Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8t1gYM0bMjfgMZdgMhytco0x-QY.roa
File: 8t1gYM0bMjfgMZdgMhytco0x-QY.roa (raw, json)
Hash identifier: zoIceZ1cvNzBVoSxc+T99ytKv2KQBsKNhS6PJTiyOI4=
Subject key identifier: F2:DD:60:60:CD:1B:32:37:E0:31:97:60:32:1C:AD:72:8D:31:F9:06
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825BFA13253DD59DB198F6BF286BE8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8t1gYM0bMjfgMZdgMhytco0x-QY.roa
Signing time: Sun 01 Jan 2023 22:44:52 +0000
ROA not before: Sun 01 Jan 2023 22:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 19:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:5b:fa:13:25:3d:d5:9d:b1:98:f6:bf:28:6b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2dd6060cd1b3237e0319760321cad728d31f906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:c8:18:2c:4c:fc:6a:53:eb:5b:3d:17:e2:
a0:88:13:4e:a2:6c:6f:cc:06:cb:66:34:57:af:d7:
46:82:10:6b:95:e3:3a:6c:09:60:c7:88:14:7e:2f:
f7:86:31:8e:72:d8:e4:92:65:a6:d0:0b:e2:19:ac:
59:d2:95:d1:44:2e:6e:2f:48:e6:ac:02:63:72:9b:
62:72:16:ef:cb:9b:65:8b:b0:ab:bf:ce:fd:f9:f3:
ee:43:7e:ab:41:99:b8:5d:48:8e:f2:aa:e9:3c:a8:
42:f6:20:60:3d:32:2e:0b:f4:cd:25:3f:ff:dd:34:
ee:b9:09:b7:01:be:1d:1d:7d:3e:a4:3a:aa:42:44:
3a:92:8a:48:4a:7f:66:70:96:d6:5a:71:93:7f:37:
fb:a0:33:16:34:2b:c7:99:12:03:ec:37:90:3d:ca:
4b:b8:c5:d2:01:b4:1d:76:c5:74:b5:bb:c3:8f:20:
18:e8:ad:7e:4d:b6:ac:ef:be:3f:b3:85:5b:c6:c1:
85:73:57:f7:00:17:d9:05:11:04:e1:b2:86:ed:64:
21:c8:b4:51:c1:07:44:e1:1f:30:74:22:eb:27:ff:
03:ab:17:69:ef:a5:45:60:87:4a:21:1e:20:0d:49:
39:09:e0:bc:33:e3:7f:d9:e0:f3:63:4e:fd:e1:4d:
d1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DD:60:60:CD:1B:32:37:E0:31:97:60:32:1C:AD:72:8D:31:F9:06
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8t1gYM0bMjfgMZdgMhytco0x-QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0/24
77.90.177.0/24
77.90.183.0/24
77.90.186.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4a:6e:39:ae:9f:00:58:5a:89:49:1b:85:42:a9:a4:23:65:
54:c1:d6:b9:bf:d7:12:7a:b8:c4:b6:8f:00:c7:d4:a7:89:75:
c4:54:eb:c2:14:d9:4c:6d:bc:7d:30:83:cf:71:2c:b9:4d:91:
90:23:cb:99:d1:37:d9:ac:2a:9c:f2:ba:bc:39:69:cb:7b:ae:
e1:0b:53:ef:4a:6a:29:00:5d:a6:12:10:c8:15:ce:ca:8e:0c:
a9:af:63:01:a6:e8:1d:86:ff:58:df:2e:74:53:f8:19:67:e6:
09:63:a8:5f:1a:9e:37:22:9c:9b:62:26:3e:b8:23:60:c9:f7:
ea:99:d8:f6:b1:61:7a:32:bd:bc:b9:38:bf:f8:45:a2:c2:02:
78:ac:a2:3d:fe:e4:5b:bb:75:46:ab:9b:9b:5a:e6:39:c5:0a:
6a:0d:3b:ee:17:4f:d2:3d:c6:a5:0e:12:aa:4a:c3:05:b2:0c:
9f:b8:bd:0e:97:d1:24:f3:45:a6:49:c1:72:de:1e:6c:67:4f:
b1:db:f7:ea:a0:77:ad:b7:cb:b6:28:50:65:36:a9:90:28:7b:
f0:50:2c:c9:8b:cd:11:32:2e:16:2a:57:2a:2a:f5:d1:e1:5c:
c1:50:31:af:17:b6:28:96:43:4e:ac:0f:d1:8b:62:3e:79:c1:
fb:fc:bf:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvglv6EyU91Z2xmPa/KGvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRkNjA2MGNkMWIzMjM3ZTAzMTk3NjAzMjFjYWQ3MjhkMzFmOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr/IGCxM/GpT61s9F+KgiBNOomxv
zAbLZjRXr9dGghBrleM6bAlgx4gUfi/3hjGOctjkkmWm0AviGaxZ0pXRRC5uL0jm
rAJjcptichbvy5tli7Crv879+fPuQ36rQZm4XUiO8qrpPKhC9iBgPTIuC/TNJT//
3TTuuQm3Ab4dHX0+pDqqQkQ6kopISn9mcJbWWnGTfzf7oDMWNCvHmRID7DeQPcpL
uMXSAbQddsV0tbvDjyAY6K1+Tbas774/s4VbxsGFc1f3ABfZBREE4bKG7WQhyLRR
wQdE4R8wdCLrJ/8Dqxdp76VFYIdKIR4gDUk5CeC8M+N/2eDzY0794U3RZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPLdYGDNGzI34DGXYDIcrXKNMfkGMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOHQxZ1lNMGJNamZnTVpkZ01oeXRjbzB4LVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqfAwQA
TVqxAwQATVq3AwQATVq6AwQA1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQBeSm45rp8A
WFqJSRuFQqmkI2VUwda5v9cSerjEto8Ax9SniXXEVOvCFNlMbbx9MIPPcSy5TZGQ
I8uZ0TfZrCqc8rq8OWnLe67hC1PvSmopAF2mEhDIFc7Kjgypr2MBpugdhv9Y3y50
U/gZZ+YJY6hfGp43IpybYiY+uCNgyffqmdj2sWF6Mr28uTi/+EWiwgJ4rKI9/uRb
u3VGq5ubWuY5xQpqDTvuF0/SPcalDhKqSsMFsgyfuL0Ol9Ek80WmScFy3h5sZ0+x
2/fqoHett8u2KFBlNqmQKHvwUCzJi80RMi4WKlcqKvXR4VzBUDGvF7YolkNOrA/R
i2I+ecH7/L/O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org