Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/10C1I6l9wurl-GLReDw09baDpHU.roa
File: 10C1I6l9wurl-GLReDw09baDpHU.roa (raw, json)
Hash identifier: higCUroeXAMdRZmT/AL3TEtUpxRHWOJIXJxzAD58Oqw=
Subject key identifier: D7:40:B5:23:A9:7D:C2:EA:E5:F8:62:D1:78:3C:34:F5:B6:83:A4:75
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825F57B5039726D713CE96646E03DA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/10C1I6l9wurl-GLReDw09baDpHU.roa
Signing time: Sun 01 Jan 2023 22:44:53 +0000
ROA not before: Sun 01 Jan 2023 22:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:5f:57:b5:03:97:26:d7:13:ce:96:64:6e:03:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d740b523a97dc2eae5f862d1783c34f5b683a475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:03:4a:4a:2c:f6:fd:6e:40:26:a0:08:83:b5:
2f:75:a6:a4:1e:f9:ab:7d:90:63:6f:9a:f9:dc:51:
1c:3a:0f:9b:1d:82:23:54:2e:7c:5b:02:20:db:a1:
16:6e:da:69:81:1e:ca:81:15:17:88:a4:db:af:41:
7a:17:39:f9:4e:b2:59:f9:64:69:45:34:e3:95:33:
83:f1:3a:fb:65:e9:66:2e:40:11:df:27:27:2d:6e:
77:7d:d9:ef:d4:3c:fb:26:ee:03:3d:9f:59:7b:e0:
53:5f:d5:10:28:4b:c3:64:a4:69:a8:37:37:dd:70:
b2:31:b2:e3:5a:fa:56:9e:06:ef:ed:9c:e8:bd:8b:
81:02:89:1e:a0:b5:1a:ff:bc:da:14:52:c4:ad:d0:
24:a6:05:c5:5e:a4:b1:52:98:13:e4:d8:da:d3:09:
7c:1b:b6:e8:0f:bb:43:93:bd:0a:2a:05:fa:29:72:
0d:ea:7b:36:0f:dc:81:4a:f0:5d:94:d2:c3:1e:c2:
ef:35:1d:f3:0c:b7:f1:ac:70:d7:14:f0:66:34:96:
6a:ef:ab:7b:d2:9e:64:88:d2:29:4e:b5:b4:54:2c:
3f:b4:ce:cf:63:6b:5a:8b:a2:1d:b9:e6:c6:3c:ab:
ce:83:72:3f:7d:d4:34:09:71:9f:83:34:1a:ad:c6:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:40:B5:23:A9:7D:C2:EA:E5:F8:62:D1:78:3C:34:F5:B6:83:A4:75
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/10C1I6l9wurl-GLReDw09baDpHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0/24
77.90.177.0/24
77.90.183.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:36:ee:be:02:e5:ab:90:23:7a:13:e5:36:3d:e3:4e:4c:ae:
70:f6:60:9a:e4:4f:23:7a:a2:cf:2f:97:a4:75:3f:5d:d4:ee:
f4:f8:e0:b2:ff:a8:c3:2f:af:70:fb:18:98:7a:12:33:54:db:
9c:7b:f5:c1:ab:8e:31:7b:ea:4c:c0:49:11:8e:5c:3f:06:bf:
76:28:76:a1:26:c0:3d:ab:22:57:89:fd:ab:95:e8:14:ef:40:
90:2d:b0:77:4a:c7:e1:8e:40:69:bb:de:cb:80:d4:8a:1d:72:
b2:b3:06:05:cf:6e:0b:61:d0:a7:bc:1b:f0:d0:35:9a:51:65:
a7:0a:80:24:18:56:96:35:d3:35:ee:c9:e4:00:d8:71:3d:72:
6e:37:ac:26:28:ad:7f:3b:70:76:69:0f:e9:c5:b9:1f:26:14:
f7:7d:db:b2:39:79:96:60:e0:f9:e9:98:7b:33:57:2c:f8:48:
6a:f0:c3:b7:62:3b:2d:06:03:c4:14:a6:27:a7:c6:b7:22:a4:
74:3c:7d:95:9f:b7:5b:f8:cc:31:a5:4a:f2:1d:64:cb:f3:3f:
bd:e9:ed:21:fa:fb:aa:41:aa:38:b1:ad:ea:e1:b5:63:f3:56:
a3:d4:56:18:bb:de:48:e3:2c:f3:fa:f2:02:7f:21:f6:7a:25:
85:02:24:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvgl9XtQOXJtcTzpZkbgPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQwYjUyM2E5N2RjMmVhZTVmODYyZDE3ODNjMzRmNWI2ODNhNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlANKSiz2/W5AJqAIg7UvdaakHvmr
fZBjb5r53FEcOg+bHYIjVC58WwIg26EWbtppgR7KgRUXiKTbr0F6Fzn5TrJZ+WRp
RTTjlTOD8Tr7ZelmLkAR3ycnLW53fdnv1Dz7Ju4DPZ9Ze+BTX9UQKEvDZKRpqDc3
3XCyMbLjWvpWngbv7ZzovYuBAokeoLUa/7zaFFLErdAkpgXFXqSxUpgT5Nja0wl8
G7boD7tDk70KKgX6KXIN6ns2D9yBSvBdlNLDHsLvNR3zDLfxrHDXFPBmNJZq76t7
0p5kiNIpTrW0VCw/tM7PY2tai6IduebGPKvOg3I/fdQ0CXGfgzQarcYwtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNdAtSOpfcLq5fhi0Xg8NPW2g6R1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMTBDMUk2bDl3dXJsLUdMUmVEdzA5YmFEcEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqfAwQA
TVqxAwQATVq3AwQA1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQChNu6+AuWrkCN6E+U2
PeNOTK5w9mCa5E8jeqLPL5ekdT9d1O70+OCy/6jDL69w+xiYehIzVNuce/XBq44x
e+pMwEkRjlw/Br92KHahJsA9qyJXif2rlegU70CQLbB3SsfhjkBpu97LgNSKHXKy
swYFz24LYdCnvBvw0DWaUWWnCoAkGFaWNdM17snkANhxPXJuN6wmKK1/O3B2aQ/p
xbkfJhT3fduyOXmWYOD56Zh7M1cs+Ehq8MO3YjstBgPEFKYnp8a3IqR0PH2Vn7db
+MwxpUryHWTL8z+96e0h+vuqQao4sa3q4bVj81aj1FYYu95I4yzz+vICfyH2eiWF
AiTz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org