Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FWpMJSu6Q-7pd8p8w3k7U6hB3Qs.roa
File: FWpMJSu6Q-7pd8p8w3k7U6hB3Qs.roa (raw, json)
Hash identifier: DK6YrZDDjKkh+wGdb0AJWWfSg17RcjGQ+XGqTCykRgU=
Subject key identifier: 15:6A:4C:25:2B:BA:43:EE:E9:77:CA:7C:C3:79:3B:53:A8:41:DD:0B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D1DA33526AB7BA7A09679D5F0B13EF375
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FWpMJSu6Q-7pd8p8w3k7U6hB3Qs.roa
Signing time: Thu 18 Jan 2024 17:34:11 +0000
ROA not before: Thu 18 Jan 2024 17:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 17:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:a3:35:26:ab:7b:a7:a0:96:79:d5:f0:b1:3e:f3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 18 17:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=156a4c252bba43eee977ca7cc3793b53a841dd0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:b7:3f:ba:ef:f6:e0:ae:81:60:43:b2:46:
4c:27:46:8b:57:f1:1e:de:03:45:b0:2a:7d:c8:85:
37:f0:9b:62:a5:e6:2c:50:e2:ce:42:ab:a7:84:6f:
aa:32:dc:9b:16:4c:f8:8d:32:a5:7a:26:d2:58:18:
4f:c6:0d:e1:17:ce:4e:ea:02:ae:1a:6f:d7:d1:51:
9f:44:d3:b7:2e:7d:d0:03:df:dc:db:a4:7c:62:b7:
38:f1:6e:81:f0:a0:38:b7:5a:e6:92:b7:15:16:a1:
a8:24:41:bb:71:d4:47:25:72:ca:0d:5d:6e:4f:10:
32:78:00:c3:4f:d6:4b:71:75:5b:93:86:73:e4:19:
68:c4:c6:74:16:29:3c:72:b9:4b:15:0f:c6:f3:5a:
78:f2:5e:57:7c:f0:1b:5a:fe:fa:16:9e:0d:a9:e1:
4e:a6:a8:68:4e:6a:eb:b3:12:42:3b:1a:55:6e:b8:
0c:7d:cf:c5:8a:09:77:35:ec:c2:35:a1:ba:48:7a:
a5:73:3c:fa:cd:e7:c7:57:61:69:71:33:c5:e3:28:
ee:1e:ea:21:6f:ed:b5:c0:03:aa:29:f1:21:43:73:
41:ec:19:33:c1:cf:6b:e4:ff:06:9b:4a:c1:bb:5d:
3e:10:d6:6d:2f:1c:28:bf:34:59:02:6b:60:4a:93:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6A:4C:25:2B:BA:43:EE:E9:77:CA:7C:C3:79:3B:53:A8:41:DD:0B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FWpMJSu6Q-7pd8p8w3k7U6hB3Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.138.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:2d:9f:1e:31:61:2a:80:43:fd:b9:44:a5:38:11:73:9a:ce:
fc:a6:97:a1:be:dc:81:48:b0:1a:c2:ae:db:40:e4:a0:cb:f0:
8c:66:e5:1d:89:fb:98:06:2f:11:5e:35:9c:30:ac:fb:ba:7f:
9a:3a:65:59:55:f7:83:3a:e0:53:52:ce:75:27:41:50:f8:dc:
9c:ae:05:03:b4:30:48:f7:b2:dc:2a:e6:da:f4:34:8b:e3:73:
85:6b:9b:0c:78:40:67:e1:4f:3c:38:da:cd:d8:fb:0f:1e:39:
b1:dc:9d:88:d7:fe:6e:89:d8:2b:d5:37:ba:fe:74:3d:88:1f:
0f:a9:e9:49:4c:92:4d:c0:f5:79:0f:ec:c5:a0:ef:5d:e3:b3:
13:35:23:e4:76:47:fd:38:4d:01:e1:ce:fe:be:98:05:c7:56:
54:34:90:ac:54:4a:30:e7:1b:60:02:a5:02:a5:49:54:50:9a:
60:13:fd:89:69:1a:fe:92:d5:f1:89:03:e7:d9:85:a0:60:49:
ba:32:66:fb:03:60:23:68:01:e4:29:46:0b:ad:2d:ce:97:af:
4c:fc:b9:85:28:55:b5:bc:c6:a0:2d:60:49:d5:eb:bb:99:b1:
d5:31:31:f0:cd:ab:04:61:76:24:24:7d:bb:06:c7:cd:36:97:
a8:31:29:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0dozUmq3unoJZ51fCxPvN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTE4MTczNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZhNGMyNTJiYmE0M2VlZTk3N2NhN2NjMzc5M2I1M2E4NDFkZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2G3P7rv9uCugWBDskZMJ0aLV/Ee
3gNFsCp9yIU38JtipeYsUOLOQqunhG+qMtybFkz4jTKleibSWBhPxg3hF85O6gKu
Gm/X0VGfRNO3Ln3QA9/c26R8Yrc48W6B8KA4t1rmkrcVFqGoJEG7cdRHJXLKDV1u
TxAyeADDT9ZLcXVbk4Zz5BloxMZ0Fik8crlLFQ/G81p48l5XfPAbWv76Fp4NqeFO
pqhoTmrrsxJCOxpVbrgMfc/Figl3NezCNaG6SHqlczz6zefHV2FpcTPF4yjuHuoh
b+21wAOqKfEhQ3NB7Bkzwc9r5P8Gm0rBu10+ENZtLxwovzRZAmtgSpOwZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBVqTCUrukPu6XfKfMN5O1OoQd0LMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRldwTUpTdTZRLTdwZDhwOHczazdVNmhCM1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqHAwQA
TVqKAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQC4LZ8eMWEqgEP9uUSlOBFzms78
ppehvtyBSLAawq7bQOSgy/CMZuUdifuYBi8RXjWcMKz7un+aOmVZVfeDOuBTUs51
J0FQ+NycrgUDtDBI97LcKuba9DSL43OFa5sMeEBn4U88ONrN2PsPHjmx3J2I1/5u
idgr1Te6/nQ9iB8PqelJTJJNwPV5D+zFoO9d47MTNSPkdkf9OE0B4c7+vpgFx1ZU
NJCsVEow5xtgAqUCpUlUUJpgE/2JaRr+ktXxiQPn2YWgYEm6Mmb7A2AjaAHkKUYL
rS3Ol69M/LmFKFW1vMagLWBJ1eu7mbHVMTHwzasEYXYkJH27BsfNNpeoMSko
-----END CERTIFICATE-----
Generated at Wed Feb 14 21:15:55 2024 by rpki-client on console-ams.rpki-client.org