Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HScAnc7CcU6mCRtmzZhmXpl5_oc.roa
File: HScAnc7CcU6mCRtmzZhmXpl5_oc.roa (raw, json)
Hash identifier: 71QT3GROg0FJnIHYqlNyzv4OwJTVt12PWpVxf5wMZ4s=
Subject key identifier: 1D:27:00:9D:CE:C2:71:4E:A6:09:1B:66:CD:98:66:5E:99:79:FE:87
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019263BD15026E87EB276C992EA1BA804A00
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HScAnc7CcU6mCRtmzZhmXpl5_oc.roa
Signing time: Sun 06 Oct 2024 21:29:48 +0000
ROA not before: Sun 06 Oct 2024 21:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:24:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:63:bd:15:02:6e:87:eb:27:6c:99:2e:a1:ba:80:4a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 6 21:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d27009dcec2714ea6091b66cd98665e9979fe87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:4e:c2:81:cf:d2:49:7b:44:be:3c:2d:d1:
10:0b:dd:73:34:0e:f1:43:07:b2:2b:c3:e3:1d:75:
99:76:20:c6:38:20:36:a2:f6:3f:66:86:dd:61:c1:
be:db:fe:e5:d7:86:5d:77:b3:9d:0b:d8:33:61:9d:
4a:c8:fc:be:8b:10:ce:60:7c:7e:5b:dd:c8:5a:e4:
63:7a:f8:d7:42:16:c2:53:11:2f:56:9f:bb:49:9d:
69:d2:5c:2c:c8:5e:b6:71:d2:e5:4c:cc:f6:00:c4:
bf:b1:6f:17:89:e3:bd:78:d6:91:a3:e8:ea:b1:55:
48:ff:a4:04:77:45:04:5c:e9:ec:1b:24:21:f5:18:
ad:31:cf:1b:ff:6d:5c:9b:f0:d2:17:a9:b0:77:94:
f8:67:1a:d5:0c:1f:0a:7c:be:c6:2f:95:00:80:8b:
ec:85:43:5f:95:e2:19:82:ad:e8:6f:e6:cf:dd:48:
7e:94:53:2d:f0:a0:07:0d:69:e7:07:16:62:5e:ca:
b0:a8:e0:68:30:92:5f:02:f0:20:67:d2:1e:fd:c0:
f5:b9:f2:9b:1f:80:88:a6:60:dc:d2:ca:37:7e:66:
b6:a0:cf:59:5f:3b:a7:40:00:73:f3:ba:d2:c9:2b:
af:f0:6a:2f:fc:3f:a8:17:d6:d0:86:74:2c:ef:a5:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:27:00:9D:CE:C2:71:4E:A6:09:1B:66:CD:98:66:5E:99:79:FE:87
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HScAnc7CcU6mCRtmzZhmXpl5_oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
60:04:eb:be:5e:da:2e:2b:c2:3d:c9:2e:66:d6:f2:9c:f4:58:
e6:af:92:cd:28:17:b7:b2:17:1f:00:79:89:66:c1:d6:30:9a:
0a:7c:29:af:ee:58:51:1f:04:50:d9:12:b6:db:67:f9:67:4d:
d0:6a:17:52:83:c7:b8:f7:25:ab:c1:6a:f2:29:07:4e:f3:b4:
d8:8c:d1:79:95:2a:19:6d:0c:a3:a7:22:79:2e:21:d1:bd:4c:
65:03:57:d7:0e:4f:db:c8:c0:65:c5:6c:b2:5a:2b:63:7e:36:
6f:15:bb:9b:a5:46:9f:03:ef:ee:2e:4b:7b:c4:af:88:00:73:
f3:66:ad:43:40:cb:2c:e8:9f:ba:ea:7b:46:69:e0:b8:15:5d:
8f:d5:7a:1b:b2:48:b8:ec:85:66:40:b5:34:4c:36:e0:ee:7e:
41:37:2e:bc:d7:3f:a3:c6:fd:de:dc:da:ed:7d:ea:9e:a6:bf:
5a:91:35:12:3e:65:22:3c:bc:cc:18:e8:36:9b:8d:ce:36:0f:
a2:6b:7c:41:d0:2f:cc:47:7d:0e:f9:0f:f2:db:51:db:16:44:
3e:50:ba:f1:e4:89:54:57:80:ec:28:20:db:c4:3e:47:77:9f:
10:41:ef:f7:45:9c:1c:3e:f9:82:66:e5:5f:4c:52:d5:11:cf:
87:6c:7e:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJjvRUCbofrJ2yZLqG6gEoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDA2MjEyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI3MDA5ZGNlYzI3MTRlYTYwOTFiNjZjZDk4NjY1ZTk5NzlmZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0FOwoHP0kl7RL48LdEQC91zNA7x
QweyK8PjHXWZdiDGOCA2ovY/ZobdYcG+2/7l14Zdd7OdC9gzYZ1KyPy+ixDOYHx+
W93IWuRjevjXQhbCUxEvVp+7SZ1p0lwsyF62cdLlTMz2AMS/sW8XieO9eNaRo+jq
sVVI/6QEd0UEXOnsGyQh9RitMc8b/21cm/DSF6mwd5T4ZxrVDB8KfL7GL5UAgIvs
hUNfleIZgq3ob+bP3Uh+lFMt8KAHDWnnBxZiXsqwqOBoMJJfAvAgZ9Ie/cD1ufKb
H4CIpmDc0so3fma2oM9ZXzunQABz87rSySuv8Gov/D+oF9bQhnQs76UjKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB0nAJ3OwnFOpgkbZs2YZl6Zef6HMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSFNjQW5jN0NjVTZtQ1J0bXpaaG1YcGw1X29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqRAwQA
TVq8AwQAueYPAwQA1dGPMA0GCSqGSIb3DQEBCwUAA4IBAQBgBOu+XtouK8I9yS5m
1vKc9Fjmr5LNKBe3shcfAHmJZsHWMJoKfCmv7lhRHwRQ2RK222f5Z03QahdSg8e4
9yWrwWryKQdO87TYjNF5lSoZbQyjpyJ5LiHRvUxlA1fXDk/byMBlxWyyWitjfjZv
FbubpUafA+/uLkt7xK+IAHPzZq1DQMss6J+66ntGaeC4FV2P1Xobski47IVmQLU0
TDbg7n5BNy681z+jxv3e3Nrtfeqepr9akTUSPmUiPLzMGOg2m43ONg+ia3xB0C/M
R30O+Q/y21HbFkQ+ULrx5IlUV4DsKCDbxD5Hd58QQe/3RZwcPvmCZuVfTFLVEc+H
bH69
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:32:52 2024 by rpki-client on console-fra.rpki-client.org