Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jbZYE4DgNw-VE9vD3aUU0sOMZBo.roa
File: jbZYE4DgNw-VE9vD3aUU0sOMZBo.roa (raw, json)
Hash identifier: xYas/ZOn3Bz6fch4pO0zLVYI0uCgN1comuyV0H04g6w=
Subject key identifier: 8D:B6:58:13:80:E0:37:0F:95:13:DB:C3:DD:A5:14:D2:C3:8C:64:1A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0194B2AF16E4A6F20F12C5DF326EB353DAC9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jbZYE4DgNw-VE9vD3aUU0sOMZBo.roa
Signing time: Wed 29 Jan 2025 15:30:06 +0000
ROA not before: Wed 29 Jan 2025 15:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 77.90.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 08:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:af:16:e4:a6:f2:0f:12:c5:df:32:6e:b3:53:da:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 29 15:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8db6581380e0370f9513dbc3dda514d2c38c641a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:da:63:16:4b:b0:04:5e:03:3f:d3:92:6c:
6f:8e:67:8c:5c:5c:ca:ed:49:4f:fe:5b:55:21:69:
d4:a7:e5:e7:65:f0:bf:4c:5f:e3:fa:23:d4:7e:fa:
34:8f:67:61:cd:ac:5b:10:89:60:74:c7:64:9a:b5:
c4:af:f6:a5:cc:27:02:be:f1:a4:ab:9f:0b:2f:0a:
19:d3:cf:ba:c1:92:44:99:fa:41:fd:90:c6:26:66:
a8:40:57:f0:da:8f:dd:4e:bc:cc:ec:15:3b:35:9d:
84:b5:29:60:59:0c:b7:c5:bb:cf:54:d0:a2:be:4d:
67:de:37:46:55:3f:61:f1:55:94:6e:0c:b6:74:84:
ca:bc:9c:3c:25:86:4b:5b:be:38:74:65:91:60:22:
6e:21:5e:c9:7d:1d:5a:8a:13:2a:40:2e:67:ef:18:
db:2b:03:60:2d:b2:18:a9:de:b9:11:bc:90:3f:10:
66:77:8f:ee:b2:7b:a3:7a:31:d4:86:6c:d9:55:24:
51:e7:83:d0:3b:a0:d1:7f:13:7a:0a:00:c6:90:73:
63:a1:53:3e:9a:e9:03:da:2e:4e:c4:c1:98:66:b6:
a1:46:b9:63:5f:bb:ca:2e:39:18:d2:01:26:d8:fb:
8f:cb:59:ab:10:d7:de:74:27:56:30:38:ef:b7:86:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B6:58:13:80:E0:37:0F:95:13:DB:C3:DD:A5:14:D2:C3:8C:64:1A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jbZYE4DgNw-VE9vD3aUU0sOMZBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a8:7d:a3:c9:cc:c4:c5:98:50:de:86:16:b5:17:20:b7:d5:
0d:db:55:f7:fb:5b:06:58:7d:a8:d7:81:41:db:65:09:ba:c5:
9f:5a:0a:7b:12:9d:89:c5:70:20:35:b0:2b:0c:db:f5:b1:3b:
78:8d:42:0e:e3:84:59:7f:45:88:e3:98:2e:8e:a3:0d:ad:5f:
34:59:df:76:7e:da:e8:a5:4d:54:fb:6c:39:d0:c7:1f:d0:f6:
53:38:51:98:d2:9a:20:69:cb:6c:2a:96:c9:b2:05:40:b7:86:
4e:8e:40:fd:23:65:c1:ec:a5:0b:ea:5b:30:db:c5:27:ab:2e:
80:f4:51:a0:a7:6e:87:3d:df:ed:f2:c5:47:2f:1f:9f:29:5f:
2c:6d:95:ec:22:f8:de:df:16:91:59:c8:02:65:a8:aa:65:46:
1e:37:51:ee:06:81:c7:40:67:01:37:d0:be:4f:e0:7f:7f:58:
de:4b:83:f4:ac:04:52:51:50:73:d2:b3:2c:64:45:56:aa:5b:
34:6b:53:7f:84:eb:9f:1c:3b:bc:3e:a0:93:fc:25:2e:9b:8f:
53:e7:c1:f3:c2:dd:0d:f0:d9:34:fb:43:9b:19:6b:4f:ec:b9:
d5:d0:54:be:26:50:59:98:00:ad:63:06:c1:a3:9a:0f:d3:d3:
f3:a6:ce:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSyrxbkpvIPEsXfMm6zU9rJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTI5MTUzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI2NTgxMzgwZTAzNzBmOTUxM2RiYzNkZGE1MTRkMmMzOGM2NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtObaYxZLsAReAz/TkmxvjmeMXFzK
7UlP/ltVIWnUp+XnZfC/TF/j+iPUfvo0j2dhzaxbEIlgdMdkmrXEr/alzCcCvvGk
q58LLwoZ08+6wZJEmfpB/ZDGJmaoQFfw2o/dTrzM7BU7NZ2EtSlgWQy3xbvPVNCi
vk1n3jdGVT9h8VWUbgy2dITKvJw8JYZLW744dGWRYCJuIV7JfR1aihMqQC5n7xjb
KwNgLbIYqd65EbyQPxBmd4/usnujejHUhmzZVSRR54PQO6DRfxN6CgDGkHNjoVM+
mukD2i5OxMGYZrahRrljX7vKLjkY0gEm2PuPy1mrENfedCdWMDjvt4ZmxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI22WBOA4DcPlRPbw92lFNLDjGQaMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvamJaWUU0RGdOdy1WRTl2RDNhVVUwc09NWkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqkMA0G
CSqGSIb3DQEBCwUAA4IBAQCMqH2jyczExZhQ3oYWtRcgt9UN21X3+1sGWH2o14FB
22UJusWfWgp7Ep2JxXAgNbArDNv1sTt4jUIO44RZf0WI45gujqMNrV80Wd92ftro
pU1U+2w50Mcf0PZTOFGY0pogactsKpbJsgVAt4ZOjkD9I2XB7KUL6lsw28Unqy6A
9FGgp26HPd/t8sVHLx+fKV8sbZXsIvje3xaRWcgCZaiqZUYeN1HuBoHHQGcBN9C+
T+B/f1jeS4P0rARSUVBz0rMsZEVWqls0a1N/hOufHDu8PqCT/CUum49T58Hzwt0N
8Nk0+0ObGWtP7LnV0FS+JlBZmACtYwbBo5oP09Pzps44
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:37:48 2025 by rpki-client