Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1K7-aBV8mZJVni3D7g2bmEgThs.roa
File: h1K7-aBV8mZJVni3D7g2bmEgThs.roa (raw, json)
Hash identifier: RtL/v5U1n9rE0hkpszFID8KGU/UTl6maLT/qk87WdeE=
Subject key identifier: 87:52:BB:F9:A0:55:F2:66:49:56:78:B7:0F:B8:36:6E:61:20:4E:1B
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0190BAC77EDF2B10E7769457037DBFA859EF
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1K7-aBV8mZJVni3D7g2bmEgThs.roa
Signing time: Tue 16 Jul 2024 09:02:34 +0000
ROA not before: Tue 16 Jul 2024 09:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 91.221.232.0/24 maxlen: 24
185.126.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 07:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:c7:7e:df:2b:10:e7:76:94:57:03:7d:bf:a8:59:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jul 16 09:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8752bbf9a055f266495678b70fb8366e61204e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:76:82:6a:0e:bf:2e:b8:2d:7d:5b:bc:a2:
7b:2f:80:0a:5d:6d:b5:d2:3b:22:74:37:a3:3e:33:
ea:39:ce:07:6b:78:9d:21:38:9d:fc:ab:96:7f:e5:
7f:59:4e:9e:1f:37:a9:f5:4f:6c:b1:33:31:3e:1a:
89:0e:e6:fc:23:fe:c8:8e:3d:26:ec:b1:af:b9:f7:
e7:bf:7d:a5:47:56:cf:9c:6e:33:6e:46:97:b8:fa:
ce:c8:58:1d:7b:15:4a:33:6b:ed:bb:05:a9:72:f3:
4b:f3:f9:e3:96:59:1c:f8:09:6e:1e:3b:3a:c7:e2:
ce:b3:13:cb:d8:1c:bd:ee:c9:19:fe:1a:f1:05:88:
2c:77:77:bb:b0:10:8e:f8:ed:fa:05:e7:c4:16:fe:
ed:e2:6a:e9:16:19:13:76:a1:6f:c8:8c:3e:28:39:
9f:06:0f:6a:0c:c8:b8:c1:d7:07:d8:13:9b:ea:fe:
ec:1e:6a:1a:da:3d:a3:d1:69:35:d2:60:58:3f:48:
6f:a2:b9:26:54:51:cd:b4:91:bd:64:86:f7:32:bb:
94:d3:51:ef:c0:83:34:21:23:1d:bd:71:e7:c6:68:
f1:78:f5:42:f8:07:d0:72:4d:88:14:0d:54:fd:00:
a1:9f:7b:fc:f7:b6:5c:8b:06:f6:43:44:6d:52:76:
2c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:52:BB:F9:A0:55:F2:66:49:56:78:B7:0F:B8:36:6E:61:20:4E:1B
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1K7-aBV8mZJVni3D7g2bmEgThs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
05:d7:44:21:56:61:22:c0:1d:52:d7:17:75:31:c6:f1:f5:02:
24:bd:4f:2a:a0:3b:8b:ca:fb:35:cd:82:ef:54:e0:c7:70:b1:
d5:6a:ab:0c:d5:75:2a:f6:91:cd:0f:44:fe:40:34:8b:5b:18:
60:40:4c:d5:53:22:eb:0e:67:8e:e3:35:c5:77:ea:e9:4c:2b:
74:4e:6b:c9:7c:bd:52:da:5f:d2:96:1d:4d:ed:41:35:7d:1e:
3c:41:1f:c4:57:1b:2e:f7:26:f9:73:bf:47:50:e0:c3:12:37:
45:65:55:61:06:28:52:d9:55:2d:68:95:c5:0e:4c:29:a9:32:
b0:34:e6:cd:f8:f5:eb:ea:45:59:c0:ea:2c:bb:18:7d:9e:c1:
f3:7d:74:9b:a6:45:0b:a2:96:52:57:38:69:67:0f:1e:2f:67:
d0:08:ce:a3:1d:8b:b4:34:82:d0:7b:f1:85:c0:b3:12:92:4a:
f4:75:9a:fd:0e:01:41:bb:77:62:53:af:9c:4e:e1:d4:59:8b:
78:4c:de:05:58:d7:10:b1:7c:a1:e8:af:e6:e0:9c:5e:34:4d:
93:03:bd:ef:29:c9:05:f1:80:51:59:96:6b:e4:df:52:70:9f:
90:63:04:0c:6b:2c:9d:b1:9b:ff:ce:d8:53:52:f5:bb:2d:af:
93:de:ba:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC6x37fKxDndpRXA32/qFnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwNzE2MDkwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUyYmJmOWEwNTVmMjY2NDk1Njc4YjcwZmI4MzY2ZTYxMjA0ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteF2gmoOvy64LX1bvKJ7L4AKXW21
0jsidDejPjPqOc4Ha3idITid/KuWf+V/WU6eHzep9U9ssTMxPhqJDub8I/7Ijj0m
7LGvuffnv32lR1bPnG4zbkaXuPrOyFgdexVKM2vtuwWpcvNL8/njllkc+AluHjs6
x+LOsxPL2By97skZ/hrxBYgsd3e7sBCO+O36BefEFv7t4mrpFhkTdqFvyIw+KDmf
Bg9qDMi4wdcH2BOb6v7sHmoa2j2j0Wk10mBYP0hvorkmVFHNtJG9ZIb3MruU01Hv
wIM0ISMdvXHnxmjxePVC+AfQck2IFA1U/QChn3v897Zciwb2Q0RtUnYssQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIdSu/mgVfJmSVZ4tw+4Nm5hIE4bMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvaDFLNy1hQlY4bVpKVm5pM0Q3ZzJibUVnVGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW93oAwQB
uX6eMA0GCSqGSIb3DQEBCwUAA4IBAQAF10QhVmEiwB1S1xd1Mcbx9QIkvU8qoDuL
yvs1zYLvVODHcLHVaqsM1XUq9pHND0T+QDSLWxhgQEzVUyLrDmeO4zXFd+rpTCt0
TmvJfL1S2l/Slh1N7UE1fR48QR/EVxsu9yb5c79HUODDEjdFZVVhBihS2VUtaJXF
DkwpqTKwNObN+PXr6kVZwOosuxh9nsHzfXSbpkULopZSVzhpZw8eL2fQCM6jHYu0
NILQe/GFwLMSkkr0dZr9DgFBu3diU6+cTuHUWYt4TN4FWNcQsXyh6K/m4JxeNE2T
A73vKckF8YBRWZZr5N9ScJ+QYwQMayydsZv/zthTUvW7La+T3rql
-----END CERTIFICATE-----
Generated at Mon Jul 22 09:06:46 2024 by rpki-client on console-fra.rpki-client.org