Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-bZHP2QX72kzdudygdi9XULjAfg.roa
File: 1-bZHP2QX72kzdudygdi9XULjAfg.roa (raw, json)
Hash identifier: QbHKU2QRzogWnJhNj5zlR0M4H0ZxZ5cIncmRbSa76SI=
Subject key identifier: F9:B6:47:3F:64:17:EF:69:33:76:E7:72:81:D8:BD:5D:42:E3:01:F8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0191387039D42182BDF92A24896CA0EC5B3E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-bZHP2QX72kzdudygdi9XULjAfg.roa
Signing time: Fri 09 Aug 2024 18:39:24 +0000
ROA not before: Fri 09 Aug 2024 18:39:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 18:55:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:70:39:d4:21:82:bd:f9:2a:24:89:6c:a0:ec:5b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 9 18:39:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b6473f6417ef693376e77281d8bd5d42e301f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9d:af:48:5d:6e:9b:f0:e5:91:52:7e:78:51:
1c:fb:d6:5d:a3:36:81:f8:a9:86:80:1e:3c:d6:d1:
59:82:0a:ae:a3:be:ac:43:99:48:cc:69:9e:fc:8a:
cc:92:49:de:1c:f8:67:90:11:b6:ce:97:26:7c:b5:
fe:14:0a:2c:f6:ba:4c:1b:fe:0a:25:c2:92:8b:11:
d8:0d:2e:05:0e:63:36:ad:77:6c:80:28:da:10:75:
31:01:88:14:e7:d8:03:fb:b6:bb:a9:5d:dd:2f:70:
42:0a:00:5d:a8:08:f2:03:71:07:ac:e8:b3:b1:79:
c8:07:a0:b6:86:5a:9d:47:b3:77:d9:f7:46:2c:fc:
8f:65:09:d0:04:f1:9e:73:c6:76:64:24:6f:81:fd:
98:34:69:92:05:8d:11:3f:76:c3:c4:48:b8:2e:10:
24:5f:36:13:11:2a:94:f6:b0:26:83:1e:51:1f:4c:
89:60:c8:6f:d6:c7:b3:f4:4e:c1:2e:df:5a:f8:bd:
b6:88:a8:1b:57:8d:ea:15:5c:cd:e2:43:8e:47:d8:
1f:95:7a:5c:b4:8a:8f:66:80:40:61:bc:08:1b:f0:
cf:61:1d:f9:30:21:36:7f:23:ad:67:40:c1:a7:5d:
c7:e7:41:38:d3:a3:ed:12:e4:7e:d7:8f:ec:9f:cc:
48:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B6:47:3F:64:17:EF:69:33:76:E7:72:81:D8:BD:5D:42:E3:01:F8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-bZHP2QX72kzdudygdi9XULjAfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.129.0/24
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
87:7a:03:8d:46:8e:92:40:f7:92:e1:10:cf:70:12:0b:76:e3:
17:a0:a8:b4:71:96:bf:36:ee:43:50:26:39:5d:5d:4d:ed:8e:
34:37:27:09:95:3b:d5:95:84:62:15:90:65:1d:b2:45:89:72:
a4:df:89:69:77:6a:4c:8d:d8:27:eb:17:15:e4:9f:da:4c:0b:
b2:42:38:e7:4b:3b:0c:ee:0f:44:49:6e:12:06:48:f3:d0:b1:
fe:68:f1:6a:0f:c6:9f:72:76:44:8a:25:10:3d:93:f6:a5:25:
30:f9:12:21:b8:38:5d:0f:79:b3:64:a6:01:c6:c9:1c:21:d2:
0d:12:65:4c:1a:0f:8c:69:21:13:c4:99:68:99:01:6e:17:f3:
15:85:d2:91:5e:29:a4:01:c9:dc:ea:78:79:5a:d2:95:f4:43:
f3:de:f4:b8:e2:14:a3:9d:1e:db:ff:97:d5:d8:2e:5a:a9:59:
30:06:e4:3d:cf:d6:64:29:eb:7b:36:34:7f:f2:74:50:be:db:
bd:d4:84:e0:4c:d8:4c:4c:b7:a4:3e:15:f7:da:51:0c:bb:50:
28:f4:24:85:55:2d:53:1d:84:e6:62:40:a7:af:9e:15:d0:c8:
2d:47:7b:8d:e0:59:2b:65:87:92:3e:f8:b1:e9:a2:a4:c4:51:
7f:11:87:b6
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZE4cDnUIYK9+SokiWyg7Fs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODA5MTgzOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI2NDczZjY0MTdlZjY5MzM3NmU3NzI4MWQ4YmQ1ZDQyZTMwMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ2vSF1um/DlkVJ+eFEc+9ZdozaB
+KmGgB481tFZggquo76sQ5lIzGme/IrMkkneHPhnkBG2zpcmfLX+FAos9rpMG/4K
JcKSixHYDS4FDmM2rXdsgCjaEHUxAYgU59gD+7a7qV3dL3BCCgBdqAjyA3EHrOiz
sXnIB6C2hlqdR7N32fdGLPyPZQnQBPGec8Z2ZCRvgf2YNGmSBY0RP3bDxEi4LhAk
XzYTESqU9rAmgx5RH0yJYMhv1sez9E7BLt9a+L22iKgbV43qFVzN4kOOR9gflXpc
tIqPZoBAYbwIG/DPYR35MCE2fyOtZ0DBp13H50E406PtEuR+14/sn8xI7QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPm2Rz9kF+9pM3bncoHYvV1C4wH4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMS1iWkhQMlFYNzJremR1ZHlnZGk5WFVMakFmZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEw
MS8xL08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAE1ahwME
AE1akQMEAE1avAMEALnmDwMEANXRgQMEANXRjzANBgkqhkiG9w0BAQsFAAOCAQEA
h3oDjUaOkkD3kuEQz3ASC3bjF6CotHGWvzbuQ1AmOV1dTe2ONDcnCZU71ZWEYhWQ
ZR2yRYlypN+JaXdqTI3YJ+sXFeSf2kwLskI450s7DO4PREluEgZI89Cx/mjxag/G
n3J2RIolED2T9qUlMPkSIbg4XQ95s2SmAcbJHCHSDRJlTBoPjGkhE8SZaJkBbhfz
FYXSkV4ppAHJ3Op4eVrSlfRD8970uOIUo50e2/+X1dguWqlZMAbkPc/WZCnrezY0
f/J0UL7bvdSE4EzYTEy3pD4V99pRDLtQKPQkhVUtUx2E5mJAp6+eFdDILUd7jeBZ
K2WHkj74semipMRRfxGHtg==
-----END CERTIFICATE-----
Generated at Tue Aug 13 20:45:21 2024 by rpki-client on console-fra.rpki-client.org