Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5oY9gmmmU7636F0wlqgSvYpetHQ.roa
File: 5oY9gmmmU7636F0wlqgSvYpetHQ.roa (raw, json)
Hash identifier: rs8a6mrz8j5++gKMDvOwIJ/gksRUZcIQAuCUlpe+KDI=
Subject key identifier: E6:86:3D:82:69:A6:53:BE:B7:E8:5D:30:96:A8:12:BD:8A:5E:B4:74
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3919107DC5C08A44AF6B53DB2DF4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5oY9gmmmU7636F0wlqgSvYpetHQ.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 77.90.131.0/24 maxlen: 24
77.90.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 21:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:39:19:10:7d:c5:c0:8a:44:af:6b:53:db:2d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6863d8269a653beb7e85d3096a812bd8a5eb474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4d:a3:b5:f2:9d:53:63:43:db:9a:dd:08:d8:
e9:ef:4d:47:be:c5:12:59:39:45:7a:17:32:4e:65:
3e:9a:0a:81:94:ab:d9:db:ff:83:16:af:70:c9:d9:
84:5c:86:51:ae:c4:fc:18:11:12:84:57:2f:bf:e7:
e6:77:b1:d1:cc:19:d4:f3:12:f8:54:0d:10:5d:5d:
8e:fc:3b:06:44:25:61:9e:8a:80:47:74:38:a2:80:
b9:72:11:db:3b:36:fe:52:0b:d7:07:d7:75:e8:f4:
41:3a:e1:46:10:c1:2a:34:2d:7f:24:26:29:8c:98:
a1:56:65:37:02:14:0c:77:a3:c2:a8:32:ea:70:85:
c9:a2:e5:7a:09:34:99:f0:14:75:0f:b9:ec:d9:10:
af:8a:71:1c:f2:fe:25:2a:11:f5:68:0d:e3:8f:cf:
41:24:8d:49:08:9e:6b:51:cc:f7:62:97:89:ea:6b:
96:5e:cc:b0:f3:4c:70:cf:f3:3f:1a:4d:89:30:de:
c2:ab:42:a3:41:bf:f4:30:25:df:2d:91:f1:99:c1:
d3:35:f3:4f:d4:0a:62:83:5d:12:a6:ce:0a:ef:10:
32:27:b6:32:8c:0d:43:fa:fc:73:da:b5:ca:20:83:
4f:5b:15:9d:98:e5:07:cf:6c:38:cd:a9:c9:ac:5d:
dd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:86:3D:82:69:A6:53:BE:B7:E8:5D:30:96:A8:12:BD:8A:5E:B4:74
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5oY9gmmmU7636F0wlqgSvYpetHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.131.0/24
77.90.141.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:06:29:af:77:c0:cb:e0:49:bb:62:71:90:30:d6:a5:e1:df:
ad:a6:5b:b7:ba:2a:8d:56:7c:69:99:06:fe:cb:af:fc:7c:04:
38:5a:be:89:73:7d:f7:69:f4:a4:e4:ec:86:22:3b:3a:ca:e0:
21:59:6b:47:aa:c0:3d:d0:7f:68:1c:a9:f8:dd:06:a4:ba:29:
d0:dd:15:a3:2d:8a:3e:5c:8a:e7:e3:af:e0:ae:b2:78:a9:b8:
b6:79:91:aa:74:eb:89:b7:a5:ca:8e:39:60:45:2a:07:a9:e8:
da:4f:6c:5e:73:50:5c:bb:f3:da:70:f3:c7:17:64:b0:45:0a:
b8:86:83:3a:51:d7:cd:f8:4a:90:31:b8:55:df:0f:d1:ee:e4:
79:d0:21:32:ef:42:7f:01:44:10:10:6f:e6:cd:d7:4c:96:d6:
9f:c4:8d:0c:29:a9:01:50:48:b5:da:37:ae:85:4b:cc:3d:e0:
8b:cc:27:c9:c0:97:47:ca:1c:6d:a4:97:4f:1d:07:c6:10:b2:
33:6f:37:ca:c0:57:07:b7:1c:44:3c:6c:3b:dd:8d:95:9d:42:
cd:b0:8c:48:dc:1a:fa:51:4a:8b:fd:68:38:34:8f:f7:16:05:
27:75:2c:32:0f:9e:2d:49:8b:bb:6d:76:6e:0b:1a:2f:28:cd:
4f:7a:38:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3zkZEH3FwIpEr2tT2y30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg2M2Q4MjY5YTY1M2JlYjdlODVkMzA5NmE4MTJiZDhhNWViNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk2jtfKdU2ND25rdCNjp701HvsUS
WTlFehcyTmU+mgqBlKvZ2/+DFq9wydmEXIZRrsT8GBEShFcvv+fmd7HRzBnU8xL4
VA0QXV2O/DsGRCVhnoqAR3Q4ooC5chHbOzb+UgvXB9d16PRBOuFGEMEqNC1/JCYp
jJihVmU3AhQMd6PCqDLqcIXJouV6CTSZ8BR1D7ns2RCvinEc8v4lKhH1aA3jj89B
JI1JCJ5rUcz3YpeJ6muWXsyw80xwz/M/Gk2JMN7Cq0KjQb/0MCXfLZHxmcHTNfNP
1Apig10Sps4K7xAyJ7YyjA1D+vxz2rXKIINPWxWdmOUHz2w4zanJrF3d0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOaGPYJpplO+t+hdMJaoEr2KXrR0MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNW9ZOWdtbW1VNzYzNkYwd2xxZ1N2WXBldEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqDAwQA
TVqNMA0GCSqGSIb3DQEBCwUAA4IBAQCsBimvd8DL4Em7YnGQMNal4d+tplu3uiqN
VnxpmQb+y6/8fAQ4Wr6Jc333afSk5OyGIjs6yuAhWWtHqsA90H9oHKn43QakuinQ
3RWjLYo+XIrn46/grrJ4qbi2eZGqdOuJt6XKjjlgRSoHqejaT2xec1Bcu/PacPPH
F2SwRQq4hoM6UdfN+EqQMbhV3w/R7uR50CEy70J/AUQQEG/mzddMltafxI0MKakB
UEi12jeuhUvMPeCLzCfJwJdHyhxtpJdPHQfGELIzbzfKwFcHtxxEPGw73Y2VnULN
sIxI3Br6UUqL/Wg4NI/3FgUndSwyD54tSYu7bXZuCxovKM1Pejh9
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:36 2024 by rpki-client on console-ams.rpki-client.org