Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U2mnZAJGTl7MeAsdCXTr4uj7l-4.roa
File: U2mnZAJGTl7MeAsdCXTr4uj7l-4.roa (raw, json)
Hash identifier: eKxHGKVoKbFAFrn9YPZsTCiqGF6y//g0pavj8PSG2e0=
Subject key identifier: 53:69:A7:64:02:46:4E:5E:CC:78:0B:1D:09:74:EB:E2:E8:FB:97:EE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0187909ADFAEE44FFFF103222372460F060B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U2mnZAJGTl7MeAsdCXTr4uj7l-4.roa
Signing time: Mon 17 Apr 2023 19:04:41 +0000
ROA not before: Mon 17 Apr 2023 19:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 213.209.135.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:9a:df:ae:e4:4f:ff:f1:03:22:23:72:46:0f:06:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 17 19:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5369a76402464e5ecc780b1d0974ebe2e8fb97ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3c:5d:ec:c8:47:be:45:ac:d1:e2:2e:ae:99:
b0:e8:18:27:82:d1:90:d0:02:8e:c5:a4:41:7e:f5:
54:aa:9a:a5:48:e4:f0:0c:e1:3f:87:91:88:0a:0d:
05:a5:7d:5f:2b:0f:75:82:3f:ff:ab:67:dc:41:70:
72:5f:74:57:c1:a6:01:61:fc:fe:90:c6:5c:a9:39:
9d:bf:82:fe:11:4a:8c:74:d7:0a:61:c8:59:5e:3c:
57:b4:fd:92:ab:38:c4:d6:f8:58:bd:70:ec:7e:2d:
05:15:f8:5c:97:46:85:0f:77:ea:db:9a:29:d5:2d:
06:15:0e:e7:8a:0d:92:6d:a3:50:1a:63:73:f5:37:
f9:76:72:7a:02:e8:da:0f:2c:b7:51:25:39:36:4a:
76:50:0f:91:74:46:28:9d:f8:46:a8:be:25:52:73:
ad:b3:72:1d:bc:23:45:16:09:ae:67:b7:1a:1b:eb:
ce:88:95:54:27:e9:f6:38:77:dd:74:2a:6b:4f:00:
b7:9b:a2:88:78:35:96:05:47:fd:81:f8:34:5a:e1:
66:55:a3:29:cc:a8:07:52:4a:ff:4a:19:41:ed:87:
92:1f:84:4a:b7:a3:49:8a:61:54:37:b9:5a:79:91:
fb:4f:92:34:94:32:2d:93:9a:19:78:72:e3:d3:ac:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:69:A7:64:02:46:4E:5E:CC:78:0B:1D:09:74:EB:E2:E8:FB:97:EE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U2mnZAJGTl7MeAsdCXTr4uj7l-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
77.90.174.0/24
213.209.135.0/24
213.209.141.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
0f:f5:88:e5:09:4d:da:b7:dc:5c:78:ff:08:cc:83:82:18:a2:
27:d9:1c:4e:ca:b5:38:48:41:2a:18:62:3e:37:08:1b:d2:a0:
44:3e:95:da:9f:08:b0:26:63:da:8f:14:ab:99:ef:b4:f2:c3:
39:c0:2f:ac:24:cc:9a:bc:2c:7f:ca:07:58:3d:1e:e2:48:92:
c9:bb:73:8c:6f:ed:97:bb:56:38:04:f7:b1:12:d3:95:58:fc:
8a:63:13:52:6f:9a:0f:48:92:29:e5:6f:12:ca:74:c3:63:94:
a5:0a:a9:a1:b8:ec:55:96:a0:a3:60:b7:7b:86:6d:94:4d:ab:
9e:88:8b:cf:eb:5f:18:c4:c4:94:6e:39:42:5d:5b:bf:39:57:
a2:50:84:13:28:b8:ec:a8:55:03:c0:1f:de:3a:4c:9b:5d:1b:
45:e0:5d:f0:fb:31:44:dd:2c:b0:1b:fb:9f:27:fc:18:7a:55:
fc:02:3b:48:d1:dc:17:04:6c:01:8d:ab:16:40:b3:26:5e:2f:
5e:a6:e1:a2:ea:f7:f6:93:15:df:0e:8f:dd:07:a8:3e:8e:3c:
61:da:ec:d4:ce:d4:39:08:e1:72:ef:22:6f:a8:f3:11:01:f2:
de:72:d3:08:e2:e2:9e:d1:08:56:0a:eb:69:0e:09:39:ec:62:
63:2d:26:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYeQmt+u5E//8QMiI3JGDwYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNDE3MTkwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY5YTc2NDAyNDY0ZTVlY2M3ODBiMWQwOTc0ZWJlMmU4ZmI5N2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDxd7MhHvkWs0eIurpmw6BgngtGQ
0AKOxaRBfvVUqpqlSOTwDOE/h5GICg0FpX1fKw91gj//q2fcQXByX3RXwaYBYfz+
kMZcqTmdv4L+EUqMdNcKYchZXjxXtP2SqzjE1vhYvXDsfi0FFfhcl0aFD3fq25op
1S0GFQ7nig2SbaNQGmNz9Tf5dnJ6AujaDyy3USU5Nkp2UA+RdEYonfhGqL4lUnOt
s3IdvCNFFgmuZ7caG+vOiJVUJ+n2OHfddCprTwC3m6KIeDWWBUf9gfg0WuFmVaMp
zKgHUkr/ShlB7YeSH4RKt6NJimFUN7laeZH7T5I0lDItk5oZeHLj06yM8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFNpp2QCRk5ezHgLHQl06+Lo+5fuMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVTJtblpBSkdUbDdNZUFzZENYVHI0dWo3bC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATVqnAwQA
TVquAwQA1dGHAwQA1dGNMAwDBADV0ZkDBADV0ZowDQYJKoZIhvcNAQELBQADggEB
AA/1iOUJTdq33Fx4/wjMg4IYoifZHE7KtThIQSoYYj43CBvSoEQ+ldqfCLAmY9qP
FKuZ77TywznAL6wkzJq8LH/KB1g9HuJIksm7c4xv7Ze7VjgE97ES05VY/IpjE1Jv
mg9IkinlbxLKdMNjlKUKqaG47FWWoKNgt3uGbZRNq56Ii8/rXxjExJRuOUJdW785
V6JQhBMouOyoVQPAH946TJtdG0XgXfD7MUTdLLAb+58n/Bh6VfwCO0jR3BcEbAGN
qxZAsyZeL16m4aLq9/aTFd8Oj90HqD6OPGHa7NTO1DkI4XLvIm+o8xEB8t5y0wji
4p7RCFYK62kOCTnsYmMtJqc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org