Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kjwhrm0lD9aL-xYg7N_cUnC4lZE.roa
File: Kjwhrm0lD9aL-xYg7N_cUnC4lZE.roa (raw, json)
Hash identifier: D7mpf67kR5IGSrfgS+VH4QqSQYYcBLmLkLfek8DmyuE=
Subject key identifier: 2A:3C:21:AE:6D:25:0F:D6:8B:FB:16:20:EC:DF:DC:52:70:B8:95:91
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019460E079F9A85EBACDD30654236248EF85
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kjwhrm0lD9aL-xYg7N_cUnC4lZE.roa
Signing time: Mon 13 Jan 2025 18:15:11 +0000
ROA not before: Mon 13 Jan 2025 18:15:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 17:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:e0:79:f9:a8:5e:ba:cd:d3:06:54:23:62:48:ef:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 13 18:15:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a3c21ae6d250fd68bfb1620ecdfdc5270b89591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:87:58:ec:10:e1:73:a6:58:f9:4c:cb:bc:
3a:75:02:05:22:c8:58:36:72:a4:57:12:20:e0:44:
5b:bf:31:db:32:d1:a7:7d:94:9e:cc:53:b1:bc:3e:
0d:f2:ef:7f:9a:9e:b3:ea:de:f0:53:2c:78:90:f1:
50:03:ad:cb:07:4e:f3:7f:9e:4d:97:77:12:9f:b9:
f6:bd:39:08:10:32:2e:29:fd:65:44:ce:66:65:1f:
93:b5:00:82:df:4e:bd:e8:56:08:ab:34:d2:48:d0:
e5:a5:5b:a0:b7:82:ad:c7:84:fa:c5:c9:43:02:8c:
13:07:bf:f8:4b:25:90:bf:01:79:87:6d:36:81:a4:
c3:53:01:dc:a6:15:43:1b:25:c6:4e:2c:f2:98:8f:
4f:0d:cf:df:f3:76:75:44:f0:c0:49:0b:c4:ac:48:
aa:c2:15:43:30:ec:66:a3:d8:fb:f6:f5:94:92:87:
14:1f:6c:58:be:30:8f:71:d6:52:20:14:47:00:86:
b1:c8:60:a3:54:e4:1b:8b:a4:5a:27:9e:c3:d3:80:
f3:b8:ce:cf:1c:64:ee:f0:a3:c5:e8:39:5d:69:31:
db:97:be:64:97:e4:85:fe:d0:7b:8a:a2:fe:11:e3:
63:89:97:a0:dd:16:5d:29:14:fd:00:98:62:e1:2d:
aa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3C:21:AE:6D:25:0F:D6:8B:FB:16:20:EC:DF:DC:52:70:B8:95:91
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kjwhrm0lD9aL-xYg7N_cUnC4lZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.164.0/24
213.209.129.0/24
213.209.143.0/24
213.209.150.0/24
Signature Algorithm: sha256WithRSAEncryption
08:81:82:7d:80:68:39:c2:e2:2a:64:54:1f:9d:50:d4:ed:72:
68:d8:2c:5f:0e:a4:da:14:31:90:c6:54:75:9b:93:9a:32:66:
ae:15:54:2a:bc:a3:5e:f7:7d:98:0c:7d:e7:02:63:12:4c:18:
e7:44:60:63:bd:21:c3:d3:58:1f:c0:7c:42:9d:04:39:56:7d:
a3:54:b2:ef:cd:09:63:80:3c:7a:0c:85:3d:c6:02:8e:92:ad:
66:d8:8b:da:e3:26:ff:6a:de:7f:8b:bd:23:db:40:ee:cb:8e:
76:f1:88:23:6c:e9:8d:b1:a8:62:0d:49:24:90:dc:2c:db:e3:
33:4f:92:a8:70:83:c4:58:f1:ae:a7:9f:7e:dc:41:12:fc:47:
7d:77:ed:54:20:ce:83:7f:5d:2a:84:0e:fa:74:30:a1:dc:5a:
01:41:c0:c2:79:71:63:60:57:51:25:ae:74:44:c6:e5:68:6c:
1c:09:ef:3d:05:0f:99:e9:79:8c:09:ea:8d:3a:ed:85:be:2a:
f5:cd:21:9d:b2:3e:f3:02:26:36:d4:b1:c8:69:6a:a5:2a:0c:
c1:ef:cb:c2:67:68:3c:32:35:ad:2a:6a:c3:7c:f2:e3:bd:6f:
96:38:02:4d:30:28:27:c3:be:13:75:64:f9:05:50:d1:9d:84:
2b:49:98:c6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRg4Hn5qF66zdMGVCNiSO+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTEzMTgxNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNjMjFhZTZkMjUwZmQ2OGJmYjE2MjBlY2RmZGM1MjcwYjg5NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH2HWOwQ4XOmWPlMy7w6dQIFIshY
NnKkVxIg4ERbvzHbMtGnfZSezFOxvD4N8u9/mp6z6t7wUyx4kPFQA63LB07zf55N
l3cSn7n2vTkIEDIuKf1lRM5mZR+TtQCC30696FYIqzTSSNDlpVugt4Ktx4T6xclD
AowTB7/4SyWQvwF5h202gaTDUwHcphVDGyXGTizymI9PDc/f83Z1RPDASQvErEiq
whVDMOxmo9j79vWUkocUH2xYvjCPcdZSIBRHAIaxyGCjVOQbi6RaJ57D04DzuM7P
HGTu8KPF6DldaTHbl75kl+SF/tB7iqL+EeNjiZeg3RZdKRT9AJhi4S2qKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCo8Ia5tJQ/Wi/sWIOzf3FJwuJWRMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS2p3aHJtMGxEOWFMLXhZZzdOX2NVbkM0bFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqZAwQA
TVqkAwQA1dGBAwQA1dGPAwQA1dGWMA0GCSqGSIb3DQEBCwUAA4IBAQAIgYJ9gGg5
wuIqZFQfnVDU7XJo2CxfDqTaFDGQxlR1m5OaMmauFVQqvKNe932YDH3nAmMSTBjn
RGBjvSHD01gfwHxCnQQ5Vn2jVLLvzQljgDx6DIU9xgKOkq1m2Iva4yb/at5/i70j
20Duy4528YgjbOmNsahiDUkkkNws2+MzT5KocIPEWPGup59+3EES/Ed9d+1UIM6D
f10qhA76dDCh3FoBQcDCeXFjYFdRJa50RMblaGwcCe89BQ+Z6XmMCeqNOu2Fvir1
zSGdsj7zAiY21LHIaWqlKgzB78vCZ2g8MjWtKmrDfPLjvW+WOAJNMCgnw74TdWT5
BVDRnYQrSZjG
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:32 2025 by rpki-client