Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/7WLiZaGxxmjud6QkJgflSm6pKX8.roa
File: 7WLiZaGxxmjud6QkJgflSm6pKX8.roa (raw, json)
Hash identifier: aO1I1+SwoPIvs1uyLTCJJatnWR5ad/NWwq5Q9cNZp7A=
Subject key identifier: ED:62:E2:65:A1:B1:C6:68:EE:77:A4:24:26:07:E5:4A:6E:A9:29:7F
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 019421B2582B23A2AE6767A4B229B4B7AD73
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/7WLiZaGxxmjud6QkJgflSm6pKX8.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29538
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 04:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:58:2b:23:a2:ae:67:67:a4:b2:29:b4:b7:ad:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed62e265a1b1c668ee77a4242607e54a6ea9297f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:41:8e:e5:5f:fd:16:9b:5d:43:ab:2c:30:b5:
19:7d:74:2d:9b:fb:85:ae:89:ea:c9:cc:01:97:21:
bb:bc:fa:96:01:e7:7c:18:7d:91:0b:44:10:38:9a:
47:aa:34:db:85:d8:10:99:f1:3e:fe:bd:4a:6f:95:
51:10:c1:06:cd:d8:c1:ff:97:a0:f2:e3:81:bb:ab:
b7:fe:9a:b6:b0:50:78:18:ec:28:91:ac:cb:98:99:
14:ac:46:f5:21:45:8b:13:a8:6d:00:6b:61:05:5c:
07:5b:56:ff:8d:45:31:80:2b:fc:ef:d2:7b:8c:00:
fa:cb:69:61:6d:ed:e7:48:5e:02:73:9c:a9:e9:d1:
a2:a2:2d:87:e8:1a:c5:0e:b7:2c:9d:40:35:3c:5b:
6c:3c:98:2f:38:9f:61:87:1d:b1:2a:a2:95:7c:fd:
97:fe:9e:5b:8f:8d:ba:08:83:6e:db:a4:58:85:cb:
f6:4f:d7:62:65:82:ba:31:30:1e:8a:8b:c8:fc:5c:
50:1f:5f:2c:87:56:20:bd:1f:79:ef:19:2f:d4:74:
3f:5c:ec:ed:83:db:ba:8b:1b:47:4d:76:37:cd:a3:
71:f6:8e:d0:ba:81:75:4b:3a:59:bb:b5:1a:22:c3:
fa:f2:3d:da:ae:8d:a1:3e:ae:ad:db:f2:3d:f6:1b:
64:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:62:E2:65:A1:B1:C6:68:EE:77:A4:24:26:07:E5:4A:6E:A9:29:7F
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/7WLiZaGxxmjud6QkJgflSm6pKX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
56:42:4e:4f:42:35:47:2e:fd:a4:77:03:2d:71:fe:a1:7c:99:
03:4c:e3:7d:1b:4d:42:32:a4:ed:d3:6f:64:c7:a3:8a:4b:f4:
d3:2e:da:80:7c:5b:30:fc:ab:a9:74:ef:75:19:ec:55:56:18:
bc:f1:81:33:3b:46:59:a8:fc:7b:fc:7c:dd:b6:75:b7:65:83:
82:e0:07:1d:e9:24:6d:bc:d0:28:bb:de:30:d8:f8:b6:79:5f:
aa:8c:f9:72:ec:9d:5a:d9:ba:73:55:ca:8a:0f:5b:ac:9e:00:
73:e3:e5:d8:e4:3a:09:53:33:10:d5:3b:c4:6d:94:fd:dd:ac:
6c:2d:96:13:54:c9:2a:2c:91:ef:2e:00:94:f8:96:ee:3f:57:
cb:22:e7:80:06:35:0d:26:dd:60:62:19:30:f7:4e:04:ce:4f:
13:48:a4:11:ff:5a:0e:7f:b2:ee:bf:a1:79:74:05:12:6e:3c:
fd:17:ce:13:e4:f5:d1:5b:83:c8:a5:bc:38:63:97:9d:5c:06:
13:4b:cd:27:a7:c9:85:a1:84:81:75:51:25:21:c8:90:37:ab:
b5:bb:cf:37:e0:c2:e7:6f:50:97:ad:cb:4f:39:83:c9:d1:68:
7d:96:b2:2f:78:5c:fe:36:b7:70:cc:d5:5f:03:b1:78:17:4a:
01:32:94:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslgrI6KuZ2eksim0t61zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDYyZTI2NWExYjFjNjY4ZWU3N2E0MjQyNjA3ZTU0YTZlYTkyOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EGO5V/9FptdQ6ssMLUZfXQtm/uF
ronqycwBlyG7vPqWAed8GH2RC0QQOJpHqjTbhdgQmfE+/r1Kb5VREMEGzdjB/5eg
8uOBu6u3/pq2sFB4GOwokazLmJkUrEb1IUWLE6htAGthBVwHW1b/jUUxgCv879J7
jAD6y2lhbe3nSF4Cc5yp6dGioi2H6BrFDrcsnUA1PFtsPJgvOJ9hhx2xKqKVfP2X
/p5bj426CINu26RYhcv2T9diZYK6MTAeiovI/FxQH18sh1YgvR957xkv1HQ/XOzt
g9u6ixtHTXY3zaNx9o7QuoF1SzpZu7UaIsP68j3aro2hPq6t2/I99htkIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1i4mWhscZo7nekJCYH5UpuqSl/MB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvN1dMaVphR3h4bWp1ZDZRa0pnZmxTbTZwS1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQBWQk5PQjVHLv2kdwMtcf6hfJkDTON9G01CMqTt029k
x6OKS/TTLtqAfFsw/KupdO91GexVVhi88YEzO0ZZqPx7/HzdtnW3ZYOC4Acd6SRt
vNAou94w2Pi2eV+qjPly7J1a2bpzVcqKD1usngBz4+XY5DoJUzMQ1TvEbZT93axs
LZYTVMkqLJHvLgCU+JbuP1fLIueABjUNJt1gYhkw904Ezk8TSKQR/1oOf7Luv6F5
dAUSbjz9F84T5PXRW4PIpbw4Y5edXAYTS80np8mFoYSBdVElIciQN6u1u8834MLn
b1CXrctPOYPJ0Wh9lrIveFz+NrdwzNVfA7F4F0oBMpTa
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:24:31 2025 by rpki-client