Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OycD_BtCyop2g6sWymIs-yBznGY.roa
File: OycD_BtCyop2g6sWymIs-yBznGY.roa (raw, json)
Hash identifier: 4/QOnz4CBtSDJXKgir6c0wPraTAs8jIyS76BO9sYLF0=
Subject key identifier: 3B:27:03:FC:1B:42:CA:8A:76:83:AB:16:CA:62:2C:FB:20:73:9C:66
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01893A24B47767DDC946B139A5BBF9858C1B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OycD_BtCyop2g6sWymIs-yBznGY.roa
Signing time: Sun 09 Jul 2023 10:13:51 +0000
ROA not before: Sun 09 Jul 2023 10:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207795
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:24:b4:77:67:dd:c9:46:b1:39:a5:bb:f9:85:8c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 9 10:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2703fc1b42ca8a7683ab16ca622cfb20739c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:93:6d:9f:83:74:98:89:b4:b8:6b:f4:db:
c7:dc:1a:0d:c5:f8:c2:3f:2a:30:da:bf:00:38:5d:
2f:f3:11:94:bf:20:b2:32:ff:33:46:ed:30:00:01:
be:11:35:aa:e8:e3:97:ce:7f:dc:d0:7d:13:dc:56:
ec:1d:ad:7f:38:c4:68:ea:7b:d6:43:d3:e4:13:6e:
82:9f:a3:ca:a9:2d:5a:59:3f:66:d7:8c:a1:e2:6e:
e1:46:e8:02:8c:d3:9f:f9:62:8a:b1:72:6a:d5:64:
30:ff:18:47:b1:e4:de:76:9d:a6:75:32:7c:92:30:
85:c9:d0:28:58:c6:76:83:64:c3:ce:4e:8d:a6:67:
67:08:da:36:b7:5d:8c:db:9f:2e:59:0d:68:c6:6d:
85:28:e4:f4:c5:ad:a5:74:13:9c:b5:b8:80:9a:8f:
3a:06:68:94:11:ab:90:be:e3:73:82:a5:69:38:4a:
68:e1:b8:6a:f1:ef:c1:a5:3e:c5:80:bc:64:27:e5:
87:44:0f:78:ff:ff:97:8b:db:7e:23:41:6d:e9:aa:
f9:53:4e:b1:aa:cd:28:c9:af:c6:15:cd:04:57:06:
17:43:ba:0a:69:49:5c:82:02:d1:fd:04:e4:37:19:
df:1e:0b:a8:a7:73:56:e4:08:f4:16:39:1f:f4:45:
8b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:27:03:FC:1B:42:CA:8A:76:83:AB:16:CA:62:2C:FB:20:73:9C:66
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OycD_BtCyop2g6sWymIs-yBznGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.177.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
01:50:26:b8:b6:30:a0:0f:6c:c6:f6:0e:68:20:7f:e7:48:db:
2b:59:d5:58:7e:d7:d3:d6:b7:e3:f2:6e:82:33:d0:5b:56:ae:
15:46:52:b0:f4:ae:4d:2d:49:00:a7:b0:43:f5:c0:16:73:48:
65:85:07:dc:4a:a4:29:d6:93:49:20:96:c9:f6:da:35:ae:59:
89:48:df:4c:3a:54:98:0d:78:66:ec:a2:01:80:7e:b6:e9:5c:
13:e5:d2:02:b1:f2:1d:7f:7e:0a:99:d5:91:17:30:f8:25:cd:
29:49:c3:36:97:33:fd:47:44:ea:88:22:ef:9f:9f:f8:fd:c4:
32:df:13:07:d8:7d:f8:58:9a:c3:76:96:f9:3c:a9:96:16:cc:
44:68:10:ce:66:45:9d:92:44:04:e0:c7:1f:ec:c3:37:37:59:
11:ad:dd:cc:96:02:46:73:f8:ad:b9:31:3d:16:69:a3:02:2a:
a1:ec:0d:8f:a4:89:c8:22:ac:0b:68:bc:96:43:56:0b:fb:3c:
ec:a4:00:53:0a:cf:58:38:33:59:7b:4f:57:f9:ff:de:03:9a:
3e:16:15:8f:54:81:ab:74:21:71:49:ce:52:44:88:6e:aa:6b:
48:72:10:73:c4:13:c4:6b:f1:b1:d3:60:d2:c6:af:c6:b1:25:
1c:63:1d:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYk6JLR3Z93JRrE5pbv5hYwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzA5MTAxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI3MDNmYzFiNDJjYThhNzY4M2FiMTZjYTYyMmNmYjIwNzM5YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0GTbZ+DdJiJtLhr9NvH3BoNxfjC
Pyow2r8AOF0v8xGUvyCyMv8zRu0wAAG+ETWq6OOXzn/c0H0T3FbsHa1/OMRo6nvW
Q9PkE26Cn6PKqS1aWT9m14yh4m7hRugCjNOf+WKKsXJq1WQw/xhHseTedp2mdTJ8
kjCFydAoWMZ2g2TDzk6NpmdnCNo2t12M258uWQ1oxm2FKOT0xa2ldBOctbiAmo86
BmiUEauQvuNzgqVpOEpo4bhq8e/BpT7FgLxkJ+WHRA94//+Xi9t+I0Ft6ar5U06x
qs0oya/GFc0EVwYXQ7oKaUlcggLR/QTkNxnfHguop3NW5Aj0Fjkf9EWL/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDsnA/wbQsqKdoOrFspiLPsgc5xmMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvT3ljRF9CdEN5b3AyZzZzV3ltSXMteUJ6bkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqxAwQA
1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQABUCa4tjCgD2zG9g5oIH/nSNsrWdVYftfT
1rfj8m6CM9BbVq4VRlKw9K5NLUkAp7BD9cAWc0hlhQfcSqQp1pNJIJbJ9to1rlmJ
SN9MOlSYDXhm7KIBgH626VwT5dICsfIdf34KmdWRFzD4Jc0pScM2lzP9R0TqiCLv
n5/4/cQy3xMH2H34WJrDdpb5PKmWFsxEaBDOZkWdkkQE4Mcf7MM3N1kRrd3MlgJG
c/ituTE9FmmjAiqh7A2PpInIIqwLaLyWQ1YL+zzspABTCs9YODNZe09X+f/eA5o+
FhWPVIGrdCFxSc5SRIhuqmtIchBzxBPEa/Gx02DSxq/GsSUcYx2Y
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:02 2024 by rpki-client on console-ams.rpki-client.org