Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/InDff-hkQfmfEs9Ic_HzqcGD-II.roa
File: InDff-hkQfmfEs9Ic_HzqcGD-II.roa (raw, json)
Hash identifier: hhvw3Jm6KoVxJDZJeTGJYmgi/i/TI8IUqRE5iWIVkNY=
Subject key identifier: 22:70:DF:7F:E8:64:41:F9:9F:12:CF:48:73:F1:F3:A9:C1:83:F8:82
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01856D4AD0F55F64D616807B99A138F848C4
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/InDff-hkQfmfEs9Ic_HzqcGD-II.roa
Signing time: Sun 01 Jan 2023 12:24:57 +0000
ROA not before: Sun 01 Jan 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29538
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d0:f5:5f:64:d6:16:80:7b:99:a1:38:f8:48:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 1 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2270df7fe86441f99f12cf4873f1f3a9c183f882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ed:f2:51:4e:06:0f:30:cc:a6:11:25:4c:4b:
6a:e8:b1:44:0b:75:a5:bd:56:14:f1:9a:c4:2e:95:
e0:f3:8d:15:21:5c:1a:7c:f3:c8:fa:54:d4:a9:e0:
f0:b0:a8:6f:6d:58:f1:ec:25:3b:57:16:66:4f:9b:
50:80:ec:e6:46:60:06:c2:d6:be:8b:4e:85:3f:0d:
1c:0b:68:1a:25:85:a0:ab:39:5b:ab:c9:44:dc:43:
09:a7:2c:8c:e1:46:0a:22:0f:8e:4f:fc:0b:9c:6a:
3d:01:08:b1:1d:6d:29:de:56:0e:f8:6e:97:61:4b:
2b:c4:c3:9c:c2:f9:b1:b6:2c:d9:40:98:e4:70:83:
39:8a:f7:0c:95:6e:a2:65:03:67:40:96:85:d6:48:
96:29:76:52:9f:86:2a:f1:0f:07:95:9f:19:10:c7:
ea:e6:15:61:4e:6f:ac:c4:b4:f6:86:74:0a:08:ed:
59:3b:5b:99:b0:58:43:c7:24:e3:8e:f2:eb:37:59:
04:40:67:94:8d:b2:71:1c:c3:0e:e2:e8:f2:e0:1e:
b7:c8:da:9a:e1:af:00:37:8f:cb:3f:75:10:f0:5a:
a7:88:e1:7e:e1:1d:b4:90:9d:7f:77:83:07:a6:cb:
d6:d8:81:59:bb:31:26:00:1d:e0:2a:fb:5a:42:61:
d7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:70:DF:7F:E8:64:41:F9:9F:12:CF:48:73:F1:F3:A9:C1:83:F8:82
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/InDff-hkQfmfEs9Ic_HzqcGD-II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
86:47:5d:a9:f1:ae:2f:b8:be:fe:41:a9:60:fd:18:97:61:3e:
c4:59:57:f8:12:f4:d2:81:b6:c6:19:3f:bd:a4:34:5a:a0:6e:
7f:1e:6d:fa:24:ef:2f:3f:c6:23:4d:fe:2e:6c:ea:10:ea:68:
f7:fe:0d:8c:10:a2:53:d8:be:f6:b6:75:ff:fa:b5:3f:a4:6e:
84:ea:2b:29:27:eb:09:c1:9d:02:67:38:c4:be:f6:68:0a:09:
77:4b:98:4c:fa:3a:b7:59:75:8d:e2:f4:a1:9b:c6:e9:40:28:
35:f4:af:08:9b:a1:ee:e1:fd:f8:eb:4e:f4:d7:49:3a:a6:03:
2a:c9:d8:17:12:30:d0:0d:29:71:8d:b0:74:cc:dd:9c:fa:15:
07:6c:4d:dc:45:6d:3a:29:c6:b0:7f:de:54:ef:8d:d9:6b:0d:
8a:32:b2:58:c1:88:3a:60:f3:79:e3:49:3e:78:a9:c5:fa:18:
b5:d1:68:e0:ab:79:ae:16:99:4e:2e:86:f2:36:22:cb:45:43:
28:78:4a:ad:fa:a7:7b:6c:bb:09:5c:ab:44:35:f6:4a:9e:14:
43:0c:4d:c4:75:90:46:f4:da:fd:73:fa:8d:aa:0e:3d:ee:b8:
04:ab:ac:52:b8:ac:d0:1b:e9:f9:1c:44:d5:2f:d0:92:e7:50:
52:fe:b5:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtStD1X2TWFoB7maE4+EjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMTAxMTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjcwZGY3ZmU4NjQ0MWY5OWYxMmNmNDg3M2YxZjNhOWMxODNmODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu3yUU4GDzDMphElTEtq6LFEC3Wl
vVYU8ZrELpXg840VIVwafPPI+lTUqeDwsKhvbVjx7CU7VxZmT5tQgOzmRmAGwta+
i06FPw0cC2gaJYWgqzlbq8lE3EMJpyyM4UYKIg+OT/wLnGo9AQixHW0p3lYO+G6X
YUsrxMOcwvmxtizZQJjkcIM5ivcMlW6iZQNnQJaF1kiWKXZSn4Yq8Q8HlZ8ZEMfq
5hVhTm+sxLT2hnQKCO1ZO1uZsFhDxyTjjvLrN1kEQGeUjbJxHMMO4ujy4B63yNqa
4a8AN4/LP3UQ8FqniOF+4R20kJ1/d4MHpsvW2IFZuzEmAB3gKvtaQmHXUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJw33/oZEH5nxLPSHPx86nBg/iCMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvSW5EZmYtaGtRZm1mRXM5SWNfSHpxY0dELUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQCGR12p8a4vuL7+Qalg/RiXYT7EWVf4EvTSgbbGGT+9
pDRaoG5/Hm36JO8vP8YjTf4ubOoQ6mj3/g2MEKJT2L72tnX/+rU/pG6E6ispJ+sJ
wZ0CZzjEvvZoCgl3S5hM+jq3WXWN4vShm8bpQCg19K8Im6Hu4f34607010k6pgMq
ydgXEjDQDSlxjbB0zN2c+hUHbE3cRW06Kcawf95U743Zaw2KMrJYwYg6YPN540k+
eKnF+hi10Wjgq3muFplOLobyNiLLRUMoeEqt+qd7bLsJXKtENfZKnhRDDE3EdZBG
9Nr9c/qNqg497rgEq6xSuKzQG+n5HETVL9CS51BS/rUo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org