Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/wAXvtYMb5vEk4rWRlKER_cSKrqk.roa
File: wAXvtYMb5vEk4rWRlKER_cSKrqk.roa (raw, json)
Hash identifier: nI2tQ8c7IL6l1o0LE3LriBpDbPq9Cd8Ew/hOEH/C1Pk=
Subject key identifier: C0:05:EF:B5:83:1B:E6:F1:24:E2:B5:91:94:A1:11:FD:C4:8A:AE:A9
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 019197BE1538679901FF915C6ED8E72180F7
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/wAXvtYMb5vEk4rWRlKER_cSKrqk.roa
Signing time: Wed 28 Aug 2024 06:48:22 +0000
ROA not before: Wed 28 Aug 2024 06:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.221.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 07:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:be:15:38:67:99:01:ff:91:5c:6e:d8:e7:21:80:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Aug 28 06:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c005efb5831be6f124e2b59194a111fdc48aaea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:af:ef:17:6c:b3:b1:ec:06:64:d6:71:9c:
b1:c0:a2:91:0a:53:be:e6:b4:e8:fd:da:28:cd:c8:
d3:d7:91:72:a5:fd:88:22:dd:64:9e:21:69:86:bc:
8d:df:2b:4f:6a:64:00:b2:1b:58:22:6b:71:a8:4b:
ef:ef:96:1f:cc:23:29:d8:5d:dc:3d:b7:2c:ba:ec:
74:f5:8c:36:77:e9:51:ae:a5:26:c4:48:e2:78:18:
7f:7f:9c:43:44:10:9c:d0:63:8e:c7:60:16:fd:d8:
1d:76:57:89:4d:fb:05:06:30:de:68:68:fe:94:9f:
91:12:42:29:65:c9:e6:77:e0:37:f2:4d:ab:5c:78:
d1:a4:bd:e5:ae:44:03:bc:26:f5:4b:4e:01:8e:dd:
54:a2:3c:05:3e:09:8b:d7:89:35:14:78:4b:f4:57:
3f:10:57:60:e9:f8:3c:3f:9c:83:2f:a3:e7:2f:17:
86:a3:72:bb:b5:1f:df:e5:81:80:34:d5:5a:8b:91:
18:9f:f0:94:8a:20:22:1d:cb:a6:86:8b:eb:e0:45:
7e:00:13:78:9e:6e:50:07:4e:58:1e:b2:da:c2:5e:
29:ea:8e:4d:b1:a8:09:f8:4a:04:9c:d3:88:e2:3c:
df:2a:af:05:28:17:c2:13:fb:db:f3:e6:f5:cb:88:
59:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:05:EF:B5:83:1B:E6:F1:24:E2:B5:91:94:A1:11:FD:C4:8A:AE:A9
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/wAXvtYMb5vEk4rWRlKER_cSKrqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.232.0/24
Signature Algorithm: sha256WithRSAEncryption
33:48:20:62:25:9a:57:63:7f:11:02:03:3d:7f:a5:b3:eb:b1:
73:70:3e:35:6e:73:be:4f:4e:e2:0b:a2:07:f1:f7:f0:8a:9f:
28:0d:2c:84:6e:a7:bb:95:54:4b:42:be:e0:31:fa:42:c4:35:
80:ab:58:68:a5:d2:fb:2b:fa:6a:a6:f8:93:f1:f3:1f:01:3d:
49:fd:59:4f:42:31:8b:49:2b:04:95:17:6e:77:03:f7:e1:7a:
64:bb:32:33:72:1b:ba:d4:33:d3:76:da:6b:97:3d:ba:e4:75:
13:0c:42:5f:9c:22:7d:ad:7b:c4:95:bc:ed:d1:dd:0e:5b:a7:
d5:6f:4a:30:5a:6b:0d:8e:6d:bf:68:04:b7:cf:8b:df:5f:ad:
06:dc:16:3d:1f:99:60:ff:7d:b6:c5:6b:67:73:f1:9b:e9:25:
20:99:6c:09:e7:a4:b8:a0:4d:74:36:28:97:26:4d:90:a4:70:
93:44:e2:c7:0d:fc:6c:d3:a3:43:48:15:8b:cf:bc:5a:10:9e:
44:f8:5b:91:20:a3:d0:10:af:f2:70:cc:68:4e:59:5a:b2:11:
d7:7b:5b:a7:3e:28:02:0e:6f:94:8e:c4:a7:cd:71:67:53:4f:
a2:0c:55:0e:2f:90:c2:e6:f5:8b:b6:ae:e8:79:d8:45:65:38:
c9:a2:2f:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGXvhU4Z5kB/5FcbtjnIYD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwODI4MDY0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA1ZWZiNTgzMWJlNmYxMjRlMmI1OTE5NGExMTFmZGM0OGFhZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxduv7xdss7HsBmTWcZyxwKKRClO+
5rTo/doozcjT15Fypf2IIt1kniFphryN3ytPamQAshtYImtxqEvv75YfzCMp2F3c
Pbcsuux09Yw2d+lRrqUmxEjieBh/f5xDRBCc0GOOx2AW/dgddleJTfsFBjDeaGj+
lJ+REkIpZcnmd+A38k2rXHjRpL3lrkQDvCb1S04Bjt1UojwFPgmL14k1FHhL9Fc/
EFdg6fg8P5yDL6PnLxeGo3K7tR/f5YGANNVai5EYn/CUiiAiHcumhovr4EV+ABN4
nm5QB05YHrLawl4p6o5NsagJ+EoEnNOI4jzfKq8FKBfCE/vb8+b1y4hZDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAF77WDG+bxJOK1kZShEf3Eiq6pMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvd0FYdnRZTWI1dkVrNHJXUmxLRVJfY1NLcnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW93oMA0G
CSqGSIb3DQEBCwUAA4IBAQAzSCBiJZpXY38RAgM9f6Wz67FzcD41bnO+T07iC6IH
8ffwip8oDSyEbqe7lVRLQr7gMfpCxDWAq1hopdL7K/pqpviT8fMfAT1J/VlPQjGL
SSsElRdudwP34XpkuzIzchu61DPTdtprlz265HUTDEJfnCJ9rXvElbzt0d0OW6fV
b0owWmsNjm2/aAS3z4vfX60G3BY9H5lg/322xWtnc/Gb6SUgmWwJ56S4oE10NiiX
Jk2QpHCTROLHDfxs06NDSBWLz7xaEJ5E+FuRIKPQEK/ycMxoTllashHXe1unPigC
Dm+UjsSnzXFnU0+iDFUOL5DC5vWLtq7oedhFZTjJoi+k
-----END CERTIFICATE-----
Generated at Thu Sep 5 09:30:18 2024 by rpki-client on console-fra.rpki-client.org