Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PQ3AEs-uDUvMSOGORdADeHM2OL4.roa
File: PQ3AEs-uDUvMSOGORdADeHM2OL4.roa (raw, json)
Hash identifier: +431/rcaKq6t9aVoc0LM4On/H3lb/I8O69Q5zE+srso=
Subject key identifier: 3D:0D:C0:12:CF:AE:0D:4B:CC:48:E1:8E:45:D0:03:78:73:36:38:BE
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01910E90EF20E7DF91D9C0825FE4AA902254
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PQ3AEs-uDUvMSOGORdADeHM2OL4.roa
Signing time: Thu 01 Aug 2024 15:31:04 +0000
ROA not before: Thu 01 Aug 2024 15:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.28.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 04:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:90:ef:20:e7:df:91:d9:c0:82:5f:e4:aa:90:22:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 1 15:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d0dc012cfae0d4bcc48e18e45d00378733638be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:55:68:d0:22:aa:97:41:04:16:72:8f:d9:
79:d9:e4:57:ab:ed:4b:fd:58:5a:e9:8a:76:d3:f6:
d9:92:99:20:32:6a:64:63:99:2e:78:c2:4e:0c:ca:
f3:de:b0:35:3a:95:bf:80:bc:b3:77:b3:38:f8:08:
72:50:39:3f:e8:81:df:be:58:f1:c4:da:57:7a:72:
8e:11:2f:42:33:7b:4a:47:e5:09:db:33:20:64:a5:
5e:4b:d0:67:3a:e8:9e:da:b8:be:11:9a:d0:be:af:
66:62:89:b6:95:d2:37:63:4d:3d:bf:7c:ad:c3:85:
a8:4c:c5:cd:80:6e:99:d4:41:e4:83:11:73:df:df:
8a:27:43:62:d8:b1:8a:81:a4:7b:d7:71:09:61:d4:
e3:b0:8b:a4:ea:7c:88:05:35:63:f0:b4:c4:36:8b:
17:5d:b7:b1:d1:a9:b7:d0:39:c5:22:50:0e:e7:44:
23:04:13:a4:34:e8:f5:1f:bb:91:cd:5b:db:93:8d:
94:d4:1a:c8:bb:10:d6:cc:ac:00:ed:a6:19:81:81:
46:ce:d0:29:60:8d:12:99:91:a7:93:10:30:d9:72:
f8:b8:bd:eb:08:ab:c6:2c:d8:64:c8:49:7f:c3:c3:
04:63:d6:e8:a4:66:d7:fa:67:67:64:68:72:31:2a:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0D:C0:12:CF:AE:0D:4B:CC:48:E1:8E:45:D0:03:78:73:36:38:BE
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PQ3AEs-uDUvMSOGORdADeHM2OL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.28.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
46:fc:d2:b2:4e:06:b0:2f:7c:d4:e1:d5:25:bf:f7:53:b3:83:
50:04:86:52:85:2f:3a:5d:ba:c7:4a:5a:20:de:c1:62:b7:07:
6a:83:5b:98:b7:f2:af:11:79:07:29:b8:af:c7:38:32:5c:f3:
46:75:81:ac:c6:5c:8a:a3:2c:4e:6e:86:9d:0f:f9:c3:61:23:
64:54:bc:0d:bd:1b:ef:a7:88:61:14:53:85:f5:c2:52:78:0a:
c6:91:c1:a3:2e:bb:08:dc:af:e7:29:2d:02:12:14:92:19:97:
fe:87:fa:55:2b:2d:f2:f3:e8:9b:37:c1:7d:ba:a8:ce:c4:9c:
12:3a:6b:b5:7f:0f:18:3d:89:ce:d3:b4:6c:90:fe:ab:f8:a2:
3e:b7:38:71:3c:ec:db:3c:5e:a0:71:76:80:47:3f:2e:ea:d4:
39:c0:08:5e:3b:e8:a1:87:1f:2f:f0:cb:66:ca:42:35:4d:f9:
48:c1:3c:a7:76:73:72:0b:b0:df:d8:9c:87:05:83:f7:c2:5a:
29:58:1e:5f:74:ee:f7:cf:71:df:eb:c1:b8:8d:bc:59:8c:20:
5e:6e:13:a3:5c:fc:03:0f:89:51:7a:f1:b2:7b:ef:aa:e9:46:
50:ae:0b:bb:e6:66:df:5d:86:fa:37:42:a2:76:ee:a6:0c:0d:
02:b9:08:7a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEOkO8g59+R2cCCX+SqkCJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODAxMTUzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBkYzAxMmNmYWUwZDRiY2M0OGUxOGU0NWQwMDM3ODczMzYzOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrVVaNAiqpdBBBZyj9l52eRXq+1L
/Vha6Yp20/bZkpkgMmpkY5kueMJODMrz3rA1OpW/gLyzd7M4+AhyUDk/6IHfvljx
xNpXenKOES9CM3tKR+UJ2zMgZKVeS9BnOuie2ri+EZrQvq9mYom2ldI3Y009v3yt
w4WoTMXNgG6Z1EHkgxFz39+KJ0Ni2LGKgaR713EJYdTjsIuk6nyIBTVj8LTENosX
Xbex0am30DnFIlAO50QjBBOkNOj1H7uRzVvbk42U1BrIuxDWzKwA7aYZgYFGztAp
YI0SmZGnkxAw2XL4uL3rCKvGLNhkyEl/w8MEY9bopGbX+mdnZGhyMSqoOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD0NwBLPrg1LzEjhjkXQA3hzNji+MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUFEzQUVzLXVEVXZNU09HT1JkQURlSE0yT0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATVoAAwQA
TVoCAwQATVoIAwQATVoNAwQATVocAwQATVozMA0GCSqGSIb3DQEBCwUAA4IBAQBG
/NKyTgawL3zU4dUlv/dTs4NQBIZShS86XbrHSlog3sFitwdqg1uYt/KvEXkHKbiv
xzgyXPNGdYGsxlyKoyxOboadD/nDYSNkVLwNvRvvp4hhFFOF9cJSeArGkcGjLrsI
3K/nKS0CEhSSGZf+h/pVKy3y8+ibN8F9uqjOxJwSOmu1fw8YPYnO07RskP6r+KI+
tzhxPOzbPF6gcXaARz8u6tQ5wAheO+ihhx8v8MtmykI1TflIwTyndnNyC7Df2JyH
BYP3wlopWB5fdO73z3Hf68G4jbxZjCBebhOjXPwDD4lRevGye++q6UZQrgu75mbf
XYb6N0Kidu6mDA0CuQh6
-----END CERTIFICATE-----
Generated at Tue Aug 20 08:01:56 2024 by rpki-client on console-ams.rpki-client.org