Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jEgtqZXSx6rA3KGljmtytAfwOuQ.roa
File: jEgtqZXSx6rA3KGljmtytAfwOuQ.roa (raw, json)
Hash identifier: 2hrtsYk7y1/4joqoTWQDgIX+JE9W/nVvSEQn+BeCRJo=
Subject key identifier: 8C:48:2D:A9:95:D2:C7:AA:C0:DC:A1:A5:8E:6B:72:B4:07:F0:3A:E4
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 019421B258A5608D01171E4627653C580858
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jEgtqZXSx6rA3KGljmtytAfwOuQ.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 91.221.116.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 04:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:58:a5:60:8d:01:17:1e:46:27:65:3c:58:08:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c482da995d2c7aac0dca1a58e6b72b407f03ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:6f:d3:a2:98:2e:1b:43:7d:47:b0:ea:39:
14:6a:d6:78:00:53:4e:37:e1:5f:36:81:c3:c9:70:
3b:c2:3a:fe:78:df:7d:4a:1a:71:bf:60:d4:7b:73:
da:59:d6:3c:a8:d7:25:93:7c:3c:e2:06:92:bd:c4:
4f:cf:3d:f1:46:df:8b:4e:93:22:31:f0:c5:73:c5:
26:5f:27:3b:5d:9d:1a:83:f5:99:d2:ae:bd:88:ee:
c6:d9:da:f0:a8:8c:77:c7:00:89:a6:6d:83:df:96:
5f:61:11:6a:12:e9:01:24:cf:d8:98:35:96:1c:dc:
94:58:3d:88:ea:dd:5c:4d:71:a1:40:eb:46:02:27:
11:f3:a2:6f:d0:ae:82:21:82:19:77:ef:28:1d:82:
84:e4:b3:c0:17:08:60:8b:b6:bf:cd:35:d6:ea:4e:
56:d3:af:01:9e:ff:53:3f:b5:4c:b8:b9:1d:75:0e:
e6:28:ba:59:89:a2:24:07:00:c9:be:ee:c4:7e:36:
f2:b1:3d:a0:04:27:81:b3:58:b9:a1:6c:ab:ba:a1:
02:84:98:4e:d3:58:84:56:16:8d:59:cb:5c:21:7b:
0d:f1:ad:a6:2e:b4:dc:32:43:9e:ee:f8:b9:03:fc:
7b:49:99:34:6e:b0:ab:90:82:3e:65:cf:b2:b0:67:
29:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:48:2D:A9:95:D2:C7:AA:C0:DC:A1:A5:8E:6B:72:B4:07:F0:3A:E4
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/jEgtqZXSx6rA3KGljmtytAfwOuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/23
Signature Algorithm: sha256WithRSAEncryption
38:fe:e6:47:c6:3a:fb:a0:34:0a:c5:cb:3b:58:fb:cf:6f:f7:
fc:bb:12:a8:81:bc:d5:5b:a2:55:3a:5d:73:58:84:3f:48:9e:
4c:9a:97:bb:7c:11:5d:65:84:51:15:37:f8:7b:d4:98:c5:12:
7e:f9:08:19:3c:33:11:d6:c6:aa:1c:25:d1:00:d5:9d:93:ec:
19:80:d3:42:5c:20:5e:03:c0:5b:1f:07:5c:7f:36:44:dc:a3:
a3:61:de:ff:40:61:90:1e:e4:a3:af:dc:63:28:09:a9:61:a0:
1d:61:31:03:32:96:27:f5:91:7b:c9:7f:47:cf:68:95:80:9d:
99:59:d2:03:ca:5e:e8:01:b4:80:07:fe:d9:b8:74:a8:8a:41:
38:26:46:c8:d6:99:45:27:62:63:90:d9:22:1c:cb:50:fe:ba:
a7:22:1f:ae:44:74:17:2c:55:b7:54:e2:ed:5a:37:7d:05:e3:
22:f6:8d:8c:c4:99:bf:93:80:69:c0:f4:02:4c:da:73:95:92:
23:d2:1a:ef:ca:a3:08:48:6f:4d:cd:1e:de:28:29:50:99:41:
ff:dc:c7:68:a2:1b:10:4e:67:d6:cc:39:63:a7:77:c0:dd:83:
7c:34:67:24:d4:3e:50:1b:52:ec:3b:4c:7d:0e:3a:73:df:4d:
47:3a:38:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslilYI0BFx5GJ2U8WAhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQ4MmRhOTk1ZDJjN2FhYzBkY2ExYTU4ZTZiNzJiNDA3ZjAzYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7tv06KYLhtDfUew6jkUatZ4AFNO
N+FfNoHDyXA7wjr+eN99Shpxv2DUe3PaWdY8qNclk3w84gaSvcRPzz3xRt+LTpMi
MfDFc8UmXyc7XZ0ag/WZ0q69iO7G2drwqIx3xwCJpm2D35ZfYRFqEukBJM/YmDWW
HNyUWD2I6t1cTXGhQOtGAicR86Jv0K6CIYIZd+8oHYKE5LPAFwhgi7a/zTXW6k5W
068Bnv9TP7VMuLkddQ7mKLpZiaIkBwDJvu7EfjbysT2gBCeBs1i5oWyruqEChJhO
01iEVhaNWctcIXsN8a2mLrTcMkOe7vi5A/x7SZk0brCrkII+Zc+ysGcpkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxILamV0seqwNyhpY5rcrQH8DrkMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvakVndHFaWFN4NnJBM0tHbGptdHl0QWZ3T3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW910MA0G
CSqGSIb3DQEBCwUAA4IBAQA4/uZHxjr7oDQKxcs7WPvPb/f8uxKogbzVW6JVOl1z
WIQ/SJ5Mmpe7fBFdZYRRFTf4e9SYxRJ++QgZPDMR1saqHCXRANWdk+wZgNNCXCBe
A8BbHwdcfzZE3KOjYd7/QGGQHuSjr9xjKAmpYaAdYTEDMpYn9ZF7yX9Hz2iVgJ2Z
WdIDyl7oAbSAB/7ZuHSoikE4JkbI1plFJ2JjkNkiHMtQ/rqnIh+uRHQXLFW3VOLt
Wjd9BeMi9o2MxJm/k4BpwPQCTNpzlZIj0hrvyqMISG9NzR7eKClQmUH/3MdoohsQ
TmfWzDljp3fA3YN8NGck1D5QG1LsO0x9Djpz301HOjj5
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:43:10 2025 by rpki-client