Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KqEpJcifj4wlwZ9nWLYiSnQ0t2Y.roa
File: KqEpJcifj4wlwZ9nWLYiSnQ0t2Y.roa (raw, json)
Hash identifier: FHlxMtR5AJGGfggI0vc2V6nLsg8SKeVz7BC/BVBqCTQ=
Subject key identifier: 2A:A1:29:25:C8:9F:8F:8C:25:C1:9F:67:58:B6:22:4A:74:34:B7:66
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01864908A562D39502BCD44741AF9F5C78BC
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KqEpJcifj4wlwZ9nWLYiSnQ0t2Y.roa
Signing time: Mon 13 Feb 2023 04:29:08 +0000
ROA not before: Mon 13 Feb 2023 04:29:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 91.221.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 May 2023 06:47:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:08:a5:62:d3:95:02:bc:d4:47:41:af:9f:5c:78:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Feb 13 04:29:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aa12925c89f8f8c25c19f6758b6224a7434b766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:95:1e:dd:71:43:62:98:e2:db:24:71:6f:
94:20:75:a7:a1:28:92:2d:ea:99:e0:15:f7:c0:98:
f4:67:c1:69:de:22:33:99:e5:fa:eb:4f:a1:69:e2:
7e:f7:dc:39:aa:a5:e4:9b:f5:4e:fc:e9:c7:ea:fa:
c2:08:85:f1:e9:40:3d:f2:bd:98:6b:ea:7a:f6:f6:
80:1d:2d:03:a9:d6:24:7c:c0:45:d0:d8:46:ba:b3:
f1:6b:60:79:ee:1f:4f:76:3f:15:f3:6d:84:a7:21:
8a:1d:7e:a3:9f:d4:c8:fc:8a:9b:5c:2b:86:18:db:
92:85:c0:f4:6d:f1:57:bc:f3:7f:94:a1:c0:18:44:
aa:34:6f:f2:f1:ed:dd:ee:71:03:9d:3f:c4:39:ed:
e6:17:58:41:91:c8:8e:e7:86:99:eb:94:e7:a3:18:
d8:23:44:fc:64:af:d4:c8:2a:1c:af:96:47:d6:c7:
d0:ec:ce:19:bd:4a:da:6a:38:ec:c0:9c:e6:45:9d:
d8:07:7c:c1:11:c4:40:a3:28:86:61:98:c5:90:99:
c5:e2:20:3f:cb:55:d1:d9:11:5a:b4:27:12:4d:fc:
52:bb:1f:95:be:7e:14:a9:2e:ad:ae:de:c2:5c:7d:
31:13:e1:9e:bf:e9:12:f8:88:95:61:ec:f0:13:3f:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A1:29:25:C8:9F:8F:8C:25:C1:9F:67:58:B6:22:4A:74:34:B7:66
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/KqEpJcifj4wlwZ9nWLYiSnQ0t2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.233.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7f:c2:9a:07:a5:2f:35:64:f5:19:d8:a8:2d:f5:09:7b:d0:
96:06:8c:7f:b2:14:c5:83:36:f7:83:f8:98:c3:53:12:6d:ad:
27:cb:48:44:e3:70:20:ff:bc:86:4f:19:0c:97:13:5b:f4:80:
37:bd:ab:e6:83:ad:c5:43:75:a5:eb:17:da:e9:cd:6a:8d:71:
e7:66:0b:3f:97:8c:e9:17:f2:cb:e2:b6:40:3d:6a:62:1d:ee:
e3:b2:1f:ff:99:c2:db:09:0e:42:6e:f4:27:4b:fb:93:19:47:
28:d5:8c:98:81:d0:f1:69:58:25:88:4b:16:f9:3e:4a:3d:a6:
2a:1a:f9:0a:d5:72:9d:a7:8f:62:30:aa:aa:3f:32:e4:42:01:
d5:0c:ef:eb:47:ec:41:d4:22:5e:ff:af:ce:97:56:fd:62:ba:
9a:ea:c3:ba:b4:70:e7:5e:d2:42:da:e1:4a:31:ad:3f:c1:db:
9c:bb:ff:30:65:34:e8:15:9e:0d:f9:b2:5c:73:32:2a:1e:19:
9f:97:f9:e6:af:20:8a:5f:5c:9d:75:64:8e:74:b0:cb:80:5b:
eb:e0:c9:2f:69:f4:d7:b0:c5:fa:4e:64:e6:3c:51:9f:db:c1:
ea:cd:cc:e1:46:e8:f5:35:90:88:21:cf:cb:97:d9:1f:74:a6:
c6:65:1a:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJCKVi05UCvNRHQa+fXHi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMjEzMDQyOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWExMjkyNWM4OWY4ZjhjMjVjMTlmNjc1OGI2MjI0YTc0MzRiNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRKVHt1xQ2KY4tskcW+UIHWnoSiS
LeqZ4BX3wJj0Z8Fp3iIzmeX660+haeJ+99w5qqXkm/VO/OnH6vrCCIXx6UA98r2Y
a+p69vaAHS0DqdYkfMBF0NhGurPxa2B57h9Pdj8V822EpyGKHX6jn9TI/IqbXCuG
GNuShcD0bfFXvPN/lKHAGESqNG/y8e3d7nEDnT/EOe3mF1hBkciO54aZ65TnoxjY
I0T8ZK/UyCocr5ZH1sfQ7M4ZvUraajjswJzmRZ3YB3zBEcRAoyiGYZjFkJnF4iA/
y1XR2RFatCcSTfxSux+Vvn4UqS6trt7CXH0xE+Gev+kS+IiVYezwEz+4KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqhKSXIn4+MJcGfZ1i2Ikp0NLdmMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvS3FFcEpjaWZqNHdsd1o5bldMWWlTblEwdDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW93pMA0G
CSqGSIb3DQEBCwUAA4IBAQA9f8KaB6UvNWT1GdioLfUJe9CWBox/shTFgzb3g/iY
w1MSba0ny0hE43Ag/7yGTxkMlxNb9IA3vavmg63FQ3Wl6xfa6c1qjXHnZgs/l4zp
F/LL4rZAPWpiHe7jsh//mcLbCQ5CbvQnS/uTGUco1YyYgdDxaVgliEsW+T5KPaYq
GvkK1XKdp49iMKqqPzLkQgHVDO/rR+xB1CJe/6/Ol1b9Yrqa6sO6tHDnXtJC2uFK
Ma0/wducu/8wZTToFZ4N+bJcczIqHhmfl/nmryCKX1yddWSOdLDLgFvr4MkvafTX
sMX6TmTmPFGf28HqzczhRuj1NZCIIc/Ll9kfdKbGZRqE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org