Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/L4O8TnWjuGbBZ37-msuUsQHoljw.roa
File: L4O8TnWjuGbBZ37-msuUsQHoljw.roa (raw, json)
Hash identifier: Dsc3AEQukNDImmxAz7H9wE+uSHVRvd0krRyaOkBxO8A=
Subject key identifier: 2F:83:BC:4E:75:A3:B8:66:C1:67:7E:FE:9A:CB:94:B1:01:E8:96:3C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01889A82A051C05A05AFAC815A19BB32931D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/L4O8TnWjuGbBZ37-msuUsQHoljw.roa
Signing time: Thu 08 Jun 2023 10:17:11 +0000
ROA not before: Thu 08 Jun 2023 10:17:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:82:a0:51:c0:5a:05:af:ac:81:5a:19:bb:32:93:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 8 10:17:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f83bc4e75a3b866c1677efe9acb94b101e8963c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8a:4b:5e:c7:d9:a7:5d:f9:71:bd:ba:ba:ab:
a5:be:91:09:33:96:9f:f0:c7:42:24:c3:68:a6:f9:
53:5c:d3:86:63:0d:45:72:52:37:65:d3:8c:f4:8d:
d8:23:e5:84:33:e8:46:aa:22:e5:0d:8e:43:50:d8:
89:4c:d2:ae:fc:76:4d:e1:aa:c3:bd:41:0d:98:ea:
15:38:e0:21:43:47:c2:4c:e5:e2:ce:68:4d:83:84:
58:93:0c:6a:22:f6:2a:9f:0f:f0:9f:42:a2:99:1e:
b6:aa:7c:e1:d1:db:fa:83:2b:89:65:13:3d:cb:12:
78:c2:23:54:cd:d7:70:58:d2:d2:38:31:f9:47:5e:
60:44:43:6e:85:1f:5d:63:00:65:ad:19:fe:5c:b1:
7d:6f:74:a0:ed:26:e6:1e:71:b7:5d:69:5e:a9:a7:
de:c1:60:50:39:08:ab:41:da:2b:1d:71:fb:83:db:
3c:0b:f1:83:90:de:6e:cd:98:7e:c3:23:cb:c3:8e:
b7:be:2f:88:26:7d:c8:58:70:ca:58:44:b3:3e:55:
e2:a1:92:e8:f2:65:32:a3:24:73:1b:4a:d3:d2:fe:
07:68:42:21:7d:33:d3:1d:d3:ee:d2:e7:48:c9:b1:
96:d8:6a:b9:de:6b:22:0d:84:b8:62:43:3e:4d:8f:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:83:BC:4E:75:A3:B8:66:C1:67:7E:FE:9A:CB:94:B1:01:E8:96:3C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/L4O8TnWjuGbBZ37-msuUsQHoljw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.156.0/24
77.90.184.0/24
213.209.136.0/24
213.209.149.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:2f:8b:a7:b3:e5:ef:e0:7e:32:84:2f:8e:0d:a5:94:59:a6:
0d:3d:99:55:c0:7f:5c:3c:c7:25:26:d0:86:14:96:fa:3e:fb:
5b:b5:fc:03:74:e3:87:60:ad:55:ab:aa:2d:5a:cd:da:41:e2:
d3:ed:71:d3:b2:cf:2a:bc:a7:83:ac:59:4d:f3:ab:b4:00:db:
97:fb:d4:4a:2e:c5:11:6f:44:ed:e9:90:2d:5f:7f:3f:df:2a:
a1:19:58:cc:c0:33:0f:ea:23:a3:75:cd:ad:a0:c4:f0:a3:d9:
7a:db:18:b4:72:c6:a1:53:f4:ad:26:96:ce:d4:5c:ab:9f:ce:
56:be:3a:6e:18:6b:41:29:cd:df:a0:c9:f8:a6:6c:cf:da:60:
e6:a0:ee:e6:93:8a:6b:ac:3c:36:2e:83:90:5d:bf:28:fb:70:
d0:f0:9c:06:75:7b:5a:36:f6:16:fb:55:f2:85:64:c0:9f:18:
d6:c7:07:02:78:c8:d5:1f:55:5f:e0:9b:1a:34:56:a8:1d:55:
f1:2a:a0:6e:c4:0b:17:1c:a3:99:f7:e4:81:9e:7e:eb:29:32:
00:d8:e9:ac:80:f4:94:58:72:0f:c4:bc:15:09:cd:6e:14:a3:
37:83:04:9f:2f:b6:a3:ee:80:58:6d:07:3e:6d:7a:38:1e:ce:
32:88:02:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiagqBRwFoFr6yBWhm7MpMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjA4MTAxNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjgzYmM0ZTc1YTNiODY2YzE2NzdlZmU5YWNiOTRiMTAxZTg5NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIpLXsfZp135cb26uqulvpEJM5af
8MdCJMNopvlTXNOGYw1FclI3ZdOM9I3YI+WEM+hGqiLlDY5DUNiJTNKu/HZN4arD
vUENmOoVOOAhQ0fCTOXizmhNg4RYkwxqIvYqnw/wn0KimR62qnzh0dv6gyuJZRM9
yxJ4wiNUzddwWNLSODH5R15gRENuhR9dYwBlrRn+XLF9b3Sg7SbmHnG3XWleqafe
wWBQOQirQdorHXH7g9s8C/GDkN5uzZh+wyPLw463vi+IJn3IWHDKWESzPlXioZLo
8mUyoyRzG0rT0v4HaEIhfTPTHdPu0udIybGW2Gq53msiDYS4YkM+TY8nswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC+DvE51o7hmwWd+/prLlLEB6JY8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTDRPOFRuV2p1R2JCWjM3LW1zdVVzUUhvbGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqcAwQA
TVq4AwQA1dGIAwQA1dGVAwQA1dGcMA0GCSqGSIb3DQEBCwUAA4IBAQBtL4uns+Xv
4H4yhC+ODaWUWaYNPZlVwH9cPMclJtCGFJb6PvtbtfwDdOOHYK1Vq6otWs3aQeLT
7XHTss8qvKeDrFlN86u0ANuX+9RKLsURb0Tt6ZAtX38/3yqhGVjMwDMP6iOjdc2t
oMTwo9l62xi0csahU/StJpbO1Fyrn85WvjpuGGtBKc3foMn4pmzP2mDmoO7mk4pr
rDw2LoOQXb8o+3DQ8JwGdXtaNvYW+1XyhWTAnxjWxwcCeMjVH1Vf4JsaNFaoHVXx
KqBuxAsXHKOZ9+SBnn7rKTIA2OmsgPSUWHIPxLwVCc1uFKM3gwSfL7aj7oBYbQc+
bXo4Hs4yiALY
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:02 2024 by rpki-client on console-ams.rpki-client.org