Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KhQAAMg_9UEroJuJU7LaGy4mhbU.roa
File: KhQAAMg_9UEroJuJU7LaGy4mhbU.roa (raw, json)
Hash identifier: +8VOjSCpIxMxMg3p2olEjOnr2HvyjqvzPaC/goYCV9U=
Subject key identifier: 2A:14:00:00:C8:3F:F5:41:2B:A0:9B:89:53:B2:DA:1B:2E:26:85:B5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF37A1A8032831B0084454D7561C95
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KhQAAMg_9UEroJuJU7LaGy4mhbU.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 77.90.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 17:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:37:a1:a8:03:28:31:b0:08:44:54:d7:56:1c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a140000c83ff5412ba09b8953b2da1b2e2685b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:65:39:66:a9:5a:62:fd:09:54:2d:88:12:0d:
fe:d8:34:a0:23:78:c0:ee:9a:1e:a8:2a:a3:69:2b:
05:1a:e3:73:15:a4:31:0e:e8:cd:eb:63:dd:1d:e9:
f2:11:4f:68:0c:5d:56:df:0d:73:8b:ab:f9:3f:14:
7c:78:95:c4:a5:02:4c:9d:c1:68:0a:3e:87:f5:7a:
73:b9:75:26:21:5a:9e:44:33:7d:ef:6a:de:a3:f6:
c7:5c:3b:84:75:28:a0:f6:f2:68:a4:7c:a2:e4:a7:
3e:29:e4:ca:64:53:a6:3f:4f:87:49:20:30:69:74:
df:97:9d:59:60:2a:46:82:69:66:93:f7:7e:bd:3a:
7a:9f:04:11:9f:f7:36:91:91:bd:2f:8c:99:d4:64:
bc:88:55:fd:47:7c:ab:91:3d:65:5a:7e:76:6c:6e:
40:95:9e:65:2a:cf:2d:2a:54:d4:54:cc:4a:af:bb:
64:08:24:fb:4f:60:84:5e:cb:73:ed:4d:68:2d:5b:
13:4b:e2:69:b1:78:90:09:3d:4f:9c:90:97:00:b0:
c8:2b:8c:d0:4f:cc:67:59:df:4a:5c:1a:4f:6f:ac:
6b:c1:77:11:39:db:78:be:d3:e1:c0:31:bf:c9:d7:
dc:f6:74:5b:92:ad:f2:8b:f2:36:67:a6:07:2b:c8:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:00:00:C8:3F:F5:41:2B:A0:9B:89:53:B2:DA:1B:2E:26:85:B5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KhQAAMg_9UEroJuJU7LaGy4mhbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.139.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b0:54:b0:59:01:6e:60:c6:a5:94:e7:31:8c:ce:6f:a5:6f:
c8:00:61:27:e1:ec:9c:c1:0f:bc:ff:01:be:99:a6:20:95:03:
23:38:81:40:28:94:91:8e:3a:e5:00:ec:e5:9f:b2:2a:0c:38:
f8:9e:7a:70:1f:a8:d4:4e:95:16:4d:68:5e:4c:64:29:16:cd:
6f:33:71:8d:92:3b:aa:a3:e4:4d:65:29:42:5c:96:16:a0:98:
d0:d6:c4:49:0c:7a:4b:bd:18:67:0a:bb:7b:c6:40:34:3a:67:
62:50:68:dd:b4:8f:43:46:ed:ac:46:50:be:84:73:7c:d0:bb:
ec:b8:98:e1:08:7e:42:43:65:50:70:85:c1:02:43:ff:ee:74:
dc:e0:33:84:43:0e:e3:7c:97:9c:b8:71:9d:f3:52:e7:2c:c0:
2e:cd:17:f0:28:b4:c8:dd:2f:da:da:8b:06:b0:18:74:08:ce:
5a:e5:0a:6a:ad:8e:b6:02:55:4d:d0:02:14:87:c2:66:97:32:
59:01:1b:c9:f5:bc:07:05:9b:1a:1b:ff:57:59:23:61:98:93:
55:ef:c7:0e:10:c6:27:68:7b:e2:7d:6e:65:46:5b:14:10:b3:
ab:81:9c:ef:bc:64:c7:94:58:e1:93:09:65:5c:37:5e:57:94:
7e:35:d1:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zehqAMoMbAIRFTXVhyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0MDAwMGM4M2ZmNTQxMmJhMDliODk1M2IyZGExYjJlMjY4NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGU5ZqlaYv0JVC2IEg3+2DSgI3jA
7poeqCqjaSsFGuNzFaQxDujN62PdHenyEU9oDF1W3w1zi6v5PxR8eJXEpQJMncFo
Cj6H9XpzuXUmIVqeRDN972reo/bHXDuEdSig9vJopHyi5Kc+KeTKZFOmP0+HSSAw
aXTfl51ZYCpGgmlmk/d+vTp6nwQRn/c2kZG9L4yZ1GS8iFX9R3yrkT1lWn52bG5A
lZ5lKs8tKlTUVMxKr7tkCCT7T2CEXstz7U1oLVsTS+JpsXiQCT1PnJCXALDIK4zQ
T8xnWd9KXBpPb6xrwXcROdt4vtPhwDG/ydfc9nRbkq3yi/I2Z6YHK8gIqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoUAADIP/VBK6CbiVOy2hsuJoW1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS2hRQUFNZ185VUVyb0p1SlU3TGFHeTRtaGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqLMA0G
CSqGSIb3DQEBCwUAA4IBAQANsFSwWQFuYMallOcxjM5vpW/IAGEn4eycwQ+8/wG+
maYglQMjOIFAKJSRjjrlAOzln7IqDDj4nnpwH6jUTpUWTWheTGQpFs1vM3GNkjuq
o+RNZSlCXJYWoJjQ1sRJDHpLvRhnCrt7xkA0OmdiUGjdtI9DRu2sRlC+hHN80Lvs
uJjhCH5CQ2VQcIXBAkP/7nTc4DOEQw7jfJecuHGd81LnLMAuzRfwKLTI3S/a2osG
sBh0CM5a5QpqrY62AlVN0AIUh8JmlzJZARvJ9bwHBZsaG/9XWSNhmJNV78cOEMYn
aHvifW5lRlsUELOrgZzvvGTHlFjhkwllXDdeV5R+NdGh
-----END CERTIFICATE-----
Generated at Thu Aug 1 19:34:20 2024 by rpki-client on console-fra.rpki-client.org