Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1JszVomsgQ1_6i1DWdxHQSlrjIY.roa
File: 1JszVomsgQ1_6i1DWdxHQSlrjIY.roa (raw, json)
Hash identifier: SnRq/Ms3g7bQuuBI5Svhndb7epASPZmRr+d7NciK6so=
Subject key identifier: D4:9B:33:56:89:AC:81:0D:7F:EA:2D:43:59:DC:47:41:29:6B:8C:86
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CF851360E8D1850C635AE4B9DF2E9C17B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1JszVomsgQ1_6i1DWdxHQSlrjIY.roa
Signing time: Thu 11 Jan 2024 11:38:40 +0000
ROA not before: Thu 11 Jan 2024 11:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 22:14:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:51:36:0e:8d:18:50:c6:35:ae:4b:9d:f2:e9:c1:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 11 11:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d49b335689ac810d7fea2d4359dc4741296b8c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:75:95:cf:49:65:f0:73:bc:a1:5f:bf:3a:
28:3f:8c:f0:30:a9:8a:5d:1e:5a:c4:94:f9:94:ab:
36:74:fc:0a:cb:df:71:c1:bb:75:04:14:ab:d3:cb:
1f:b3:ba:a2:e0:b5:3f:42:53:6d:3c:8d:1d:ea:f0:
e7:7c:5a:a3:31:82:d6:13:7d:ce:45:f8:52:53:c5:
a8:da:40:e9:fd:43:ac:82:e8:df:8d:ac:2c:78:ed:
9a:31:5e:6a:5f:0f:7a:bf:ee:67:25:1c:bf:4d:8a:
1b:fb:2b:ed:7c:cb:ae:03:0a:81:97:d7:d6:95:c9:
cc:b1:9f:3b:7f:9c:66:54:f2:3c:d9:1f:a7:06:c7:
29:cd:a7:40:04:34:d8:f1:91:93:df:59:f6:75:a3:
c7:d8:15:0d:d7:cb:da:81:ab:1a:a1:55:b2:73:e8:
9b:cb:0e:db:20:fc:60:f0:8b:34:8e:27:91:72:6f:
57:ac:5e:a7:30:89:f5:48:73:f1:df:e6:a7:71:7d:
5c:7c:6e:fd:37:0f:21:0a:df:f9:97:5a:e4:a8:e8:
36:8f:27:76:82:09:a0:53:97:63:3a:17:69:aa:24:
f1:f6:98:eb:0b:68:f7:8c:a3:29:b6:ba:52:3f:01:
2a:73:0a:88:6d:75:d8:33:31:0c:37:3a:d9:d7:f8:
3b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9B:33:56:89:AC:81:0D:7F:EA:2D:43:59:DC:47:41:29:6B:8C:86
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1JszVomsgQ1_6i1DWdxHQSlrjIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
185.230.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:4e:ad:6b:86:e0:5a:1e:39:58:31:c9:25:e3:42:08:ac:11:
17:e8:8b:5b:bb:b4:05:be:12:3c:af:fe:0c:83:e9:e9:d8:f7:
7a:cd:85:de:2a:23:56:13:92:09:1d:05:f6:35:30:4e:c7:57:
65:e4:8e:c0:b2:b1:3c:f9:a2:da:ab:f2:76:0b:a1:0d:dc:8d:
31:f6:74:8d:94:7e:19:51:e2:00:82:45:3f:6b:60:55:c5:fe:
36:98:af:d9:91:22:0d:76:36:59:a1:3f:8a:3a:82:e9:56:46:
05:58:aa:aa:0f:e6:95:df:d9:0b:c3:02:da:8b:48:ec:75:a8:
6c:a8:df:55:81:5c:fe:3b:9b:ea:c2:af:d7:f0:9b:77:6e:62:
d0:40:1a:f4:b0:fc:dc:7f:3d:e1:a8:7c:8a:45:9f:83:c1:cc:
46:22:45:19:37:31:97:55:9e:69:65:71:67:5a:8e:fe:4b:c7:
35:4d:c3:a3:9a:eb:95:2f:71:bf:1f:c4:86:b5:e8:f5:1b:f1:
fc:b1:37:fd:af:2e:2d:c0:9d:d0:4a:4d:6c:bf:e2:74:0c:84:
f0:c3:96:54:9f:6a:81:1f:4c:75:8c:33:58:38:16:3a:9b:79:
65:51:81:01:e1:fa:b6:83:3f:62:68:62:56:54:44:cc:57:a9:
d8:42:c0:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz4UTYOjRhQxjWuS53y6cF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTExMTEzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDliMzM1Njg5YWM4MTBkN2ZlYTJkNDM1OWRjNDc0MTI5NmI4Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmp1lc9JZfBzvKFfvzooP4zwMKmK
XR5axJT5lKs2dPwKy99xwbt1BBSr08sfs7qi4LU/QlNtPI0d6vDnfFqjMYLWE33O
RfhSU8Wo2kDp/UOsgujfjawseO2aMV5qXw96v+5nJRy/TYob+yvtfMuuAwqBl9fW
lcnMsZ87f5xmVPI82R+nBscpzadABDTY8ZGT31n2daPH2BUN18vagasaoVWyc+ib
yw7bIPxg8Is0jieRcm9XrF6nMIn1SHPx3+ancX1cfG79Nw8hCt/5l1rkqOg2jyd2
ggmgU5djOhdpqiTx9pjrC2j3jKMptrpSPwEqcwqIbXXYMzEMNzrZ1/g7nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNSbM1aJrIENf+otQ1ncR0Epa4yGMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMUpzelZvbXNnUTFfNmkxRFdkeEhRU2xyaklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqRAwQB
ueYOMA0GCSqGSIb3DQEBCwUAA4IBAQCfTq1rhuBaHjlYMckl40IIrBEX6Itbu7QF
vhI8r/4Mg+np2Pd6zYXeKiNWE5IJHQX2NTBOx1dl5I7AsrE8+aLaq/J2C6EN3I0x
9nSNlH4ZUeIAgkU/a2BVxf42mK/ZkSINdjZZoT+KOoLpVkYFWKqqD+aV39kLwwLa
i0jsdahsqN9VgVz+O5vqwq/X8Jt3bmLQQBr0sPzcfz3hqHyKRZ+DwcxGIkUZNzGX
VZ5pZXFnWo7+S8c1TcOjmuuVL3G/H8SGtej1G/H8sTf9ry4twJ3QSk1sv+J0DITw
w5ZUn2qBH0x1jDNYOBY6m3llUYEB4fq2gz9iaGJWVETMV6nYQsAM
-----END CERTIFICATE-----
Generated at Tue Jan 30 01:06:27 2024 by rpki-client on console-fra.rpki-client.org