Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SJK9D2l31v1V5mGtbh07zki9wiQ.roa
File: SJK9D2l31v1V5mGtbh07zki9wiQ.roa (raw, json)
Hash identifier: Au3VBWUqBW5RSa50aDcvLuC3uWHQYloa99cycGYQBi0=
Subject key identifier: 48:92:BD:0F:69:77:D6:FD:55:E6:61:AD:6E:1D:3B:CE:48:BD:C2:24
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018982D643F9116FE3825B23A2B9DC7143B4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SJK9D2l31v1V5mGtbh07zki9wiQ.roa
Signing time: Sun 23 Jul 2023 13:00:27 +0000
ROA not before: Sun 23 Jul 2023 13:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:82:d6:43:f9:11:6f:e3:82:5b:23:a2:b9:dc:71:43:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 23 13:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4892bd0f6977d6fd55e661ad6e1d3bce48bdc224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:f0:c4:73:59:76:d8:e4:24:f6:8a:5a:88:
a2:4a:e6:bc:ab:cf:2f:56:2b:a3:64:43:d3:8c:c9:
67:c9:ca:7b:e8:8c:d2:e7:e7:64:6c:dd:9c:68:6a:
3c:9a:3a:14:27:3d:64:63:a4:6e:f3:76:83:b2:70:
87:fb:70:df:fb:35:2d:58:9f:0c:b5:42:33:f4:b3:
f2:40:76:43:3d:64:22:aa:76:4c:36:09:bb:69:50:
b7:31:72:7e:b4:05:c2:32:33:95:ac:4e:ba:0b:37:
4f:8b:25:d9:21:51:40:c6:99:b2:9c:03:60:69:f0:
f5:74:46:92:f1:c2:06:ec:14:7b:8f:7c:c2:a8:3d:
10:10:8a:4d:65:ac:93:a2:9a:89:66:66:69:b7:f3:
46:74:9a:7d:80:bc:c1:cd:21:51:44:c7:07:b6:ad:
9e:c4:c0:18:e2:8a:e2:3c:7a:5a:af:fd:01:54:be:
a9:74:92:f5:1f:5d:77:af:2b:6a:64:c1:fd:13:15:
65:96:87:1c:89:ba:0a:dd:d3:31:41:ac:ae:8f:69:
6c:87:f8:7a:41:9b:2b:ce:8e:c7:90:24:45:17:0c:
5b:8c:bc:f7:2d:83:eb:09:ed:0b:dc:d8:13:a2:db:
fa:49:be:50:14:b9:47:12:64:96:96:fc:6f:4b:fe:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:92:BD:0F:69:77:D6:FD:55:E6:61:AD:6E:1D:3B:CE:48:BD:C2:24
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SJK9D2l31v1V5mGtbh07zki9wiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.137.0/24
213.209.139.0/24
213.209.141.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
24:d4:93:19:3f:94:a8:5b:d4:9c:b5:0e:34:cf:5a:f5:16:94:
f0:19:66:b8:05:28:34:d6:66:5a:2f:f7:09:c5:3a:ea:be:fd:
70:b6:99:af:5b:1f:f3:d2:55:24:e5:ef:0b:81:81:e5:4f:44:
ba:42:9b:51:26:a9:ed:f9:81:6f:78:39:95:24:1b:6c:7a:31:
bb:c6:1b:36:4b:0d:e7:bc:6c:a4:15:ff:1e:fa:4d:86:06:5f:
eb:a6:13:7a:ed:1a:e1:26:0b:cf:79:06:f9:dd:7c:39:27:89:
4b:13:b5:41:5a:66:47:17:a2:8b:fe:35:55:67:2b:da:5d:c4:
0a:17:79:d7:0d:25:4e:e4:a6:e7:b2:b2:c3:24:0d:73:99:22:
99:4a:ed:c7:c6:92:c1:6f:6a:40:53:9b:f3:93:34:24:95:2d:
97:5d:46:bd:de:bf:26:10:7c:9e:bd:ab:0c:19:8f:70:6a:44:
4f:d6:f2:2b:50:dd:28:ec:b4:41:8f:1e:36:3f:57:73:97:87:
e5:20:a6:e4:ef:6d:ea:40:93:c5:23:22:07:96:3c:30:c1:1c:
d8:71:1d:52:ec:6f:f5:84:53:a3:91:5a:fb:27:3e:36:1b:27:
84:62:17:c2:c4:16:5a:7a:25:07:a1:f5:76:37:6e:25:8d:4a:
cb:cd:2a:b1
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYmC1kP5EW/jglsjornccUO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzIzMTMwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODkyYmQwZjY5NzdkNmZkNTVlNjYxYWQ2ZTFkM2JjZTQ4YmRjMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFrwxHNZdtjkJPaKWoiiSua8q88v
ViujZEPTjMlnycp76IzS5+dkbN2caGo8mjoUJz1kY6Ru83aDsnCH+3Df+zUtWJ8M
tUIz9LPyQHZDPWQiqnZMNgm7aVC3MXJ+tAXCMjOVrE66CzdPiyXZIVFAxpmynANg
afD1dEaS8cIG7BR7j3zCqD0QEIpNZayTopqJZmZpt/NGdJp9gLzBzSFRRMcHtq2e
xMAY4oriPHpar/0BVL6pdJL1H113rytqZMH9ExVllocciboK3dMxQayuj2lsh/h6
QZsrzo7HkCRFFwxbjLz3LYPrCe0L3NgTotv6Sb5QFLlHEmSWlvxvS/6C1wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEiSvQ9pd9b9VeZhrW4dO85IvcIkMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvU0pLOUQybDMxdjFWNW1HdGJoMDd6a2k5d2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUwDAMEAE1aqQMEAE1arAMEAE1arwMEAE1asQMEAE1atgMEAE1a
ugMEANXRgwMEANXRiQMEANXRiwMEANXRjQMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEAJNSTGT+UqFvUnLUONM9a9RaU8BlmuAUoNNZmWi/3CcU66r79cLaZr1sf89JV
JOXvC4GB5U9EukKbUSap7fmBb3g5lSQbbHoxu8YbNksN57xspBX/HvpNhgZf66YT
eu0a4SYLz3kG+d18OSeJSxO1QVpmRxeii/41VWcr2l3EChd51w0lTuSm57KywyQN
c5kimUrtx8aSwW9qQFOb85M0JJUtl11Gvd6/JhB8nr2rDBmPcGpET9byK1DdKOy0
QY8eNj9Xc5eH5SCm5O9t6kCTxSMiB5Y8MMEc2HEdUuxv9YRTo5Fa+yc+NhsnhGIX
wsQWWnolB6H1djduJY1Ky80qsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org