Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-TQ3vl0LjQW9kF8risqQ68EcNyg.roa
File: 1-TQ3vl0LjQW9kF8risqQ68EcNyg.roa (raw, json)
Hash identifier: ztFYrSoUBpU+tpX11MoiCxeToN1brMXeM2+LeG5ixRs=
Subject key identifier: F9:34:37:BE:5D:0B:8D:05:BD:90:5F:2B:8A:CA:90:EB:C1:1C:37:28
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01891C16241E949CBF4CFEBA098684A680C4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-TQ3vl0LjQW9kF8risqQ68EcNyg.roa
Signing time: Mon 03 Jul 2023 14:09:20 +0000
ROA not before: Mon 03 Jul 2023 14:09:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198465
IP address blocks: 77.90.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:16:24:1e:94:9c:bf:4c:fe:ba:09:86:84:a6:80:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 3 14:09:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f93437be5d0b8d05bd905f2b8aca90ebc11c3728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8c:da:15:22:95:ed:32:8b:e0:10:8c:a0:a6:
50:70:e2:30:89:f5:00:b2:d4:41:36:29:75:07:f5:
f6:9a:0c:de:34:1f:ec:36:4d:e3:5a:08:b0:c7:f9:
2d:d0:f1:f3:78:f6:24:cb:2d:2c:1e:bd:a2:32:2e:
6b:9d:e7:e3:28:17:ea:0c:15:75:93:de:15:74:3c:
80:45:88:73:04:47:c2:ae:01:1c:57:d8:47:80:a5:
e0:da:2f:d8:db:0b:42:6f:50:b6:be:59:03:d6:11:
1f:52:b7:10:3e:5b:bf:5a:b7:f9:66:58:59:57:86:
52:fe:7d:bf:58:5e:85:37:fa:87:9e:28:f2:4f:6d:
5b:73:6f:3f:29:fb:84:d1:42:f8:5d:b2:82:99:70:
6a:28:3a:f6:f7:fb:74:32:d7:e3:24:ec:3b:d4:b0:
52:ac:89:4e:90:49:fc:8f:b5:5f:d7:5d:91:e9:20:
08:18:24:b6:15:14:dd:47:03:17:ee:d0:f7:de:76:
90:c7:7c:ad:db:2f:3b:20:1e:8e:88:f7:43:6c:e6:
2a:79:80:fd:2b:d7:ee:8e:a6:c1:09:3b:4e:b8:bf:
94:80:ea:8e:18:e1:11:6d:7e:64:f0:f1:07:26:b2:
23:c4:a8:74:a1:33:8b:9a:1a:9c:10:b3:b9:4c:24:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:34:37:BE:5D:0B:8D:05:BD:90:5F:2B:8A:CA:90:EB:C1:1C:37:28
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-TQ3vl0LjQW9kF8risqQ68EcNyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.185.0/24
Signature Algorithm: sha256WithRSAEncryption
38:c8:b1:e8:c4:91:7b:33:58:6f:df:42:1f:3d:84:f8:1b:f3:
9f:44:7b:08:1c:80:40:b2:b6:63:e0:e2:d9:2f:10:c2:73:d5:
32:a1:18:98:ef:55:0d:88:08:16:d8:04:ac:07:24:33:b9:3b:
d6:34:d3:ba:84:dc:2b:b1:65:94:31:62:4b:26:74:d6:3e:d4:
77:12:41:ba:5d:f3:bb:6a:d7:ff:4a:b7:55:56:09:8e:cf:91:
89:a3:5d:3a:da:c1:f6:68:18:82:8d:71:8c:4f:16:31:f9:ed:
e8:11:ac:b8:f8:12:cc:78:1c:81:77:a0:df:6c:7d:d4:b6:bf:
14:1b:b1:6a:11:41:ef:1a:b5:81:2a:74:80:dc:75:e2:74:06:
01:1c:43:5a:1b:2a:3a:26:86:c5:01:b4:1c:1b:bf:14:69:bf:
56:a4:e2:4c:69:d1:a8:44:85:2b:b0:15:63:d8:86:e1:48:fe:
c8:e4:82:87:16:5c:02:22:f1:e5:1e:64:e0:9a:78:f4:97:55:
dd:78:3b:78:23:b0:e5:fb:58:4e:85:da:88:f7:8c:6f:54:b1:
d2:d8:92:ab:b8:1f:8e:10:d9:67:ee:95:92:aa:43:05:68:57:
b4:d4:c7:50:1a:a3:ba:ab:3c:0c:c5:53:9f:d0:fe:2f:1e:74:
3b:d2:43:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYkcFiQelJy/TP66CYaEpoDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzAzMTQwOTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM0MzdiZTVkMGI4ZDA1YmQ5MDVmMmI4YWNhOTBlYmMxMWMzNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYzaFSKV7TKL4BCMoKZQcOIwifUA
stRBNil1B/X2mgzeNB/sNk3jWgiwx/kt0PHzePYkyy0sHr2iMi5rnefjKBfqDBV1
k94VdDyARYhzBEfCrgEcV9hHgKXg2i/Y2wtCb1C2vlkD1hEfUrcQPlu/Wrf5ZlhZ
V4ZS/n2/WF6FN/qHnijyT21bc28/KfuE0UL4XbKCmXBqKDr29/t0MtfjJOw71LBS
rIlOkEn8j7Vf112R6SAIGCS2FRTdRwMX7tD33naQx3yt2y87IB6OiPdDbOYqeYD9
K9fujqbBCTtOuL+UgOqOGOERbX5k8PEHJrIjxKh0oTOLmhqcELO5TCQXVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPk0N75dC40FvZBfK4rKkOvBHDcoMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMS1UUTN2bDBMalFXOWtGOHJpc3FRNjhFY055Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEw
MS8xL08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1auTAN
BgkqhkiG9w0BAQsFAAOCAQEAOMix6MSRezNYb99CHz2E+Bvzn0R7CByAQLK2Y+Di
2S8QwnPVMqEYmO9VDYgIFtgErAckM7k71jTTuoTcK7FllDFiSyZ01j7UdxJBul3z
u2rX/0q3VVYJjs+RiaNdOtrB9mgYgo1xjE8WMfnt6BGsuPgSzHgcgXeg32x91La/
FBuxahFB7xq1gSp0gNx14nQGARxDWhsqOiaGxQG0HBu/FGm/VqTiTGnRqESFK7AV
Y9iG4Uj+yOSChxZcAiLx5R5k4Jp49JdV3Xg7eCOw5ftYToXaiPeMb1Sx0tiSq7gf
jhDZZ+6VkqpDBWhXtNTHUBqjuqs8DMVTn9D+Lx50O9JDcg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:10 2024 by rpki-client on console-fra.rpki-client.org