Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-cUx9o1V2egfQ3WG4eUs7VaqqaA.roa
File: 1-cUx9o1V2egfQ3WG4eUs7VaqqaA.roa (raw, json)
Hash identifier: ceoz4lI5sAI57BvorrgECVuypjPjwTFct1FXo7+UHCo=
Subject key identifier: F9:C5:31:F6:8D:55:D9:E8:1F:43:75:86:E1:E5:2C:ED:56:AA:A9:A0
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018597B4BBFE11CAD973A4E1CDF1965204FD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-cUx9o1V2egfQ3WG4eUs7VaqqaA.roa
Signing time: Mon 09 Jan 2023 18:04:42 +0000
ROA not before: Mon 09 Jan 2023 18:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.146.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
77.90.151.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:b4:bb:fe:11:ca:d9:73:a4:e1:cd:f1:96:52:04:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 9 18:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9c531f68d55d9e81f437586e1e52ced56aaa9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ac:aa:37:f1:8c:b7:1c:80:07:a5:e4:be:4d:
e7:02:6f:75:eb:d1:80:c7:bd:54:90:28:62:32:bc:
d3:30:b5:74:cc:2b:c9:4d:34:e1:20:f2:3d:21:c3:
dd:a3:94:ec:7c:36:7c:2c:0e:dc:89:a0:99:d3:5f:
74:3e:27:01:8e:d6:ad:0b:3f:ac:66:4c:dd:09:97:
cd:88:f5:02:a9:93:d8:bf:78:9b:3c:ac:a2:d8:88:
ac:40:96:cb:6b:35:b1:8b:01:d8:e0:cc:57:38:9e:
f2:1d:6b:0e:06:75:a1:d0:c5:7d:1f:8e:04:9e:f0:
8b:32:17:93:53:b4:bd:08:de:5f:a4:a4:98:9d:b2:
bb:cd:d6:dc:10:d5:37:da:a7:87:db:a6:5c:9c:b9:
43:c2:c1:2e:d2:09:da:03:88:0d:80:85:2e:9e:74:
a6:cc:b6:4f:09:a5:63:d5:22:31:e0:03:65:c6:ec:
8c:9f:b5:82:08:a5:25:d7:66:39:fb:8e:3d:5e:d6:
77:16:0a:e9:6e:3c:1d:89:61:ea:c2:91:1d:39:bd:
38:6f:f5:c0:36:41:2a:81:c8:e5:d9:23:60:85:38:
ed:9a:91:10:1f:31:81:88:97:ef:89:16:9c:0f:1d:
16:11:7b:6c:43:4d:a3:19:28:1f:d3:d7:dd:64:5d:
97:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C5:31:F6:8D:55:D9:E8:1F:43:75:86:E1:E5:2C:ED:56:AA:A9:A0
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-cUx9o1V2egfQ3WG4eUs7VaqqaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
77.90.151.0/24
77.90.185.0/24
213.209.146.0/24
Signature Algorithm: sha256WithRSAEncryption
06:11:cc:be:b1:8c:2b:40:b2:52:3f:16:a8:52:2b:8f:56:f3:
6d:db:a6:c1:cc:8b:dd:ac:c0:85:ef:77:9e:6b:8f:08:cd:06:
fe:67:2c:f7:d6:b1:fb:1a:31:5f:33:d4:aa:3b:50:db:cf:34:
ff:c6:87:0c:fd:b1:8e:bd:c9:b4:8d:9b:d7:8c:c6:29:19:3f:
e2:1b:6c:09:fc:b4:b6:d7:20:e3:ec:b7:89:6c:f6:99:01:27:
4d:cd:a7:26:be:42:79:c7:55:82:88:1c:77:d3:57:45:52:6c:
0a:cb:ab:b4:97:e3:f5:e1:c4:e3:6d:27:91:00:bf:02:2f:69:
9a:33:87:36:fe:72:0d:f7:7c:8e:f6:6f:e2:de:89:15:9f:14:
3f:c9:44:9a:bd:5c:09:b6:72:7d:2a:7f:d2:4f:09:63:32:22:
10:0e:cb:a5:c4:61:e8:3c:d0:62:77:bb:dc:55:47:bb:92:c8:
e7:fa:07:45:fc:05:fe:df:97:2c:11:69:fd:48:30:a1:f4:46:
f3:e4:d3:f8:71:e1:2b:8a:92:09:25:26:d3:63:09:16:88:d2:
cd:05:62:f0:96:3f:f0:88:71:78:e3:52:81:ab:cd:49:35:d1:
16:fc:d7:8f:bb:3b:1c:fc:02:09:be:b6:e2:78:67:1b:18:39:
79:79:62:ab
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYWXtLv+EcrZc6ThzfGWUgT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTA5MTgwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM1MzFmNjhkNTVkOWU4MWY0Mzc1ODZlMWU1MmNlZDU2YWFhOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqyqN/GMtxyAB6Xkvk3nAm9169GA
x71UkChiMrzTMLV0zCvJTTThIPI9IcPdo5TsfDZ8LA7ciaCZ0190PicBjtatCz+s
ZkzdCZfNiPUCqZPYv3ibPKyi2IisQJbLazWxiwHY4MxXOJ7yHWsOBnWh0MV9H44E
nvCLMheTU7S9CN5fpKSYnbK7zdbcENU32qeH26ZcnLlDwsEu0gnaA4gNgIUunnSm
zLZPCaVj1SIx4ANlxuyMn7WCCKUl12Y5+449XtZ3FgrpbjwdiWHqwpEdOb04b/XA
NkEqgcjl2SNghTjtmpEQHzGBiJfviRacDx0WEXtsQ02jGSgf09fdZF2XFwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPnFMfaNVdnoH0N1huHlLO1WqqmgMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMS1jVXg5bzFWMmVnZlEzV0c0ZVVzN1ZhcXFhQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEw
MS8xL08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE1aigME
AE1alwMEAE1auQMEANXRkjANBgkqhkiG9w0BAQsFAAOCAQEABhHMvrGMK0CyUj8W
qFIrj1bzbdumwcyL3azAhe93nmuPCM0G/mcs99ax+xoxXzPUqjtQ2880/8aHDP2x
jr3JtI2b14zGKRk/4htsCfy0ttcg4+y3iWz2mQEnTc2nJr5CecdVgogcd9NXRVJs
CsurtJfj9eHE420nkQC/Ai9pmjOHNv5yDfd8jvZv4t6JFZ8UP8lEmr1cCbZyfSp/
0k8JYzIiEA7LpcRh6DzQYne73FVHu5LI5/oHRfwF/t+XLBFp/UgwofRG8+TT+HHh
K4qSCSUm02MJFojSzQVi8JY/8IhxeONSgavNSTXRFvzXj7s7HPwCCb624nhnGxg5
eXliqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org