Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/xNhL1mvz5HzPCZSFgx6_S8g4750.roa
File: xNhL1mvz5HzPCZSFgx6_S8g4750.roa (raw, json)
Hash identifier: 1BN1/gB6vceBstkFsaQ+783H44PaIKannAMtcJcSyBY=
Subject key identifier: C4:D8:4B:D6:6B:F3:E4:7C:CF:09:94:85:83:1E:BF:4B:C8:38:EF:9D
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0187EFD1517E4069999EA70D7654E54035BD
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/xNhL1mvz5HzPCZSFgx6_S8g4750.roa
Signing time: Sat 06 May 2023 06:48:05 +0000
ROA not before: Sat 06 May 2023 06:48:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.221.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 13:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ef:d1:51:7e:40:69:99:9e:a7:0d:76:54:e5:40:35:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: May 6 06:48:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4d84bd66bf3e47ccf099485831ebf4bc838ef9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c5:8c:df:d4:da:17:c4:95:ab:0f:55:96:22:
2f:26:00:dd:b6:cb:d9:af:5c:af:d3:8b:ef:8b:ac:
52:1d:09:6e:c8:07:53:e3:a9:07:12:d4:c1:b2:11:
60:5a:f4:16:07:a9:42:1e:12:3c:e2:28:56:39:4c:
72:1b:b4:56:4c:9a:ff:65:a8:c9:1e:75:d1:3c:f4:
3a:b2:bd:5d:82:f7:9c:16:3e:9c:c4:ff:b3:0c:02:
2a:4a:0f:54:ed:61:f4:ea:21:2c:5b:0d:3d:31:b4:
38:63:99:aa:3f:33:f7:6a:2d:77:20:93:e9:e9:1c:
4f:a2:7d:99:1d:87:86:b7:38:1e:d0:72:f6:ca:28:
00:22:d5:fe:0f:f1:b0:9a:2b:43:1e:dd:b7:f4:32:
10:e2:05:4f:2c:f7:6b:df:48:9b:15:26:24:d0:ee:
cb:ee:53:d9:ea:fc:56:6c:8f:a8:bb:a7:14:c4:48:
ca:c8:d2:17:1f:60:cc:ff:49:fc:d6:62:5f:fc:d7:
13:97:d1:66:06:4c:37:33:70:a4:68:d9:f3:85:6c:
0e:56:dd:1b:45:a8:a2:d0:62:3a:ee:39:a5:db:8a:
0c:c2:6a:88:64:33:42:b8:9a:a5:b4:a1:07:a2:79:
a2:21:02:a0:e4:dd:16:01:b1:12:a1:c1:8a:64:fe:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D8:4B:D6:6B:F3:E4:7C:CF:09:94:85:83:1E:BF:4B:C8:38:EF:9D
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/xNhL1mvz5HzPCZSFgx6_S8g4750.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.233.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b2:be:6d:b4:bd:f3:29:75:47:0a:2a:ef:f2:ef:df:1d:dc:
cb:4b:06:2c:da:14:b7:15:ea:d2:c1:b6:75:06:57:3f:29:d9:
14:a9:27:4d:e3:7f:5d:a0:76:ea:8c:27:0a:2c:d9:19:cc:a6:
a7:0a:b8:9d:2b:fa:9c:83:a3:45:1d:3e:b4:8e:84:03:15:54:
f8:71:35:8e:86:3c:cb:06:2b:6d:59:cc:18:e1:e6:a9:50:79:
16:30:61:c6:dc:7a:0d:52:88:cf:8a:cd:8c:90:51:78:13:84:
e4:67:c3:61:bd:99:8c:97:e6:09:d0:db:c2:f9:02:fe:a3:19:
78:9b:35:7d:98:9a:44:68:04:a3:4a:f8:51:a2:ca:8c:08:c0:
d6:d2:3b:51:ed:5c:97:4a:37:26:04:5f:c3:2d:5d:50:69:09:
51:6e:3c:37:b4:5f:95:2e:26:83:b2:d7:23:43:fd:66:89:91:
0d:4e:ac:57:1f:cf:73:93:f2:8c:b4:ab:e6:fd:1b:45:e7:f7:
38:01:77:d3:f8:d3:2a:33:63:9e:dc:e7:cc:dd:2a:59:82:60:
1c:49:2c:70:da:6d:e3:1f:8b:a6:56:14:7a:bd:9d:5d:4b:e6:
8b:d1:63:19:bf:9c:27:1b:0d:87:3c:76:6d:c9:12:db:65:08:
a4:a2:f0:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfv0VF+QGmZnqcNdlTlQDW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwNTA2MDY0ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ4NGJkNjZiZjNlNDdjY2YwOTk0ODU4MzFlYmY0YmM4MzhlZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8WM39TaF8SVqw9VliIvJgDdtsvZ
r1yv04vvi6xSHQluyAdT46kHEtTBshFgWvQWB6lCHhI84ihWOUxyG7RWTJr/ZajJ
HnXRPPQ6sr1dgvecFj6cxP+zDAIqSg9U7WH06iEsWw09MbQ4Y5mqPzP3ai13IJPp
6RxPon2ZHYeGtzge0HL2yigAItX+D/GwmitDHt239DIQ4gVPLPdr30ibFSYk0O7L
7lPZ6vxWbI+ou6cUxEjKyNIXH2DM/0n81mJf/NcTl9FmBkw3M3CkaNnzhWwOVt0b
Raii0GI67jml24oMwmqIZDNCuJqltKEHonmiIQKg5N0WAbESocGKZP6iwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTYS9Zr8+R8zwmUhYMev0vIOO+dMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEveE5oTDFtdno1SHpQQ1pTRmd4Nl9TOGc0NzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW93pMA0G
CSqGSIb3DQEBCwUAA4IBAQBZsr5ttL3zKXVHCirv8u/fHdzLSwYs2hS3FerSwbZ1
Blc/KdkUqSdN439doHbqjCcKLNkZzKanCridK/qcg6NFHT60joQDFVT4cTWOhjzL
BittWcwY4eapUHkWMGHG3HoNUojPis2MkFF4E4TkZ8NhvZmMl+YJ0NvC+QL+oxl4
mzV9mJpEaASjSvhRosqMCMDW0jtR7VyXSjcmBF/DLV1QaQlRbjw3tF+VLiaDstcj
Q/1miZENTqxXH89zk/KMtKvm/RtF5/c4AXfT+NMqM2Oe3OfM3SpZgmAcSSxw2m3j
H4umVhR6vZ1dS+aL0WMZv5wnGw2HPHZtyRLbZQikovB9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org