Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/ucCNSqpdyVAOK9Kys9DCcc4r31k.roa
File: ucCNSqpdyVAOK9Kys9DCcc4r31k.roa (raw, json)
Hash identifier: nulUTrtOzw6d7ebodDWlqr66Ihi6erl+Mh5R+7HwK4E=
Subject key identifier: B9:C0:8D:4A:AA:5D:C9:50:0E:2B:D2:B2:B3:D0:C2:71:CE:2B:DF:59
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018C6C909ED0A353E52B2AAB8FAD11400B56
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/ucCNSqpdyVAOK9Kys9DCcc4r31k.roa
Signing time: Fri 15 Dec 2023 08:21:06 +0000
ROA not before: Fri 15 Dec 2023 08:21:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.126.134.0/23 maxlen: 24
185.126.158.0/23 maxlen: 24
91.221.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 10:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:90:9e:d0:a3:53:e5:2b:2a:ab:8f:ad:11:40:0b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Dec 15 08:21:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c08d4aaa5dc9500e2bd2b2b3d0c271ce2bdf59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1c:0d:65:c4:74:4f:24:84:fa:fd:48:7a:31:
12:76:ea:45:c6:85:42:b4:72:65:3f:81:40:83:e8:
6f:c1:8e:8d:a2:9a:ae:27:a5:c7:07:ae:17:78:01:
a4:96:8e:60:e2:d8:82:34:21:0c:2a:ca:34:47:6d:
cb:a8:32:1e:35:20:ae:e9:c8:48:4f:a8:38:4e:1b:
21:7d:17:4c:fc:b7:00:94:b7:0f:71:e5:8b:83:19:
94:99:06:0e:b9:29:74:98:d9:4c:3a:92:ce:e5:35:
07:76:db:ae:39:13:f2:18:ed:f6:2c:62:4b:ce:c2:
b7:0a:2f:16:1d:ad:9c:90:49:89:d9:e3:63:2f:e1:
de:3c:87:6f:c4:5f:68:4a:9c:bd:df:0e:b8:fc:59:
1e:8d:eb:6c:6f:3b:4c:62:da:29:aa:c8:3c:ca:a9:
02:ea:89:94:26:c9:a1:6a:e2:59:e8:5b:10:69:52:
f3:3e:04:ca:fe:11:96:f5:d1:e6:c4:39:59:65:b6:
d9:b9:c6:78:30:9f:2a:48:f1:b7:49:0f:53:35:e8:
59:b0:a5:fb:52:97:bc:64:f7:80:99:84:71:7b:ba:
8b:77:fe:ed:59:e9:50:13:96:ac:90:d5:d6:af:9b:
0e:03:ca:c3:c7:7a:da:6f:1c:31:a4:97:bf:e5:ad:
88:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C0:8D:4A:AA:5D:C9:50:0E:2B:D2:B2:B3:D0:C2:71:CE:2B:DF:59
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/ucCNSqpdyVAOK9Kys9DCcc4r31k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
185.126.134.0/23
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:d1:ca:de:b7:f8:a5:d7:ed:87:bb:0e:4d:c1:52:56:52:97:
6a:d0:8c:3d:0e:42:22:8c:a3:1c:e4:fe:08:ff:79:34:2a:d8:
b8:92:99:55:94:9c:ee:bf:8d:b8:8d:44:e3:11:a8:68:e1:86:
b0:7c:6f:92:bb:51:32:ce:b2:b1:5a:1c:27:1e:fe:6c:72:68:
f8:a3:47:83:8a:85:7a:3a:e4:2f:b6:53:1d:2d:e8:e4:ec:98:
12:0a:01:6f:34:46:e4:fe:d5:c6:7b:09:96:06:0c:82:ca:49:
b1:4c:42:61:8a:35:bc:20:c3:18:3a:43:a6:fd:d6:06:5d:14:
17:ba:bd:89:b7:4e:11:fd:48:7e:bb:23:92:1d:87:00:99:a8:
c8:2c:22:a5:b1:79:76:5d:3a:63:67:cb:81:bb:f4:15:72:bd:
3c:df:c5:0f:1a:3a:78:e4:4f:44:dd:c3:4e:c5:54:89:88:62:
b5:1f:37:3d:9e:c2:c9:c7:b4:00:cb:63:72:70:7d:0c:05:fb:
3b:71:4f:10:13:f8:d2:6b:e8:e1:ad:9f:52:a4:6c:16:a6:a1:
b8:19:f0:55:cf:cf:64:61:fa:ea:21:06:6c:59:9a:70:be:76:
21:8f:b3:d2:a4:de:97:58:92:64:c6:a7:1c:8b:ab:8e:00:32:
09:39:37:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxskJ7Qo1PlKyqrj60RQAtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMxMjE1MDgyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMwOGQ0YWFhNWRjOTUwMGUyYmQyYjJiM2QwYzI3MWNlMmJkZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihwNZcR0TySE+v1IejESdupFxoVC
tHJlP4FAg+hvwY6NopquJ6XHB64XeAGklo5g4tiCNCEMKso0R23LqDIeNSCu6chI
T6g4ThshfRdM/LcAlLcPceWLgxmUmQYOuSl0mNlMOpLO5TUHdtuuORPyGO32LGJL
zsK3Ci8WHa2ckEmJ2eNjL+HePIdvxF9oSpy93w64/FkejetsbztMYtopqsg8yqkC
6omUJsmhauJZ6FsQaVLzPgTK/hGW9dHmxDlZZbbZucZ4MJ8qSPG3SQ9TNehZsKX7
Upe8ZPeAmYRxe7qLd/7tWelQE5askNXWr5sOA8rDx3rabxwxpJe/5a2IRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnAjUqqXclQDivSsrPQwnHOK99ZMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvdWNDTlNxcGR5VkFPSzlLeXM5RENjYzRyMzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW93oAwQB
uX6GAwQBuX6eMA0GCSqGSIb3DQEBCwUAA4IBAQCd0cret/il1+2Huw5NwVJWUpdq
0Iw9DkIijKMc5P4I/3k0Kti4kplVlJzuv424jUTjEaho4YawfG+Su1EyzrKxWhwn
Hv5scmj4o0eDioV6OuQvtlMdLejk7JgSCgFvNEbk/tXGewmWBgyCykmxTEJhijW8
IMMYOkOm/dYGXRQXur2Jt04R/Uh+uyOSHYcAmajILCKlsXl2XTpjZ8uBu/QVcr08
38UPGjp45E9E3cNOxVSJiGK1Hzc9nsLJx7QAy2NycH0MBfs7cU8QE/jSa+jhrZ9S
pGwWpqG4GfBVz89kYfrqIQZsWZpwvnYhj7PSpN6XWJJkxqcci6uOADIJOTdO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org