Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6yuaUOUo75jMP21E8IkyrGpn5dE.roa
File: 6yuaUOUo75jMP21E8IkyrGpn5dE.roa (raw, json)
Hash identifier: 6JTWgblp6rT86CUkhn4s+EvY2lYLu/pw9xgsCoEqH0c=
Subject key identifier: EB:2B:9A:50:E5:28:EF:98:CC:3F:6D:44:F0:89:32:AC:6A:67:E5:D1
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0192D3197C92F4287AFA74CA1504AA2205C6
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6yuaUOUo75jMP21E8IkyrGpn5dE.roa
Signing time: Mon 28 Oct 2024 12:28:35 +0000
ROA not before: Mon 28 Oct 2024 12:28:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 16:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:19:7c:92:f4:28:7a:fa:74:ca:15:04:aa:22:05:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 28 12:28:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb2b9a50e528ef98cc3f6d44f08932ac6a67e5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f2:5a:7d:b1:c6:87:71:3e:8f:5e:07:05:e0:
79:44:2a:3e:27:a3:32:e3:cd:1e:8d:33:2d:62:62:
8d:a2:13:12:e2:df:89:7d:c4:6c:df:c6:c9:09:77:
15:03:8e:cb:f5:87:a6:d3:1a:c3:d9:f5:03:1a:82:
75:32:44:31:56:a5:0c:2e:52:98:c1:f2:45:e0:20:
9f:95:84:64:cc:a3:1b:14:fe:13:2a:1e:2e:e8:23:
65:44:40:a1:bd:82:c4:76:27:55:90:b7:e0:b9:ed:
b1:68:21:1d:3c:c7:fc:36:a8:ee:04:6b:9b:8e:8a:
8a:1f:e1:97:0a:e2:4a:63:02:eb:14:ca:c8:ad:28:
51:f7:9c:29:66:dc:8f:ba:78:f4:e8:76:30:19:a6:
cb:40:d8:07:0a:21:61:bc:82:29:20:0f:d9:98:50:
94:10:70:9a:fe:58:8d:c3:60:a3:2f:61:66:ea:f9:
34:8e:0c:56:98:5f:70:4f:ad:e5:2c:b1:01:0a:e2:
22:6c:41:b3:94:06:7b:8e:f1:64:f3:fa:d8:fd:e8:
b7:05:18:75:54:ab:dd:42:3b:1b:ef:d4:4e:6e:4a:
71:7c:d0:8b:c8:e7:f0:7c:3d:4a:3b:97:ce:29:5b:
70:7f:1f:e9:e0:6e:80:1a:ba:98:2b:15:57:af:4b:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2B:9A:50:E5:28:EF:98:CC:3F:6D:44:F0:89:32:AC:6A:67:E5:D1
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/6yuaUOUo75jMP21E8IkyrGpn5dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.164.0/24
213.209.150.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f4:af:58:43:60:66:0d:23:6e:0d:82:45:9b:d2:5f:09:cb:
49:4b:3f:d8:9e:61:99:12:b8:7d:77:b5:76:82:73:e0:cd:c3:
cb:de:cd:9d:f6:a0:fe:14:e0:95:09:59:20:41:f3:62:aa:a4:
eb:a3:5b:07:46:c2:57:fa:6f:5a:2f:31:05:a3:76:61:86:2a:
a8:cd:b2:14:90:32:e5:bf:89:c9:67:23:6d:78:f8:9d:16:57:
06:dd:36:c1:b8:80:87:d3:de:2f:57:69:80:4e:e7:87:75:aa:
9d:24:6b:2f:71:6b:71:93:2e:d4:28:23:22:f8:47:43:5c:af:
e7:18:43:d2:ae:2b:c5:fc:e5:13:9b:b1:94:d3:59:79:6a:7b:
20:c3:51:60:af:ea:fe:30:da:e3:44:47:69:9a:26:a6:df:2c:
14:5d:6f:36:7c:6f:8a:42:14:dc:af:fc:39:ef:22:14:33:d1:
0b:42:59:b2:8e:96:ac:b8:bb:d4:16:d3:e7:76:d1:ee:de:5a:
57:f1:c4:a5:f1:6d:93:d0:ae:f6:06:8a:6c:33:e9:ae:1a:db:
12:3e:77:9e:34:0a:75:8a:56:20:76:70:89:d0:e6:40:71:04:
04:9f:e3:05:b0:8d:97:e5:bb:8e:30:8e:92:b6:20:1e:4d:9b:
e4:37:06:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLTGXyS9Ch6+nTKFQSqIgXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDI4MTIyODM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJiOWE1MGU1MjhlZjk4Y2MzZjZkNDRmMDg5MzJhYzZhNjdlNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPJafbHGh3E+j14HBeB5RCo+J6My
480ejTMtYmKNohMS4t+JfcRs38bJCXcVA47L9Yem0xrD2fUDGoJ1MkQxVqUMLlKY
wfJF4CCflYRkzKMbFP4TKh4u6CNlREChvYLEdidVkLfgue2xaCEdPMf8NqjuBGub
joqKH+GXCuJKYwLrFMrIrShR95wpZtyPunj06HYwGabLQNgHCiFhvIIpIA/ZmFCU
EHCa/liNw2CjL2Fm6vk0jgxWmF9wT63lLLEBCuIibEGzlAZ7jvFk8/rY/ei3BRh1
VKvdQjsb79RObkpxfNCLyOfwfD1KO5fOKVtwfx/p4G6AGrqYKxVXr0sBZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOsrmlDlKO+YzD9tRPCJMqxqZ+XRMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNnl1YVVPVW83NWpNUDIxRThJa3lyR3BuNWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqZAwQA
TVqkAwQA1dGWMA0GCSqGSIb3DQEBCwUAA4IBAQAc9K9YQ2BmDSNuDYJFm9JfCctJ
Sz/YnmGZErh9d7V2gnPgzcPL3s2d9qD+FOCVCVkgQfNiqqTro1sHRsJX+m9aLzEF
o3ZhhiqozbIUkDLlv4nJZyNtePidFlcG3TbBuICH094vV2mATueHdaqdJGsvcWtx
ky7UKCMi+EdDXK/nGEPSrivF/OUTm7GU01l5ansgw1Fgr+r+MNrjREdpmiam3ywU
XW82fG+KQhTcr/w57yIUM9ELQlmyjpasuLvUFtPndtHu3lpX8cSl8W2T0K72Bops
M+muGtsSPneeNAp1ilYgdnCJ0OZAcQQEn+MFsI2X5buOMI6StiAeTZvkNwYo
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:21 2024 by rpki-client on console-fra.rpki-client.org