Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1fHPNEVl1qFYXPvdhTo7sHmF3-4.roa
File: 1fHPNEVl1qFYXPvdhTo7sHmF3-4.roa (raw, json)
Hash identifier: /Tq8VC7KOaYvVErOE+Ou6pbBoiERZFKrDJG7PoPopkc=
Subject key identifier: D5:F1:CF:34:45:65:D6:A1:58:5C:FB:DD:85:3A:3B:B0:79:85:DF:EE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825750201E2ED6A122BA6D5521033C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1fHPNEVl1qFYXPvdhTo7sHmF3-4.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12695
IP address blocks: 77.90.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:57:50:20:1e:2e:d6:a1:22:ba:6d:55:21:03:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5f1cf344565d6a1585cfbdd853a3bb07985dfee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3c:4a:74:b0:d7:14:81:13:36:ae:4d:34:de:
e7:81:9c:d3:2c:8f:4c:90:9d:be:5e:8c:1d:44:2c:
cb:c3:57:a9:ad:9c:ec:ff:e8:7e:1d:6d:4d:34:08:
06:b4:d7:f7:b8:76:a6:50:61:fc:de:30:dd:af:9a:
fc:6c:8a:b3:d8:ca:8c:c8:89:83:14:73:b0:4d:ac:
99:33:b8:42:9b:66:1d:e5:e5:90:23:42:c1:4b:b5:
9d:5d:ea:cd:60:54:29:a9:8a:81:4e:d4:85:4c:ea:
1f:d8:81:91:a5:45:70:38:ee:71:99:0b:1a:69:82:
d5:e6:ed:98:99:ab:50:f3:c1:a4:2b:02:6d:d2:11:
9c:3f:e7:3e:ff:0e:b1:bd:73:54:c5:48:8f:e1:cb:
f3:62:0c:57:4e:87:89:f3:ab:d9:63:d8:f0:db:ce:
5c:88:c6:14:5f:45:a6:84:52:fd:11:a4:66:14:45:
d8:b1:4d:44:9b:47:b1:6f:78:de:db:53:e5:65:55:
bf:4e:39:09:b3:dc:f8:33:48:11:6a:af:2f:b1:67:
79:87:9d:91:8f:d8:47:51:88:0b:8d:48:96:bc:19:
f7:2b:ef:d1:ed:1a:b1:ac:94:7b:b8:9e:9b:57:25:
d9:5f:0f:59:4c:1a:68:c3:a1:3b:6c:3d:c9:c3:ef:
3e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F1:CF:34:45:65:D6:A1:58:5C:FB:DD:85:3A:3B:B0:79:85:DF:EE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1fHPNEVl1qFYXPvdhTo7sHmF3-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.189.0/24
Signature Algorithm: sha256WithRSAEncryption
99:49:f4:43:bc:e2:97:85:62:a1:05:c0:19:39:2d:02:ca:8b:
13:cd:97:64:33:8c:f6:24:93:80:73:c8:7b:0c:c7:9d:4c:50:
de:a2:c8:d9:22:d8:51:f7:5a:0d:23:66:33:8d:c2:13:5a:8e:
f9:56:90:d6:78:b3:45:28:fa:fa:79:10:d8:b4:e8:d8:30:ed:
0e:af:de:8e:33:6b:d6:44:a6:28:30:15:68:1f:8c:98:0e:de:
4b:e7:89:5d:78:f1:ea:22:6e:a6:48:0a:c9:4f:31:e2:e0:19:
de:1a:48:58:b0:e4:de:dc:a0:f9:1e:f1:ec:4f:08:5a:da:74:
e6:14:c0:df:5e:cc:f6:fc:50:8b:82:2b:c3:48:0b:41:9c:a1:
4b:fc:74:9d:c2:76:77:6c:42:53:60:74:80:68:24:a8:62:68:
22:65:f8:76:2c:31:d8:f5:10:12:16:06:b1:d4:08:6f:8d:7c:
0a:bf:b6:8d:33:2a:fa:dc:ad:49:df:ff:cc:3f:44:d2:52:af:
79:32:f8:1c:96:70:48:9e:1c:fa:55:e6:70:aa:d2:be:27:22:
a0:0e:56:a1:1a:f8:17:e1:e5:5b:9e:57:60:58:72:62:a4:6f:
44:76:7f:41:44:c6:d0:d3:70:1e:2f:2c:29:5f:57:a5:a4:da:
3c:84:55:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgldQIB4u1qEium1VIQM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWYxY2YzNDQ1NjVkNmExNTg1Y2ZiZGQ4NTNhM2JiMDc5ODVkZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljxKdLDXFIETNq5NNN7ngZzTLI9M
kJ2+XowdRCzLw1eprZzs/+h+HW1NNAgGtNf3uHamUGH83jDdr5r8bIqz2MqMyImD
FHOwTayZM7hCm2Yd5eWQI0LBS7WdXerNYFQpqYqBTtSFTOof2IGRpUVwOO5xmQsa
aYLV5u2YmatQ88GkKwJt0hGcP+c+/w6xvXNUxUiP4cvzYgxXToeJ86vZY9jw285c
iMYUX0WmhFL9EaRmFEXYsU1Em0exb3je21PlZVW/TjkJs9z4M0gRaq8vsWd5h52R
j9hHUYgLjUiWvBn3K+/R7RqxrJR7uJ6bVyXZXw9ZTBpow6E7bD3Jw+8+8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXxzzRFZdahWFz73YU6O7B5hd/uMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMWZIUE5FVmwxcUZZWFB2ZGhUbzdzSG1GMy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVq9MA0G
CSqGSIb3DQEBCwUAA4IBAQCZSfRDvOKXhWKhBcAZOS0CyosTzZdkM4z2JJOAc8h7
DMedTFDeosjZIthR91oNI2YzjcITWo75VpDWeLNFKPr6eRDYtOjYMO0Or96OM2vW
RKYoMBVoH4yYDt5L54ldePHqIm6mSArJTzHi4BneGkhYsOTe3KD5HvHsTwha2nTm
FMDfXsz2/FCLgivDSAtBnKFL/HSdwnZ3bEJTYHSAaCSoYmgiZfh2LDHY9RASFgax
1AhvjXwKv7aNMyr63K1J3//MP0TSUq95MvgclnBInhz6VeZwqtK+JyKgDlahGvgX
4eVbnldgWHJipG9Edn9BRMbQ03AeLywpX1elpNo8hFUQ
-----END CERTIFICATE-----
Generated at Sat Sep 23 10:29:33 2023 by rpki-client on console-fra.rpki-client.org