpVfwC3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org