Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6nGve-DDOuFeGG5YlCsiNo0DOxM.roa
File: 6nGve-DDOuFeGG5YlCsiNo0DOxM.roa (raw, json)
Hash identifier: uc05+E8le7NrVSFU7JkdWWfs0l5Dwc3ep7RpdU0FxPc=
Subject key identifier: EA:71:AF:7B:E0:C3:3A:E1:5E:18:6E:58:94:2B:22:36:8D:03:3B:13
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01914D18D8E566278232EC1407E5C72D4067
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6nGve-DDOuFeGG5YlCsiNo0DOxM.roa
Signing time: Tue 13 Aug 2024 18:55:59 +0000
ROA not before: Tue 13 Aug 2024 18:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 11:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:18:d8:e5:66:27:82:32:ec:14:07:e5:c7:2d:40:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 13 18:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea71af7be0c33ae15e186e58942b22368d033b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:88:7c:44:2e:a7:c6:0a:bd:ed:25:c1:77:
d9:f1:00:49:83:c6:13:12:cf:b4:83:0e:c4:ec:42:
52:e4:d5:26:ce:ce:b1:ce:26:8c:0f:6a:d1:39:90:
ad:30:5c:9c:fa:fd:2c:35:50:b0:dd:71:05:41:14:
7f:e7:17:3a:fd:75:e8:04:22:59:18:0d:04:80:13:
94:a7:49:01:82:56:da:61:81:f6:7b:a4:e3:90:81:
d8:13:6a:e5:07:d2:e7:d6:84:43:3d:a9:e6:d4:ed:
03:61:cb:02:d4:7e:5e:81:e3:53:e7:1e:f1:6d:af:
cd:ef:f8:12:dd:bb:d6:24:65:7f:f2:49:21:80:95:
64:d9:da:2f:40:33:01:34:2c:91:05:1c:22:2b:ac:
29:a8:8d:9f:e1:fc:b2:a2:92:94:6d:e1:13:31:30:
a4:a7:93:61:d9:41:3c:e5:60:bc:69:04:78:92:92:
69:b7:62:be:0f:d8:c7:b1:8a:22:4c:47:0b:d1:ce:
a5:73:74:83:29:34:11:2d:3a:92:df:c7:f6:4c:28:
db:1a:0e:88:a8:31:a2:f7:83:7a:aa:62:09:48:5d:
2d:4c:43:12:31:ba:bb:97:70:e1:c6:57:79:d8:19:
0d:f9:79:46:d0:dd:ee:36:5f:b2:1f:65:30:ef:d9:
0f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:71:AF:7B:E0:C3:3A:E1:5E:18:6E:58:94:2B:22:36:8D:03:3B:13
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6nGve-DDOuFeGG5YlCsiNo0DOxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f1:48:60:67:32:7a:35:94:8d:79:b4:66:db:9e:a4:98:1e:
55:ed:35:02:b4:a6:fb:f6:e1:6f:a6:34:cb:cd:5c:53:e9:e8:
3b:4c:09:b6:7b:01:bb:ae:07:4a:cf:40:55:09:c9:08:37:0e:
0a:d5:2d:4d:d3:ac:90:77:77:f8:52:b8:9a:a3:6a:cb:ce:9a:
30:28:27:81:98:8d:79:f8:3e:9d:da:b0:ea:22:9c:2f:b2:3b:
38:b9:e7:3d:aa:27:e8:b8:0d:e7:66:13:e7:9d:6b:91:68:eb:
0c:83:e3:25:09:b5:e4:02:75:e1:eb:c7:d3:9b:da:fe:42:96:
ec:b7:12:b5:4d:17:3b:98:5f:3c:46:09:e6:b5:ea:d3:65:f5:
f7:9d:02:14:3f:66:e2:97:dc:ee:f6:49:4f:20:11:c9:6b:6a:
95:9b:5f:c9:6f:53:be:31:9b:52:6d:c1:25:a5:09:e1:5e:5a:
c0:41:88:d0:af:a1:59:8f:2d:c8:1c:6c:e3:a3:74:2d:3f:a7:
43:9d:52:48:88:03:32:24:1d:9d:86:b4:98:29:79:df:e5:1f:
15:1e:0a:67:35:bc:a5:b3:b0:7b:4c:21:9c:08:9e:68:42:0f:
f6:1e:a3:e0:4c:ad:6f:13:ca:15:b0:1f:48:6d:37:3d:67:46:
60:4f:21:42
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFNGNjlZieCMuwUB+XHLUBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODEzMTg1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTcxYWY3YmUwYzMzYWUxNWUxODZlNTg5NDJiMjIzNjhkMDMzYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLOIfEQup8YKve0lwXfZ8QBJg8YT
Es+0gw7E7EJS5NUmzs6xziaMD2rROZCtMFyc+v0sNVCw3XEFQRR/5xc6/XXoBCJZ
GA0EgBOUp0kBglbaYYH2e6TjkIHYE2rlB9Ln1oRDPanm1O0DYcsC1H5egeNT5x7x
ba/N7/gS3bvWJGV/8kkhgJVk2dovQDMBNCyRBRwiK6wpqI2f4fyyopKUbeETMTCk
p5Nh2UE85WC8aQR4kpJpt2K+D9jHsYoiTEcL0c6lc3SDKTQRLTqS38f2TCjbGg6I
qDGi94N6qmIJSF0tTEMSMbq7l3Dhxld52BkN+XlG0N3uNl+yH2Uw79kPAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOpxr3vgwzrhXhhuWJQrIjaNAzsTMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNm5HdmUtRERPdUZlR0c1WWxDc2lObzBET3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqHAwQA
TVqRAwQATVq8AwQAueYPAwQA1dGPMA0GCSqGSIb3DQEBCwUAA4IBAQAK8UhgZzJ6
NZSNebRm256kmB5V7TUCtKb79uFvpjTLzVxT6eg7TAm2ewG7rgdKz0BVCckINw4K
1S1N06yQd3f4Uriao2rLzpowKCeBmI15+D6d2rDqIpwvsjs4uec9qifouA3nZhPn
nWuRaOsMg+MlCbXkAnXh68fTm9r+QpbstxK1TRc7mF88RgnmterTZfX3nQIUP2bi
l9zu9klPIBHJa2qVm1/Jb1O+MZtSbcElpQnhXlrAQYjQr6FZjy3IHGzjo3QtP6dD
nVJIiAMyJB2dhrSYKXnf5R8VHgpnNbyls7B7TCGcCJ5oQg/2HqPgTK1vE8oVsB9I
bTc9Z0ZgTyFC
-----END CERTIFICATE-----
Generated at Tue Sep 3 14:51:06 2024 by rpki-client on console-ams.rpki-client.org