Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2uUAQi5DbClgKBOLQOiUaYyyBB8.roa
File: 2uUAQi5DbClgKBOLQOiUaYyyBB8.roa (raw, json)
Hash identifier: T/jvpUFcIxhsIwfCZXfL9xDDa6aVGlNZqSK7VQbIWUI=
Subject key identifier: DA:E5:00:42:2E:43:6C:29:60:28:13:8B:40:E8:94:69:8C:B2:04:1F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F82565716A8275C4A245307886EAE6C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2uUAQi5DbClgKBOLQOiUaYyyBB8.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 213.209.135.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 19:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:56:57:16:a8:27:5c:4a:24:53:07:88:6e:ae:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dae500422e436c296028138b40e894698cb2041f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:53:60:26:ca:ce:fd:81:f9:fb:b3:a7:7c:
99:69:d5:3b:50:d4:b3:72:9e:20:cc:a2:7f:bd:c7:
8b:52:e0:32:46:40:78:b0:9b:45:f2:f7:36:89:67:
22:e9:b6:02:24:e6:a8:a5:e1:c9:0a:b6:07:1c:c3:
91:b6:94:92:cb:4f:69:20:f9:63:e3:b3:6e:f5:2a:
28:07:21:ea:3f:42:66:89:7c:ad:85:71:05:0b:42:
d4:35:69:d7:2b:de:3f:c6:50:e7:33:c2:07:d9:9d:
ec:3f:54:40:e7:83:72:84:60:e5:41:10:5b:69:25:
1d:21:7e:08:d1:a9:60:d6:d1:7c:4c:44:bd:6f:18:
68:3f:4d:30:38:a8:6a:07:5b:18:a0:97:f2:4e:54:
9d:0f:05:fd:97:44:9d:16:0e:f8:34:56:a7:60:11:
53:fe:66:55:3f:30:9a:c5:ce:8f:0e:91:06:76:64:
97:dc:12:b7:82:bb:30:ae:9b:fd:30:2a:bd:39:8a:
7b:ed:6a:0b:6e:88:d0:de:00:be:40:09:d4:b9:cb:
7a:4c:be:47:13:25:50:9c:c1:a4:92:57:33:00:db:
f9:1e:5b:73:4b:1e:d4:63:c0:13:c0:26:cb:86:c7:
e7:fb:52:41:da:45:e4:85:b6:ae:78:a2:c6:d9:2b:
4e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E5:00:42:2E:43:6C:29:60:28:13:8B:40:E8:94:69:8C:B2:04:1F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2uUAQi5DbClgKBOLQOiUaYyyBB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0-77.90.168.255
77.90.174.0/24
213.209.135.0/24
213.209.141.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
9e:38:af:d7:df:6c:1d:f4:61:3c:a8:23:40:a7:01:2a:2b:eb:
25:7e:77:8b:2d:32:dc:04:75:85:96:89:34:16:8a:70:44:44:
ff:7d:31:e8:6f:41:99:47:e2:de:03:ef:ea:9c:00:58:98:e7:
1d:7d:d7:2c:91:24:84:07:46:33:38:d7:f3:a9:a8:c3:46:75:
fb:e8:49:06:88:06:98:be:0d:ef:e4:c2:1c:a9:ee:34:63:e7:
a4:22:74:39:94:d3:03:a6:92:3b:25:ca:1f:bb:db:2b:38:5f:
bc:f8:43:9b:28:b4:d0:d6:a3:41:81:94:4f:25:24:16:53:69:
80:d2:0e:45:1e:d0:a9:56:5f:e3:41:c7:58:cb:76:cb:e5:50:
ab:b4:61:de:e0:96:ea:31:5e:46:6a:89:d7:84:79:65:80:e5:
f6:cb:39:5a:af:81:63:5d:0d:a3:a5:34:8c:63:80:86:ff:16:
aa:62:72:e2:47:3b:8c:78:3f:d6:61:a7:f1:27:c2:cd:82:a1:
b9:7e:81:11:54:99:fa:3a:6f:97:4c:f0:f2:81:79:e8:d2:97:
c6:67:48:51:5c:18:41:ec:97:bb:d1:51:10:06:14:6f:a2:53:
b3:11:8d:bb:21:53:f1:79:e2:d2:0b:4a:75:7a:56:10:0c:40:
77:07:82:c7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvglZXFqgnXEokUweIbq5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWU1MDA0MjJlNDM2YzI5NjAyODEzOGI0MGU4OTQ2OThjYjIwNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCBTYCbKzv2B+fuzp3yZadU7UNSz
cp4gzKJ/vceLUuAyRkB4sJtF8vc2iWci6bYCJOaopeHJCrYHHMORtpSSy09pIPlj
47Nu9SooByHqP0JmiXythXEFC0LUNWnXK94/xlDnM8IH2Z3sP1RA54NyhGDlQRBb
aSUdIX4I0alg1tF8TES9bxhoP00wOKhqB1sYoJfyTlSdDwX9l0SdFg74NFanYBFT
/mZVPzCaxc6PDpEGdmSX3BK3grswrpv9MCq9OYp77WoLbojQ3gC+QAnUuct6TL5H
EyVQnMGkklczANv5HltzSx7UY8ATwCbLhsfn+1JB2kXkhbaueKLG2StOpQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNrlAEIuQ2wpYCgTi0DolGmMsgQfMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMnVVQVFpNURiQ2xnS0JPTFFPaVVhWXl5QkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBABNWqcD
BABNWqgDBABNWq4DBADV0YcDBADV0Y0wDAMEANXRmQMEANXRmjANBgkqhkiG9w0B
AQsFAAOCAQEAnjiv199sHfRhPKgjQKcBKivrJX53iy0y3AR1hZaJNBaKcERE/30x
6G9BmUfi3gPv6pwAWJjnHX3XLJEkhAdGMzjX86mow0Z1++hJBogGmL4N7+TCHKnu
NGPnpCJ0OZTTA6aSOyXKH7vbKzhfvPhDmyi00NajQYGUTyUkFlNpgNIORR7QqVZf
40HHWMt2y+VQq7Rh3uCW6jFeRmqJ14R5ZYDl9ss5Wq+BY10No6U0jGOAhv8WqmJy
4kc7jHg/1mGn8SfCzYKhuX6BEVSZ+jpvl0zw8oF56NKXxmdIUVwYQeyXu9FREAYU
b6JTsxGNuyFT8Xni0gtKdXpWEAxAdweCxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org