Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2GAtFwuQkmS2DM9afEk4297ucbs.roa
File: 2GAtFwuQkmS2DM9afEk4297ucbs.roa (raw, json)
Hash identifier: aEg5bqBtAAp7jR+/7Y68kRear5lX7mH6eDUoCjJGCIc=
Subject key identifier: D8:60:2D:17:0B:90:92:64:B6:0C:CF:5A:7C:49:38:DB:DE:EE:71:BB
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F61CE3C1CE7A20C9719E5A3AA609C730C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2GAtFwuQkmS2DM9afEk4297ucbs.roa
Signing time: Fri 10 May 2024 09:20:56 +0000
ROA not before: Fri 10 May 2024 09:20:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 10:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:ce:3c:1c:e7:a2:0c:97:19:e5:a3:aa:60:9c:73:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 10 09:20:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8602d170b909264b60ccf5a7c4938dbdeee71bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2d:9c:c4:e8:7c:d1:3f:85:ec:dd:39:2a:a2:
45:e2:65:cb:e9:37:31:09:c6:cc:bc:ce:74:90:be:
f1:3c:bc:ce:c5:ae:b7:3e:5c:61:a0:bf:5e:01:97:
db:85:4f:9a:b0:7c:d9:ea:2c:fb:fd:7b:77:7d:a9:
f5:59:ad:50:85:cd:bd:98:4e:be:87:51:bc:a7:61:
7b:f2:6d:2c:e9:86:1d:4d:7c:8d:54:d1:7f:fc:09:
b7:08:44:e6:0e:7a:77:87:f7:9a:09:ce:7b:bd:76:
e3:9f:c2:0a:ce:d4:4b:43:4b:e1:89:ac:06:8e:63:
67:8a:a4:b9:79:83:97:e6:de:52:e2:04:9b:e1:de:
1c:f5:95:4f:80:90:b1:ac:bd:57:8d:ce:1e:c2:95:
de:f4:73:6a:85:6e:37:88:51:bc:48:bd:88:c7:7c:
5e:92:ee:c1:cb:5d:12:91:a5:16:ec:ae:94:3c:2e:
ab:23:90:f4:b8:94:38:4c:9e:2b:0c:b9:80:65:ca:
cf:02:06:f9:f7:c9:9f:d4:c5:92:c3:43:16:7f:14:
fa:65:41:c4:1c:30:39:51:22:74:66:f5:9d:8f:e1:
ba:5f:05:47:96:52:f2:27:d0:5d:02:78:13:21:99:
d3:01:d4:59:c2:f6:3f:80:c1:63:d0:de:d2:c0:db:
d0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:60:2D:17:0B:90:92:64:B6:0C:CF:5A:7C:49:38:DB:DE:EE:71:BB
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2GAtFwuQkmS2DM9afEk4297ucbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.138.0/24
185.230.14.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:11:6c:64:23:b2:54:9a:83:e6:62:5a:e4:71:bb:48:43:47:
e9:28:72:1a:db:10:99:eb:39:ef:6d:4f:a0:da:fe:16:33:6a:
cd:29:bd:f7:c5:4d:0a:77:17:c4:5e:b4:5d:e2:ed:27:82:52:
55:b8:ab:8c:92:f4:77:67:85:fb:dc:14:c5:45:4a:95:2d:81:
1a:f8:55:2d:0f:18:05:7c:a8:66:9a:4a:81:bb:9e:bc:c0:2b:
3f:ae:d1:8a:cb:23:aa:19:90:4e:d0:98:fc:2e:b1:05:ac:34:
b2:6b:28:56:91:29:89:38:33:13:8e:0a:ce:bb:e5:9f:97:03:
d3:dd:c0:af:73:be:46:8b:12:30:c5:38:9c:85:f0:74:9c:76:
a7:5b:62:85:4a:8c:68:a8:08:79:2b:2f:cd:9f:68:4a:d5:3f:
9c:82:fe:e8:84:ea:8c:0b:6c:14:f8:05:c9:ff:a6:75:7a:3e:
e8:b0:fd:e7:ee:4d:ed:e3:cd:fa:c7:17:1a:4c:1c:93:d9:90:
38:72:08:77:a8:9f:d0:ca:30:01:63:58:8f:27:95:0e:71:38:
a0:01:bf:ba:00:bc:d8:83:52:f7:d7:1f:72:49:20:af:ad:e5:
7b:65:85:f0:33:8d:59:32:f9:91:c7:a7:21:ff:8b:19:4f:fc:
21:ee:d1:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9hzjwc56IMlxnlo6pgnHMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTEwMDkyMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYwMmQxNzBiOTA5MjY0YjYwY2NmNWE3YzQ5MzhkYmRlZWU3MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui2cxOh80T+F7N05KqJF4mXL6Tcx
CcbMvM50kL7xPLzOxa63PlxhoL9eAZfbhU+asHzZ6iz7/Xt3fan1Wa1Qhc29mE6+
h1G8p2F78m0s6YYdTXyNVNF//Am3CETmDnp3h/eaCc57vXbjn8IKztRLQ0vhiawG
jmNniqS5eYOX5t5S4gSb4d4c9ZVPgJCxrL1Xjc4ewpXe9HNqhW43iFG8SL2Ix3xe
ku7By10SkaUW7K6UPC6rI5D0uJQ4TJ4rDLmAZcrPAgb598mf1MWSw0MWfxT6ZUHE
HDA5USJ0ZvWdj+G6XwVHllLyJ9BdAngTIZnTAdRZwvY/gMFj0N7SwNvQnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNhgLRcLkJJktgzPWnxJONve7nG7MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMkdBdEZ3dVFrbVMyRE05YWZFazQyOTd1Y2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqHAwQA
TVqKAwQAueYOAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQCbEWxkI7JUmoPmYlrk
cbtIQ0fpKHIa2xCZ6znvbU+g2v4WM2rNKb33xU0KdxfEXrRd4u0nglJVuKuMkvR3
Z4X73BTFRUqVLYEa+FUtDxgFfKhmmkqBu568wCs/rtGKyyOqGZBO0Jj8LrEFrDSy
ayhWkSmJODMTjgrOu+WflwPT3cCvc75GixIwxTichfB0nHanW2KFSoxoqAh5Ky/N
n2hK1T+cgv7ohOqMC2wU+AXJ/6Z1ej7osP3n7k3t4836xxcaTByT2ZA4cgh3qJ/Q
yjABY1iPJ5UOcTigAb+6ALzYg1L31x9ySSCvreV7ZYXwM41ZMvmRx6ch/4sZT/wh
7tFX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org