Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/f6nNA8XIA1KbLofF001GRmnZCUI.roa
File: f6nNA8XIA1KbLofF001GRmnZCUI.roa (raw, json)
Hash identifier: PUE5GRN3VMgQ19s8X3hPl/wO3VEKDYmhAHmanZ+Rt1U=
Subject key identifier: 7F:A9:CD:03:C5:C8:03:52:9B:2E:87:C5:D3:4D:46:46:69:D9:09:42
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0186B85DCD7083373C216BA88D223A567CDF
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/f6nNA8XIA1KbLofF001GRmnZCUI.roa
Signing time: Mon 06 Mar 2023 19:20:00 +0000
ROA not before: Mon 06 Mar 2023 19:20:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.126.134.0/23 maxlen: 24
91.221.116.0/23 maxlen: 24
91.221.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:5d:cd:70:83:37:3c:21:6b:a8:8d:22:3a:56:7c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Mar 6 19:20:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fa9cd03c5c803529b2e87c5d34d464669d90942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:17:dd:f0:cd:a2:5a:4f:68:fe:a1:7b:0c:88:
88:f9:76:5f:db:f2:49:68:cf:1e:f1:e0:9a:b6:58:
20:30:9e:7e:82:6a:2e:e3:5b:45:dd:e1:9f:3d:9d:
54:d6:86:8e:40:23:ac:ee:4b:29:3d:99:bc:a6:d3:
81:e0:f5:43:e4:16:a5:d6:34:97:bd:a3:ab:3b:b1:
40:2e:c4:3e:25:85:dd:f4:13:4f:88:f5:69:14:99:
6c:2a:f5:30:58:b5:23:be:79:f9:9a:80:8d:f2:5e:
c9:28:26:4c:ae:30:be:fc:b9:e5:06:7e:8c:98:f6:
e7:0e:6e:23:e3:20:33:f1:5e:60:95:4c:2b:2f:c5:
2c:51:e7:7b:47:43:3c:5d:41:ae:94:16:ba:13:e3:
44:63:04:54:01:4a:d6:57:ec:6a:3f:66:a6:cb:8c:
f6:d1:92:5a:98:bd:e4:9b:dc:8b:7d:ee:7b:c9:76:
f0:b4:0b:86:24:32:22:4a:e5:60:aa:3b:77:d9:51:
9e:34:2c:ae:40:55:a2:48:c0:2e:16:1e:0b:58:cd:
45:ca:13:6b:a5:6f:a0:df:2f:1f:03:bc:77:41:50:
f0:5a:72:75:b7:81:1b:f1:93:85:08:b4:89:82:01:
87:7e:2d:6a:4d:1d:d5:8c:2c:e8:7c:05:d3:ea:87:
14:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A9:CD:03:C5:C8:03:52:9B:2E:87:C5:D3:4D:46:46:69:D9:09:42
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/f6nNA8XIA1KbLofF001GRmnZCUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/23
91.221.232.0/24
185.126.134.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:21:11:eb:0f:af:10:9f:4d:1a:7a:e0:c4:0e:19:25:3d:2f:
d0:2a:a0:a5:b3:8e:f7:8e:09:14:2c:79:0d:31:ba:93:53:0c:
dc:7a:28:96:f3:e2:6b:bb:94:96:22:37:94:b8:b7:14:39:23:
11:15:2d:16:47:f0:44:70:81:20:c3:56:f2:21:1c:02:37:ae:
f9:71:5c:c5:43:f6:4b:c9:fc:e4:5b:5d:d4:5d:3c:b1:44:53:
a1:67:89:53:9b:e1:f6:7c:2e:c7:7a:a9:24:a8:1a:62:4c:3c:
67:86:07:1d:79:e7:bc:50:90:1c:ce:ca:f2:06:3e:e5:7b:f7:
38:86:02:f5:81:9b:1f:33:0a:da:f4:09:6a:06:ec:b2:cc:a2:
95:65:dc:05:83:7a:4a:34:c2:cb:11:e8:d3:3c:84:d7:90:44:
c0:fe:b1:b0:03:8a:64:b2:b4:af:28:fd:49:63:61:6e:c3:04:
8a:a0:92:93:92:f7:bf:6f:bc:f9:ae:6a:b3:c9:06:ba:a7:56:
cd:00:78:b7:71:e9:82:1d:09:c0:3b:5e:64:c0:a6:d0:0b:2a:
d4:f5:4f:87:ed:cc:b4:c1:eb:e5:63:3d:27:0c:01:a8:7f:0e:
b2:a2:76:d8:13:75:0f:7e:f8:2a:98:82:1e:cf:de:90:16:c6:
d7:fc:91:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa4Xc1wgzc8IWuojSI6VnzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMzA2MTkyMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmE5Y2QwM2M1YzgwMzUyOWIyZTg3YzVkMzRkNDY0NjY5ZDkwOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRfd8M2iWk9o/qF7DIiI+XZf2/JJ
aM8e8eCatlggMJ5+gmou41tF3eGfPZ1U1oaOQCOs7kspPZm8ptOB4PVD5Bal1jSX
vaOrO7FALsQ+JYXd9BNPiPVpFJlsKvUwWLUjvnn5moCN8l7JKCZMrjC+/LnlBn6M
mPbnDm4j4yAz8V5glUwrL8UsUed7R0M8XUGulBa6E+NEYwRUAUrWV+xqP2amy4z2
0ZJamL3km9yLfe57yXbwtAuGJDIiSuVgqjt32VGeNCyuQFWiSMAuFh4LWM1FyhNr
pW+g3y8fA7x3QVDwWnJ1t4Eb8ZOFCLSJggGHfi1qTR3VjCzofAXT6ocUOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+pzQPFyANSmy6HxdNNRkZp2QlCMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvZjZuTkE4WElBMUtiTG9mRjAwMUdSbW5aQ1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW910AwQA
W93oAwQBuX6GMA0GCSqGSIb3DQEBCwUAA4IBAQAMIRHrD68Qn00aeuDEDhklPS/Q
KqCls473jgkULHkNMbqTUwzceiiW8+Jru5SWIjeUuLcUOSMRFS0WR/BEcIEgw1by
IRwCN675cVzFQ/ZLyfzkW13UXTyxRFOhZ4lTm+H2fC7HeqkkqBpiTDxnhgcdeee8
UJAczsryBj7le/c4hgL1gZsfMwra9AlqBuyyzKKVZdwFg3pKNMLLEejTPITXkETA
/rGwA4pksrSvKP1JY2FuwwSKoJKTkve/b7z5rmqzyQa6p1bNAHi3cemCHQnAO15k
wKbQCyrU9U+H7cy0wevlYz0nDAGofw6yonbYE3UPfvgqmIIez96QFsbX/JFv
-----END CERTIFICATE-----
Generated at Tue Oct 24 11:07:44 2023 by rpki-client on console-fra.rpki-client.org