Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/sVVIT6L4D6rsmUsAEKg1r9sBmus.roa
File: sVVIT6L4D6rsmUsAEKg1r9sBmus.roa (raw, json)
Hash identifier: XIFolfo6xtJbhUDlZ2jGUb/DqMJ3TI5GfUiCPnpTyME=
Subject key identifier: B1:55:48:4F:A2:F8:0F:AA:EC:99:4B:00:10:A8:35:AF:DB:01:9A:EB
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018E4544DE669224C08B7C14320C5C60BC7F
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/sVVIT6L4D6rsmUsAEKg1r9sBmus.roa
Signing time: Sat 16 Mar 2024 03:18:44 +0000
ROA not before: Sat 16 Mar 2024 03:18:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.221.232.0/24 maxlen: 24
185.126.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 09:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:45:44:de:66:92:24:c0:8b:7c:14:32:0c:5c:60:bc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Mar 16 03:18:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b155484fa2f80faaec994b0010a835afdb019aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:64:bd:61:0a:be:a2:64:ee:08:2f:a9:cc:5a:
2c:3d:25:e4:43:63:d7:31:93:dc:17:9e:c6:42:cc:
f8:56:04:5c:24:d1:8a:6f:c7:f2:89:b6:ac:cb:0c:
ba:df:52:da:b1:31:40:f2:d5:52:8e:02:1a:42:1e:
2b:1e:fb:11:21:2f:5d:a1:89:f6:7c:2c:61:96:64:
87:91:b1:3f:2e:9b:8c:64:78:76:0f:a5:1d:3c:c4:
29:2f:6d:86:39:6f:0c:fb:9c:be:4a:27:b1:2a:33:
3a:ff:24:2c:d7:bd:3d:b2:42:5a:bc:1f:a3:3b:78:
84:6d:11:c5:4e:62:a1:29:53:99:8b:7f:66:ff:3b:
cb:07:bf:bf:01:e3:0c:b0:cd:0e:e5:13:58:50:da:
38:11:29:47:79:67:50:77:ba:29:b4:35:b0:99:1b:
74:13:fc:9f:af:af:5b:33:16:4b:cf:8a:a8:ec:4d:
8b:08:ad:02:b6:d0:1e:f0:65:e1:dc:b6:5e:10:79:
a9:5d:07:bd:1b:51:24:ce:3e:66:e5:a4:e1:cf:fb:
88:cc:ea:52:22:f9:bb:5c:24:0f:34:2f:4e:7b:01:
92:57:6b:0c:ea:04:1f:72:75:93:6e:18:07:7f:9f:
3f:b2:db:9d:3b:3c:28:4c:56:8c:d5:c2:a1:4c:32:
e9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:55:48:4F:A2:F8:0F:AA:EC:99:4B:00:10:A8:35:AF:DB:01:9A:EB
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/sVVIT6L4D6rsmUsAEKg1r9sBmus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
185.126.156.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:f6:5e:69:23:b8:91:bf:8d:7f:4b:fe:ba:6f:70:41:85:c5:
57:09:61:74:8a:46:0e:2e:91:8a:58:52:e2:91:d8:9a:ac:15:
0c:15:d5:52:4a:f8:7e:c8:d0:94:d0:f2:7f:3a:b2:10:fb:8d:
f3:af:bc:6a:b6:50:5c:c0:24:0e:72:2f:cc:cd:2c:a0:b1:8d:
59:30:2a:ae:61:c1:46:03:a3:4d:9f:a5:2f:7c:d0:19:a6:bc:
3f:71:bb:a7:59:9e:07:51:3d:62:8e:21:0d:9e:42:37:ee:b6:
94:49:cd:34:76:2d:29:04:0c:15:b0:90:e6:77:de:d2:89:ae:
c0:c0:d7:9a:f2:35:5b:cf:56:93:41:6f:1f:f7:66:2a:c2:a0:
8d:2e:59:d6:f2:d1:1d:79:5f:57:4f:b0:c4:49:b7:7a:dc:2e:
cf:72:d5:4a:6d:84:8b:33:7b:af:a0:e4:d8:77:11:a0:da:86:
c6:74:1b:45:89:ba:2a:93:e5:54:6a:d0:0b:e8:00:5f:13:27:
b8:4f:1c:67:dd:1c:41:d4:02:73:e5:16:c0:89:72:7c:ea:e7:
b0:8f:f4:6a:c7:6b:e2:3d:62:32:f9:61:34:c8:d0:46:4d:53:
94:81:11:9f:89:b9:ed:eb:cb:80:3a:c6:0e:fa:d5:af:87:0b:
dd:34:72:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5FRN5mkiTAi3wUMgxcYLx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwMzE2MDMxODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTU1NDg0ZmEyZjgwZmFhZWM5OTRiMDAxMGE4MzVhZmRiMDE5YWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2S9YQq+omTuCC+pzFosPSXkQ2PX
MZPcF57GQsz4VgRcJNGKb8fyibasywy631LasTFA8tVSjgIaQh4rHvsRIS9doYn2
fCxhlmSHkbE/LpuMZHh2D6UdPMQpL22GOW8M+5y+SiexKjM6/yQs1709skJavB+j
O3iEbRHFTmKhKVOZi39m/zvLB7+/AeMMsM0O5RNYUNo4ESlHeWdQd7optDWwmRt0
E/yfr69bMxZLz4qo7E2LCK0CttAe8GXh3LZeEHmpXQe9G1Ekzj5m5aThz/uIzOpS
Ivm7XCQPNC9OewGSV2sM6gQfcnWTbhgHf58/studOzwoTFaM1cKhTDLptQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLFVSE+i+A+q7JlLABCoNa/bAZrrMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvc1ZWSVQ2TDRENnJzbVVzQUVLZzFyOXNCbXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW93oAwQB
uX6cMA0GCSqGSIb3DQEBCwUAA4IBAQAa9l5pI7iRv41/S/66b3BBhcVXCWF0ikYO
LpGKWFLikdiarBUMFdVSSvh+yNCU0PJ/OrIQ+43zr7xqtlBcwCQOci/MzSygsY1Z
MCquYcFGA6NNn6UvfNAZprw/cbunWZ4HUT1ijiENnkI37raUSc00di0pBAwVsJDm
d97Sia7AwNea8jVbz1aTQW8f92YqwqCNLlnW8tEdeV9XT7DESbd63C7PctVKbYSL
M3uvoOTYdxGg2obGdBtFiboqk+VUatAL6ABfEye4Txxn3RxB1AJz5RbAiXJ86uew
j/Rqx2viPWIy+WE0yNBGTVOUgRGfibnt68uAOsYO+tWvhwvdNHJI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org