Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IJrDWUuTPU31DM_fesDrhSx7yZU.roa
File: IJrDWUuTPU31DM_fesDrhSx7yZU.roa (raw, json)
Hash identifier: 55nti/IFMeSI1gXL82Kr5vCiSlwF7O6I+gitigZsrIw=
Subject key identifier: 20:9A:C3:59:4B:93:3D:4D:F5:0C:CF:DF:7A:C0:EB:85:2C:7B:C9:95
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B67133DB6870DAB3BB82D8A785492A5EF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IJrDWUuTPU31DM_fesDrhSx7yZU.roa
Signing time: Wed 25 Oct 2023 13:43:16 +0000
ROA not before: Wed 25 Oct 2023 13:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.146.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:13:3d:b6:87:0d:ab:3b:b8:2d:8a:78:54:92:a5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 25 13:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=209ac3594b933d4df50ccfdf7ac0eb852c7bc995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:2b:8a:7e:36:17:60:c2:c8:12:27:85:af:
1f:c5:15:c6:b7:f0:67:f8:64:ee:3b:40:c2:e0:04:
ab:5b:61:76:a3:d4:c4:d5:2b:34:f9:47:09:87:d1:
11:f9:c8:c5:e2:c0:86:36:56:65:df:bd:79:34:c4:
e0:56:68:1e:1a:a1:35:50:58:b1:80:0c:24:a7:00:
36:ca:54:20:bc:03:7b:53:1d:6b:e0:b1:e8:79:f6:
2b:0a:87:ed:8d:de:46:62:6f:5a:1f:4f:b2:d8:55:
20:d5:1c:04:59:89:1a:92:6d:51:2c:02:66:06:ba:
46:ce:ef:1f:0b:d3:b6:0f:28:eb:76:98:c1:39:bb:
a4:cf:fb:a3:41:51:36:21:a7:1f:bf:6c:db:ed:55:
4a:84:67:95:34:88:67:53:5e:73:f0:61:f0:85:49:
5f:e9:3a:35:92:05:a3:78:7a:2e:27:42:20:b0:c3:
d7:c2:a5:f1:e9:b9:41:74:b9:ad:b1:e0:9a:3d:ad:
2c:c8:eb:72:3b:01:e1:05:ff:fe:91:64:08:8c:8c:
e5:e1:d1:09:47:82:a4:d9:03:71:e0:06:ac:a9:43:
b7:fa:6f:38:b9:4e:06:df:d4:2d:52:77:33:eb:8b:
b2:76:8d:fc:23:22:9e:c3:cb:a9:e8:7d:5f:f8:dd:
b9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9A:C3:59:4B:93:3D:4D:F5:0C:CF:DF:7A:C0:EB:85:2C:7B:C9:95
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IJrDWUuTPU31DM_fesDrhSx7yZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
213.209.146.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
09:e1:3e:c3:2f:34:d1:3b:ea:e9:a2:74:34:53:99:18:9a:7e:
f9:94:c6:ee:d6:38:49:d7:3b:31:59:f6:16:33:fb:34:ec:66:
ae:21:15:4f:b4:46:bf:5c:02:c9:d2:a8:d8:5f:90:18:33:c3:
10:76:43:ac:42:c7:8e:97:5e:aa:4c:6a:ff:e2:56:0d:96:9a:
0d:76:1f:9e:c7:c1:40:15:26:d7:7e:5c:98:0b:63:11:9b:bd:
14:7b:de:63:f3:93:88:b3:8d:3a:d9:1e:db:c3:af:15:ce:c0:
06:7a:6f:dd:08:bf:0e:29:89:02:08:99:c4:92:39:e6:88:a5:
df:8d:fa:c1:4c:ac:5d:59:e5:18:6c:59:5e:31:8b:c1:00:7d:
6f:5c:eb:45:72:c3:78:48:07:56:18:86:f4:20:61:14:42:f2:
16:f4:e6:e3:66:b6:95:77:29:0b:59:c8:35:22:06:54:d6:91:
8d:96:19:b2:8c:a6:91:0c:9e:d3:e8:bb:0f:99:a3:46:22:95:
6e:1d:c4:b1:2b:d9:e1:7c:d7:74:80:d4:ca:bb:93:12:20:99:
d9:79:a4:4e:8b:95:96:7e:8f:18:86:58:b4:b3:01:21:f2:14:
61:c5:e2:5d:ea:7b:62:17:cc:46:c2:4f:d6:e8:d2:01:10:0a:
14:25:9c:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtnEz22hw2rO7gtinhUkqXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI1MTM0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDlhYzM1OTRiOTMzZDRkZjUwY2NmZGY3YWMwZWI4NTJjN2JjOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9Qrin42F2DCyBInha8fxRXGt/Bn
+GTuO0DC4ASrW2F2o9TE1Ss0+UcJh9ER+cjF4sCGNlZl3715NMTgVmgeGqE1UFix
gAwkpwA2ylQgvAN7Ux1r4LHoefYrCoftjd5GYm9aH0+y2FUg1RwEWYkakm1RLAJm
BrpGzu8fC9O2DyjrdpjBObukz/ujQVE2Iacfv2zb7VVKhGeVNIhnU15z8GHwhUlf
6To1kgWjeHouJ0IgsMPXwqXx6blBdLmtseCaPa0syOtyOwHhBf/+kWQIjIzl4dEJ
R4Kk2QNx4AasqUO3+m84uU4G39QtUncz64uydo38IyKew8up6H1f+N251QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCCaw1lLkz1N9QzP33rA64Use8mVMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSUpyRFdVdVRQVTMxRE1fZmVzRHJoU3g3eVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqKAwQA
1dGSAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQAJ4T7DLzTRO+rponQ0U5kYmn75
lMbu1jhJ1zsxWfYWM/s07GauIRVPtEa/XALJ0qjYX5AYM8MQdkOsQseOl16qTGr/
4lYNlpoNdh+ex8FAFSbXflyYC2MRm70Ue95j85OIs4062R7bw68VzsAGem/dCL8O
KYkCCJnEkjnmiKXfjfrBTKxdWeUYbFleMYvBAH1vXOtFcsN4SAdWGIb0IGEUQvIW
9ObjZraVdykLWcg1IgZU1pGNlhmyjKaRDJ7T6LsPmaNGIpVuHcSxK9nhfNd0gNTK
u5MSIJnZeaROi5WWfo8Yhli0swEh8hRhxeJd6ntiF8xGwk/W6NIBEAoUJZzS
-----END CERTIFICATE-----
Generated at Fri Dec 15 16:15:26 2023 by rpki-client on console-fra.rpki-client.org