Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jZZ-X7vF9GyJrjX1tbF4ehW5Ve4.roa
File: jZZ-X7vF9GyJrjX1tbF4ehW5Ve4.roa (raw, json)
Hash identifier: L59dgays1WzjGqFuOPrI6NHj2Z9Aom9mkoXnZMZkaxg=
Subject key identifier: 8D:96:7E:5F:BB:C5:F4:6C:89:AE:35:F5:B5:B1:78:7A:15:B9:55:EE
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018CC86F33396305ED46331318ADB8FAD5B5
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jZZ-X7vF9GyJrjX1tbF4ehW5Ve4.roa
Signing time: Tue 02 Jan 2024 04:29:39 +0000
ROA not before: Tue 02 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.126.158.0/23 maxlen: 24
91.221.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 06:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:33:39:63:05:ed:46:33:13:18:ad:b8:fa:d5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 2 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d967e5fbbc5f46c89ae35f5b5b1787a15b955ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f1:b1:41:87:aa:8d:f7:0d:5e:99:cb:8d:2f:
fb:cf:d1:60:69:84:a6:b1:b8:27:5f:3d:2e:dd:45:
eb:da:9e:de:1f:c8:ac:36:b4:c8:0c:4e:74:98:03:
22:25:8a:9e:1a:7c:c6:95:00:8f:1b:2d:e6:b3:f5:
7f:9c:35:2f:7c:c2:bb:10:5e:20:89:40:ba:f5:c3:
88:bb:83:99:26:cd:c7:5f:26:d2:c6:4a:ec:65:b6:
0e:9d:0f:f6:31:b0:dd:1f:17:2d:30:c3:e1:66:58:
81:1b:a2:98:2a:b1:f4:09:5f:4a:fd:c5:89:9b:df:
57:0e:15:f1:e4:17:19:b2:b9:3e:b2:95:dc:d4:55:
ed:2a:77:11:fb:23:ac:97:11:33:71:1b:06:89:e6:
97:f6:d5:a1:0f:4c:8d:fc:96:bd:74:6b:82:3e:56:
30:c5:5a:5c:2d:a8:f2:66:30:e9:2f:6a:e3:53:58:
57:ee:52:23:5c:7f:f3:1a:f4:6e:4a:4b:ed:40:dd:
86:0b:e5:39:f0:1b:cf:01:b0:6b:5d:53:47:6c:b6:
73:bc:85:8a:a4:a5:98:de:bf:7e:2a:52:4f:72:73:
96:7c:c5:27:c8:1f:ee:b8:9c:3d:ac:49:3d:f9:94:
e5:e8:8e:9a:63:6a:29:f4:4c:4b:8b:19:a5:85:e0:
79:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:96:7E:5F:BB:C5:F4:6C:89:AE:35:F5:B5:B1:78:7A:15:B9:55:EE
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jZZ-X7vF9GyJrjX1tbF4ehW5Ve4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
63:97:ca:aa:15:ea:01:2d:01:84:a8:5a:f5:b8:7d:ca:07:6c:
00:2e:e9:7f:77:c1:2c:88:29:c1:c5:07:76:5d:4b:0f:fb:02:
d6:3b:e4:0e:13:cf:50:99:ff:bc:91:d8:7a:48:87:17:c4:03:
2d:62:2e:a7:cd:ff:2e:12:03:20:dd:89:2f:fb:6a:4b:5c:b9:
c1:0e:2b:64:be:6a:eb:58:58:39:9c:f7:19:a6:50:8c:50:69:
6d:ce:78:88:69:bb:79:10:da:3a:a0:1b:d8:97:7e:b7:15:3c:
a6:71:06:fe:6d:27:a0:ba:c3:18:20:79:de:a0:ba:3e:24:fe:
c0:40:5f:fe:68:8d:31:6c:ef:81:82:63:c7:b4:2f:ae:2b:a2:
ab:01:2d:c6:74:1d:8a:d5:1e:67:61:6f:ce:1d:ee:93:49:e4:
13:0b:52:79:f2:bf:4e:92:7f:ad:3b:01:55:60:b3:58:54:18:
7b:ed:45:6a:c1:b1:b7:d3:41:16:1e:5a:62:d1:7b:51:5d:6b:
51:cd:39:db:b1:1c:55:3c:23:5b:7d:bb:1a:2b:e8:fb:ee:56:
08:2c:cc:9c:24:bf:0d:de:c8:e0:fb:7b:c7:a9:43:d3:19:25:
68:18:79:eb:d6:bb:87:b8:eb:28:dd:51:a3:7e:ea:d2:1a:2c:
d2:7f:4e:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbzM5YwXtRjMTGK24+tW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwMTAyMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk2N2U1ZmJiYzVmNDZjODlhZTM1ZjViNWIxNzg3YTE1Yjk1NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvGxQYeqjfcNXpnLjS/7z9FgaYSm
sbgnXz0u3UXr2p7eH8isNrTIDE50mAMiJYqeGnzGlQCPGy3ms/V/nDUvfMK7EF4g
iUC69cOIu4OZJs3HXybSxkrsZbYOnQ/2MbDdHxctMMPhZliBG6KYKrH0CV9K/cWJ
m99XDhXx5BcZsrk+spXc1FXtKncR+yOslxEzcRsGieaX9tWhD0yN/Ja9dGuCPlYw
xVpcLajyZjDpL2rjU1hX7lIjXH/zGvRuSkvtQN2GC+U58BvPAbBrXVNHbLZzvIWK
pKWY3r9+KlJPcnOWfMUnyB/uuJw9rEk9+ZTl6I6aY2op9ExLixmlheB59wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI2Wfl+7xfRsia419bWxeHoVuVXuMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvalpaLVg3dkY5R3lKcmpYMXRiRjRlaFc1VmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW93oAwQB
uX6eMA0GCSqGSIb3DQEBCwUAA4IBAQBjl8qqFeoBLQGEqFr1uH3KB2wALul/d8Es
iCnBxQd2XUsP+wLWO+QOE89Qmf+8kdh6SIcXxAMtYi6nzf8uEgMg3Ykv+2pLXLnB
DitkvmrrWFg5nPcZplCMUGltzniIabt5ENo6oBvYl363FTymcQb+bSegusMYIHne
oLo+JP7AQF/+aI0xbO+BgmPHtC+uK6KrAS3GdB2K1R5nYW/OHe6TSeQTC1J58r9O
kn+tOwFVYLNYVBh77UVqwbG300EWHlpi0XtRXWtRzTnbsRxVPCNbfbsaK+j77lYI
LMycJL8N3sjg+3vHqUPTGSVoGHnr1ruHuOso3VGjfurSGizSf06s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org