Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/UqZko6I9Mm0Bjj2RP61x8PV0CLU.roa
File: UqZko6I9Mm0Bjj2RP61x8PV0CLU.roa (raw, json)
Hash identifier: k9MVo8w+OobSnAYoYFgXBWN0uq5bgvQFEuV/7EPeAZU=
Subject key identifier: 52:A6:64:A3:A2:3D:32:6D:01:8E:3D:91:3F:AD:71:F0:F5:74:08:B5
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0192E6920318B328155C2831149D3727C150
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/UqZko6I9Mm0Bjj2RP61x8PV0CLU.roa
Signing time: Fri 01 Nov 2024 07:13:01 +0000
ROA not before: Fri 01 Nov 2024 07:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.126.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 13:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:92:03:18:b3:28:15:5c:28:31:14:9d:37:27:c1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Nov 1 07:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52a664a3a23d326d018e3d913fad71f0f57408b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:03:b9:d7:33:e8:ac:f8:6c:04:e6:9e:0e:
6c:18:43:0f:4a:66:74:76:7d:ea:9a:dc:49:b4:bf:
c8:b6:f6:41:a8:50:c5:eb:4c:cc:80:f1:f0:10:6d:
3f:69:60:bf:5d:44:d7:78:37:2d:6e:ce:84:f6:f8:
fb:00:b4:60:60:e5:46:16:00:2f:5a:ff:ed:ed:20:
6d:b3:ab:fd:9c:89:90:c4:24:a1:2d:e6:50:ce:8a:
93:21:e8:b0:a5:83:f9:ac:a8:bd:93:3b:f6:ae:6a:
4c:19:99:7e:db:47:eb:46:60:65:02:26:2c:3c:19:
b9:3a:46:5d:bc:05:65:8b:09:04:34:c4:76:d2:db:
9b:1c:a2:8d:e0:68:fd:4e:fd:e7:91:01:a3:a9:86:
09:ad:3c:65:e1:2d:b4:8a:3c:df:95:64:b7:4f:36:
06:08:5a:27:ff:af:f0:99:a0:e2:93:ac:92:d8:57:
55:57:eb:c1:c2:2b:48:01:e7:b9:29:fa:e4:d9:cc:
dd:1d:6f:18:6f:3e:87:ad:89:95:66:14:68:36:60:
35:ca:f4:d2:6c:3a:b5:fc:29:1b:c4:cb:18:b8:81:
6f:e6:71:f6:20:7e:57:c1:71:cc:a4:87:f1:3b:e4:
9f:be:29:88:0d:d5:21:41:57:33:c7:56:8d:c9:0c:
a2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A6:64:A3:A2:3D:32:6D:01:8E:3D:91:3F:AD:71:F0:F5:74:08:B5
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/UqZko6I9Mm0Bjj2RP61x8PV0CLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:63:78:bc:7b:f9:e1:9b:66:6c:12:10:81:52:39:36:37:ef:
f7:5f:84:58:c7:a3:e2:52:cb:72:36:74:72:5f:06:a0:fc:ae:
86:53:73:e1:a4:54:1a:99:48:62:62:03:e6:b6:9a:6b:91:0b:
0f:05:f4:0d:4b:f6:89:6f:8d:90:e8:c2:9c:2f:94:bf:9e:91:
a1:16:a1:42:b3:84:14:ef:30:46:1a:aa:df:fc:aa:c6:06:81:
bd:1c:b1:1d:a3:3b:92:a4:c8:bf:fd:67:75:70:4c:05:2f:04:
47:e4:6a:c5:6c:61:82:e8:05:fb:3d:69:6a:86:2c:53:8e:f6:
d6:45:18:c8:82:b1:af:81:cc:2c:df:9b:a9:df:32:ac:6a:32:
91:57:49:4e:20:df:08:4b:ef:6b:7a:99:a2:47:66:16:04:c2:
b1:f8:f5:0a:a8:f2:c6:a7:41:24:1f:cc:4a:71:37:89:0c:0f:
ec:5f:aa:39:7d:02:0a:51:a7:e9:57:08:48:00:55:05:57:ea:
b2:cf:6b:d1:b9:43:3d:1e:04:28:cc:e4:9f:79:da:b0:ec:cf:
aa:b9:31:94:e5:e3:fa:40:56:f4:9f:70:a4:2a:9c:63:3b:64:
b5:cc:71:6f:c6:8a:7c:e4:b1:e7:36:0e:0f:a6:00:2a:c1:02:
f3:46:7f:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLmkgMYsygVXCgxFJ03J8FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQxMTAxMDcxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE2NjRhM2EyM2QzMjZkMDE4ZTNkOTEzZmFkNzFmMGY1NzQwOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvQDudcz6Kz4bATmng5sGEMPSmZ0
dn3qmtxJtL/ItvZBqFDF60zMgPHwEG0/aWC/XUTXeDctbs6E9vj7ALRgYOVGFgAv
Wv/t7SBts6v9nImQxCShLeZQzoqTIeiwpYP5rKi9kzv2rmpMGZl+20frRmBlAiYs
PBm5OkZdvAVliwkENMR20tubHKKN4Gj9Tv3nkQGjqYYJrTxl4S20ijzflWS3TzYG
CFon/6/wmaDik6yS2FdVV+vBwitIAee5Kfrk2czdHW8Ybz6HrYmVZhRoNmA1yvTS
bDq1/CkbxMsYuIFv5nH2IH5XwXHMpIfxO+SfvimIDdUhQVczx1aNyQyiVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKmZKOiPTJtAY49kT+tcfD1dAi1MB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvVXFaa282STlNbTBCamoyUlA2MXg4UFYwQ0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6eMA0G
CSqGSIb3DQEBCwUAA4IBAQAbY3i8e/nhm2ZsEhCBUjk2N+/3X4RYx6PiUstyNnRy
Xwag/K6GU3PhpFQamUhiYgPmtpprkQsPBfQNS/aJb42Q6MKcL5S/npGhFqFCs4QU
7zBGGqrf/KrGBoG9HLEdozuSpMi//Wd1cEwFLwRH5GrFbGGC6AX7PWlqhixTjvbW
RRjIgrGvgcws35up3zKsajKRV0lOIN8IS+9repmiR2YWBMKx+PUKqPLGp0EkH8xK
cTeJDA/sX6o5fQIKUafpVwhIAFUFV+qyz2vRuUM9HgQozOSfedqw7M+quTGU5eP6
QFb0n3CkKpxjO2S1zHFvxop85LHnNg4PpgAqwQLzRn/b
-----END CERTIFICATE-----
Generated at Thu Nov 7 17:43:10 2024 by rpki-client on console-ams.rpki-client.org