Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Qw4E2Us-bdUYOyg9JyVncM_-Lyg.roa
File: Qw4E2Us-bdUYOyg9JyVncM_-Lyg.roa (raw, json)
Hash identifier: EXcnwEq3s71P645mMwTpze2wV7Vg43Y8z+QNO/YbcwU=
Subject key identifier: 43:0E:04:D9:4B:3E:6D:D5:18:3B:28:3D:27:25:67:70:CF:FE:2F:28
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01926B717CBD3C7CC21A92FF1A9560383D45
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Qw4E2Us-bdUYOyg9JyVncM_-Lyg.roa
Signing time: Tue 08 Oct 2024 09:24:12 +0000
ROA not before: Tue 08 Oct 2024 09:24:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 13:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:71:7c:bd:3c:7c:c2:1a:92:ff:1a:95:60:38:3d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 8 09:24:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=430e04d94b3e6dd5183b283d27256770cffe2f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1f:27:18:91:31:c4:b0:c8:c3:b2:75:63:1a:
8f:03:e4:8f:b3:7a:fd:18:b5:7c:5f:c8:69:54:39:
ef:ae:16:50:94:a8:63:ef:cd:e6:64:98:91:71:85:
a1:c0:b3:6e:a8:92:e0:8c:a4:a4:6f:aa:2d:c8:92:
03:5f:a8:22:4a:5b:f9:24:5c:ba:f7:50:18:b9:c1:
35:46:68:f8:7a:bf:84:32:7a:af:b0:54:69:e6:15:
3b:a7:15:2b:bd:4f:c6:93:43:29:ed:a3:95:b6:a9:
4a:2f:2a:d7:18:d4:13:a5:f3:16:49:29:2d:61:df:
6e:d4:89:41:5b:d9:da:df:e2:e8:b8:62:f3:be:3a:
4b:ba:77:7a:b9:17:a5:d0:1d:0b:e7:8b:97:bf:7b:
2b:f8:22:82:e0:32:8f:f9:e4:fb:7e:4c:2d:fd:f0:
6c:ab:19:12:77:62:74:40:18:0a:6e:79:e5:5b:80:
ea:96:b0:c7:21:67:27:85:be:88:a5:e2:7a:73:4d:
d8:eb:50:74:c0:1f:62:67:d6:8f:8e:5e:1e:34:af:
0b:23:9c:ce:d0:f9:5e:af:a4:d2:b7:be:d8:d9:81:
73:cf:2e:62:08:6f:93:5d:fc:d2:bd:0a:2b:59:bd:
c7:fb:0f:2c:40:37:8f:18:8d:9e:66:da:a7:ed:c7:
f8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:0E:04:D9:4B:3E:6D:D5:18:3B:28:3D:27:25:67:70:CF:FE:2F:28
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Qw4E2Us-bdUYOyg9JyVncM_-Lyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.129.0/24
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d6:d5:8f:a2:70:8f:d1:39:cc:63:e0:1c:86:e8:05:90:95:
41:87:c8:af:77:67:4f:3c:b0:06:d2:c9:00:97:a1:a9:fc:69:
7f:6a:e6:7a:01:59:c0:7e:4f:69:33:58:fb:9c:ba:a9:50:34:
a2:c7:f4:e8:b2:38:4d:3f:3c:24:0c:58:5d:70:d3:65:53:93:
78:50:8b:3a:9b:00:54:73:6b:88:25:aa:e2:1d:f9:a0:79:98:
0a:12:0e:ee:7f:b4:71:84:ea:79:87:9c:f9:4a:d0:41:e4:21:
49:c4:43:38:64:6b:59:d1:71:4b:fa:62:94:7b:6f:a3:5e:9a:
07:df:58:4d:22:e8:67:f7:54:f2:7e:76:32:4c:d9:a8:1f:ff:
ca:d3:d5:2d:ee:43:cf:0b:16:00:38:0f:61:65:2a:c9:46:7d:
8d:c6:93:94:d7:de:10:d9:20:04:c3:77:1d:33:2f:76:a9:9e:
9e:5b:cb:da:78:36:bf:0b:d0:dd:39:77:d1:0e:83:77:53:13:
6e:0c:d4:83:b7:b6:61:81:20:3f:1e:19:af:87:49:0b:46:ed:
90:cb:f0:f6:e1:e8:a1:53:3d:ef:78:44:01:30:6e:50:56:28:
6b:f7:e3:76:a0:df:ed:bb:f9:fc:0e:3f:6c:f9:e2:27:68:44:
81:4f:43:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJrcXy9PHzCGpL/GpVgOD1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDA4MDkyNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzBlMDRkOTRiM2U2ZGQ1MTgzYjI4M2QyNzI1Njc3MGNmZmUyZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h8nGJExxLDIw7J1YxqPA+SPs3r9
GLV8X8hpVDnvrhZQlKhj783mZJiRcYWhwLNuqJLgjKSkb6otyJIDX6giSlv5JFy6
91AYucE1Rmj4er+EMnqvsFRp5hU7pxUrvU/Gk0Mp7aOVtqlKLyrXGNQTpfMWSSkt
Yd9u1IlBW9na3+LouGLzvjpLund6uRel0B0L54uXv3sr+CKC4DKP+eT7fkwt/fBs
qxkSd2J0QBgKbnnlW4DqlrDHIWcnhb6IpeJ6c03Y61B0wB9iZ9aPjl4eNK8LI5zO
0Pler6TSt77Y2YFzzy5iCG+TXfzSvQorWb3H+w8sQDePGI2eZtqn7cf41wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEMOBNlLPm3VGDsoPSclZ3DP/i8oMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUXc0RTJVcy1iZFVZT3lnOUp5Vm5jTV8tTHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqRAwQA
TVq8AwQAueYPAwQA1dGBAwQA1dGPMA0GCSqGSIb3DQEBCwUAA4IBAQA01tWPonCP
0TnMY+AchugFkJVBh8ivd2dPPLAG0skAl6Gp/Gl/auZ6AVnAfk9pM1j7nLqpUDSi
x/TosjhNPzwkDFhdcNNlU5N4UIs6mwBUc2uIJariHfmgeZgKEg7uf7RxhOp5h5z5
StBB5CFJxEM4ZGtZ0XFL+mKUe2+jXpoH31hNIuhn91TyfnYyTNmoH//K09Ut7kPP
CxYAOA9hZSrJRn2NxpOU194Q2SAEw3cdMy92qZ6eW8vaeDa/C9DdOXfRDoN3UxNu
DNSDt7ZhgSA/Hhmvh0kLRu2Qy/D24eihUz3veEQBMG5QVihr9+N2oN/tu/n8Dj9s
+eInaESBT0Oi
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:02:56 2024 by rpki-client on console-ams.rpki-client.org