Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zkxlVXaL6GW8WoqvpRoi7baTL2Y.roa
File: zkxlVXaL6GW8WoqvpRoi7baTL2Y.roa (raw, json)
Hash identifier: Tr4PKhGNI+5q/fg3Dz9bDL6w0DTiACgS3X9anI72orQ=
Subject key identifier: CE:4C:65:55:76:8B:E8:65:BC:5A:8A:AF:A5:1A:22:ED:B6:93:2F:66
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01856D4AD557E6EE2DE96F2281B2EDE81D1C
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zkxlVXaL6GW8WoqvpRoi7baTL2Y.roa
Signing time: Sun 01 Jan 2023 12:24:58 +0000
ROA not before: Sun 01 Jan 2023 12:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 91.221.117.0/24 maxlen: 24
91.221.233.0/24 maxlen: 24
109.107.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 09:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d5:57:e6:ee:2d:e9:6f:22:81:b2:ed:e8:1d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 1 12:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce4c6555768be865bc5a8aafa51a22edb6932f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:42:4f:66:cd:f9:7b:23:b5:a7:3a:79:ae:c3:
08:ed:87:ad:46:f7:a2:3d:08:92:19:32:81:54:2a:
46:1d:d6:a4:b8:09:0c:ea:6b:b6:12:45:f3:66:b7:
80:8b:75:12:f1:7b:0a:3b:1f:4a:fc:2d:88:77:f0:
2b:88:36:50:f6:b7:96:1a:85:c5:d5:9b:68:7c:a6:
91:cd:c7:92:8a:7a:bc:32:1f:b2:40:21:1b:f7:97:
b9:f4:e5:9a:ec:e1:e3:9a:e7:9c:88:ea:12:a8:66:
99:cd:09:89:da:9f:47:1f:02:80:ac:08:fc:ff:6c:
3d:bd:cc:18:b7:de:19:c6:9c:cb:34:25:2c:02:b6:
fa:56:96:39:ce:ed:ed:7c:91:c9:7a:31:c1:93:fb:
58:4e:3d:9d:1f:c7:72:5c:42:31:78:87:66:ab:15:
3a:f3:1b:86:10:5f:7b:c9:79:2f:94:5b:f4:52:88:
ad:ee:89:ab:e4:fe:b1:50:bc:d2:27:a2:40:53:50:
e4:48:82:96:1a:32:63:be:c1:ff:0f:10:15:7f:d1:
54:f8:f6:e5:4a:f5:f9:21:0f:75:04:79:a7:28:c5:
34:6f:43:a3:8f:51:ee:7e:2f:a8:d8:0e:0d:a9:05:
b1:ae:d2:0d:0f:9e:47:c2:81:34:97:8d:0e:0f:08:
97:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4C:65:55:76:8B:E8:65:BC:5A:8A:AF:A5:1A:22:ED:B6:93:2F:66
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/zkxlVXaL6GW8WoqvpRoi7baTL2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.117.0/24
91.221.233.0/24
109.107.132.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:05:e7:ce:2a:91:d1:d0:19:52:81:6d:d4:88:2c:e0:ac:64:
ce:29:44:f7:33:00:2d:a9:ee:3f:f6:f4:bc:ee:a2:21:8a:4b:
60:2b:27:45:d2:b4:c5:c8:7d:8a:e8:a0:f5:9f:f9:b4:8b:5c:
f1:28:71:f4:4d:82:09:dc:68:f8:43:01:91:ee:43:02:bc:16:
66:02:a9:8c:1b:e0:36:f5:c1:1b:25:14:dc:81:d2:48:6a:0a:
e6:87:b6:3f:a1:0b:bf:54:36:0d:64:e9:fb:54:06:fa:8c:b1:
6f:d4:61:d8:b8:13:0c:07:f0:55:aa:7b:4c:a5:91:9f:96:09:
2b:70:93:95:27:c5:f2:2d:73:26:50:c4:b3:f2:54:51:a8:8b:
5e:c7:ae:22:a1:5e:ad:ad:06:ea:e7:bb:52:ea:53:32:38:66:
b2:d8:c5:81:81:6a:9a:be:1c:b3:d3:2e:77:93:41:d4:9b:fb:
d2:b9:a7:c3:47:75:5d:b0:2b:80:e1:1b:3b:b0:92:32:5b:3e:
ad:7c:44:78:f2:a3:00:fa:60:61:b0:28:4a:9b:58:23:70:0d:
87:a4:a1:51:ac:39:44:12:6b:a4:42:d8:08:41:91:d0:44:c6:
d2:8a:61:94:a8:91:2d:d6:4d:6b:51:44:5b:28:a5:49:5e:20:
77:26:7c:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtStVX5u4t6W8igbLt6B0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMTAxMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRjNjU1NTc2OGJlODY1YmM1YThhYWZhNTFhMjJlZGI2OTMyZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUJPZs35eyO1pzp5rsMI7YetRvei
PQiSGTKBVCpGHdakuAkM6mu2EkXzZreAi3US8XsKOx9K/C2Id/AriDZQ9reWGoXF
1ZtofKaRzceSinq8Mh+yQCEb95e59OWa7OHjmueciOoSqGaZzQmJ2p9HHwKArAj8
/2w9vcwYt94ZxpzLNCUsArb6VpY5zu3tfJHJejHBk/tYTj2dH8dyXEIxeIdmqxU6
8xuGEF97yXkvlFv0Uoit7omr5P6xULzSJ6JAU1DkSIKWGjJjvsH/DxAVf9FU+Pbl
SvX5IQ91BHmnKMU0b0Ojj1Hufi+o2A4NqQWxrtIND55HwoE0l40ODwiXAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM5MZVV2i+hlvFqKr6UaIu22ky9mMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvemt4bFZYYUw2R1c4V29xdnBSb2k3YmFUTDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW911AwQA
W93pAwQAbWuEMA0GCSqGSIb3DQEBCwUAA4IBAQBMBefOKpHR0BlSgW3UiCzgrGTO
KUT3MwAtqe4/9vS87qIhiktgKydF0rTFyH2K6KD1n/m0i1zxKHH0TYIJ3Gj4QwGR
7kMCvBZmAqmMG+A29cEbJRTcgdJIagrmh7Y/oQu/VDYNZOn7VAb6jLFv1GHYuBMM
B/BVqntMpZGflgkrcJOVJ8XyLXMmUMSz8lRRqItex64ioV6trQbq57tS6lMyOGay
2MWBgWqavhyz0y53k0HUm/vSuafDR3VdsCuA4Rs7sJIyWz6tfER48qMA+mBhsChK
m1gjcA2HpKFRrDlEEmukQtgIQZHQRMbSimGUqJEt1k1rUURbKKVJXiB3JnzM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org