Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/iOv_Igl-NO8pTNXXraPLytTd2-I.roa
File: iOv_Igl-NO8pTNXXraPLytTd2-I.roa (raw, json)
Hash identifier: 9WQmiH4Qs0adpl+ZlxLCEoFtrPKkXhzeXsTtPMi5k4o=
Subject key identifier: 88:EB:FF:22:09:7E:34:EF:29:4C:D5:D7:AD:A3:CB:CA:D4:DD:DB:E2
Certificate issuer: /CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Certificate serial: 018BAB57C74FCE473789DB9EFECDD109F51A
Authority key identifier: B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/iOv_Igl-NO8pTNXXraPLytTd2-I.roa
Signing time: Tue 07 Nov 2023 19:52:18 +0000
ROA not before: Tue 07 Nov 2023 19:52:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203735
IP address blocks: 91.192.4.0/24 maxlen: 24
91.192.7.0/24 maxlen: 24
91.192.5.0/24 maxlen: 24
2a0c:64c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ab:57:c7:4f:ce:47:37:89:db:9e:fe:cd:d1:09:f5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Validity
Not Before: Nov 7 19:52:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88ebff22097e34ef294cd5d7ada3cbcad4dddbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:6c:58:f3:f8:bb:fe:88:53:5b:58:e8:fd:
33:a9:bc:64:96:44:c1:b0:f0:19:be:35:49:0a:a1:
ab:24:ae:9e:03:9a:fa:ad:4d:16:54:d7:42:b3:ce:
ff:41:f9:bb:14:fe:53:31:01:fc:8a:89:58:62:76:
88:d8:0f:3c:3d:85:38:20:30:27:6f:93:3f:ca:24:
73:aa:e8:5f:9e:ca:84:80:c1:7f:9d:fe:43:97:02:
a9:1c:bd:82:f2:6f:c6:17:97:d8:d8:59:ff:5c:78:
a5:6a:e1:a9:d8:3e:6e:38:30:18:9e:68:39:ba:fd:
b9:e4:33:84:38:57:66:b7:18:63:5c:b8:e9:aa:59:
f2:f5:df:72:12:64:29:a7:2f:81:36:16:aa:d3:87:
30:0d:31:55:86:3b:f7:27:e9:eb:4e:b2:2c:ab:ae:
0d:d8:b5:68:3c:14:25:f6:17:5b:fe:61:53:7a:2b:
09:98:62:cd:5b:3e:e9:ca:84:dc:21:d1:6d:3d:f4:
99:5d:3e:6a:9d:9b:f4:16:22:65:95:6b:9e:7b:37:
b4:f0:3f:2e:95:d2:09:4d:9a:a8:71:c4:0d:30:57:
c1:47:93:4d:39:69:52:b9:bf:aa:d0:8d:f7:7e:5f:
b3:29:a7:78:6a:eb:d4:7b:61:aa:a1:48:ae:c4:57:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EB:FF:22:09:7E:34:EF:29:4C:D5:D7:AD:A3:CB:CA:D4:DD:DB:E2
X509v3 Authority Key Identifier:
keyid:B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/iOv_Igl-NO8pTNXXraPLytTd2-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/uRRkdndz8SObZGu2a9z09_sSBs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.4.0/23
91.192.7.0/24
IPv6:
2a0c:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:54:f3:05:8e:c4:0c:db:d0:f3:d6:e5:f0:c0:12:22:d4:13:
26:61:a9:a9:ad:b4:7d:c4:55:3a:60:c4:8d:eb:b8:92:a9:19:
14:27:7f:7a:48:87:a3:6c:42:6e:c1:6c:43:72:8b:76:d4:e9:
72:e5:6a:87:19:97:15:8c:e8:ce:21:64:20:57:f9:c3:60:9e:
0f:cc:0e:e6:19:db:49:82:a8:19:e0:2a:3a:18:f9:ab:b0:29:
4d:b8:b6:84:af:fb:87:d5:f8:5a:12:11:71:ed:9e:58:07:8d:
82:f4:e5:61:55:da:86:8d:f9:a0:78:97:41:a3:7f:cd:94:ba:
a2:de:d9:f8:80:90:50:2c:23:73:c4:4c:5b:d5:4d:1d:7a:40:
98:58:e2:6a:4b:39:27:19:42:2a:7c:5a:ac:8d:cd:16:60:df:
07:af:5a:9c:e0:09:bf:0a:6e:f8:f8:a2:de:28:d4:b9:5c:f4:
cc:96:f8:ec:e8:89:f1:77:e1:57:83:2c:90:e4:34:e6:66:83:
ff:81:9e:78:a1:62:ce:46:7a:59:fd:e7:f2:cc:4c:68:50:71:
dd:b8:d5:68:80:60:2f:d0:07:88:2a:e5:ff:0a:98:39:8b:3c:
46:03:5b:66:35:08:0f:f1:b4:00:77:31:36:b2:dd:3b:17:c9:
f8:6a:f0:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYurV8dPzkc3idue/s3RCfUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ2NDc2Nzc3M2YxMjM5YjY0NmJiNjZiZGNmNGY3ZmIx
MjA2Y2UwHhcNMjMxMTA3MTk1MjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGViZmYyMjA5N2UzNGVmMjk0Y2Q1ZDdhZGEzY2JjYWQ0ZGRkYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN1sWPP4u/6IU1tY6P0zqbxklkTB
sPAZvjVJCqGrJK6eA5r6rU0WVNdCs87/Qfm7FP5TMQH8iolYYnaI2A88PYU4IDAn
b5M/yiRzquhfnsqEgMF/nf5DlwKpHL2C8m/GF5fY2Fn/XHilauGp2D5uODAYnmg5
uv255DOEOFdmtxhjXLjpqlny9d9yEmQppy+BNhaq04cwDTFVhjv3J+nrTrIsq64N
2LVoPBQl9hdb/mFTeisJmGLNWz7pyoTcIdFtPfSZXT5qnZv0FiJllWueeze08D8u
ldIJTZqoccQNMFfBR5NNOWlSub+q0I33fl+zKad4auvUe2GqoUiuxFf6VwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIjr/yIJfjTvKUzV162jy8rU3dviMB8GA1UdIwQY
MBaAFLkUZHZ3c/Ejm2Rrtmvc9Pf7EgbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMt
NDc1ZGJiYjBjMDhjLzEvaU92X0lnbC1OTzhwVE5YWHJhUEx5dFRkMi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMtNDc1ZGJiYjBjMDhj
LzEvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8AEAwQA
W8AHMA0EAgACMAcDBQMqDGTAMA0GCSqGSIb3DQEBCwUAA4IBAQAXVPMFjsQM29Dz
1uXwwBIi1BMmYamprbR9xFU6YMSN67iSqRkUJ396SIejbEJuwWxDcot21Oly5WqH
GZcVjOjOIWQgV/nDYJ4PzA7mGdtJgqgZ4Co6GPmrsClNuLaEr/uH1fhaEhFx7Z5Y
B42C9OVhVdqGjfmgeJdBo3/NlLqi3tn4gJBQLCNzxExb1U0dekCYWOJqSzknGUIq
fFqsjc0WYN8Hr1qc4Am/Cm74+KLeKNS5XPTMlvjs6Inxd+FXgyyQ5DTmZoP/gZ54
oWLORnpZ/efyzExoUHHduNVogGAv0AeIKuX/Cpg5izxGA1tmNQgP8bQAdzE2st07
F8n4avBc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:46 2024 by rpki-client on console-fra.rpki-client.org