Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UEVLZdVRtz1m7G4qqS3OuNzTmk8.roa
File: UEVLZdVRtz1m7G4qqS3OuNzTmk8.roa (raw, json)
Hash identifier: HRRQoij/RlOEW5WlVf8BiL6gbMs4xfkfgirhhjh5MAw=
Subject key identifier: 50:45:4B:65:D5:51:B7:3D:66:EC:6E:2A:A9:2D:CE:B8:DC:D3:9A:4F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B61673630D43E7989DC44F4DE080F1A1E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UEVLZdVRtz1m7G4qqS3OuNzTmk8.roa
Signing time: Tue 24 Oct 2023 11:17:15 +0000
ROA not before: Tue 24 Oct 2023 11:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 77.90.187.0/24 maxlen: 24
213.209.132.0/24 maxlen: 24
213.209.148.0/24 maxlen: 24
77.90.176.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:67:36:30:d4:3e:79:89:dc:44:f4:de:08:0f:1a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 24 11:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50454b65d551b73d66ec6e2aa92dceb8dcd39a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:09:ed:94:bc:2e:c3:8a:a1:80:f2:f5:6a:
3b:b9:9b:f4:41:79:b7:7c:8f:4c:d0:2f:63:58:e9:
10:44:bb:8e:21:a3:d7:6a:b2:a0:09:b2:8a:5a:57:
07:99:1b:8d:be:81:96:75:ce:3d:9c:29:88:a3:ed:
41:b8:73:cf:04:17:59:fb:b4:f1:40:fb:df:6b:7d:
8d:e0:68:0f:cc:67:e3:93:b0:24:5e:b6:86:89:c8:
4f:b6:8e:1e:41:b7:db:06:3b:cb:75:4d:47:94:72:
72:cb:d3:2d:97:22:a2:6b:85:af:d1:09:e5:7e:44:
cd:5f:2f:2b:5e:b6:e2:6c:ff:08:72:d9:e9:47:ce:
bd:f0:e3:6a:62:8f:36:5b:35:4f:2c:1c:4c:5a:11:
e1:d3:cc:d3:2e:63:0e:d3:73:c6:46:21:68:56:96:
7f:fe:f8:19:26:37:77:39:f2:aa:e6:ce:9b:ff:5a:
3e:f0:47:7d:76:53:41:bb:9f:62:c2:ff:fc:b8:c0:
f2:7e:50:e6:59:f0:2e:93:1c:b1:3d:ff:53:7a:f7:
16:e8:de:b6:62:c3:26:83:d1:9a:b3:2a:fe:32:e7:
92:43:45:c3:88:d8:81:b1:3b:e8:8e:c6:04:3d:17:
54:76:13:ea:ab:af:c6:5b:ea:7e:85:7f:7d:4e:07:
05:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:45:4B:65:D5:51:B7:3D:66:EC:6E:2A:A9:2D:CE:B8:DC:D3:9A:4F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UEVLZdVRtz1m7G4qqS3OuNzTmk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.176.0/24
77.90.187.0/24
213.209.132.0/24
213.209.148.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d8:25:f0:d8:63:3f:4f:8e:07:c4:ef:88:0f:52:0a:31:db:
9a:fd:5b:ab:86:cd:0b:79:41:fc:80:a4:d6:d5:6a:b5:4e:c0:
17:ca:4c:11:60:90:dd:8b:3a:e4:91:df:ca:19:89:d8:c8:a1:
7d:63:12:ee:8e:12:c8:5d:ee:85:b6:09:42:26:08:56:86:95:
21:2f:25:ca:2e:92:cd:19:3a:eb:d6:63:cb:62:ee:8c:d9:95:
9e:62:98:58:76:9b:ef:ac:62:90:7d:e3:aa:a2:27:56:6b:db:
18:72:81:a1:cd:90:f9:5f:a6:85:5c:5f:f7:d1:dd:b1:e3:5b:
d0:f7:63:6a:42:4d:45:eb:dc:bf:a9:22:da:7c:60:7b:98:82:
49:b2:f0:92:1e:6a:a7:84:e4:4d:2c:8d:71:4b:05:a1:a4:2c:
dc:dc:72:70:f7:ef:7c:f6:b7:3a:7b:6b:db:8e:3d:29:8d:ca:
5a:9f:c3:55:40:fc:e1:49:8f:71:a3:18:e9:72:a9:05:b5:a2:
1a:a3:1e:89:ac:71:2d:a8:d8:93:af:a6:70:ef:32:93:5b:69:
60:64:7c:46:c1:2b:dd:1c:50:37:2e:e2:6d:f6:1d:4f:be:87:
fe:d1:29:0b:29:4c:57:6c:d2:7d:16:ce:8f:53:69:26:1d:15:
79:8f:bc:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYthZzYw1D55idxE9N4IDxoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI0MTExNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ1NGI2NWQ1NTFiNzNkNjZlYzZlMmFhOTJkY2ViOGRjZDM5YTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdEJ7ZS8LsOKoYDy9Wo7uZv0QXm3
fI9M0C9jWOkQRLuOIaPXarKgCbKKWlcHmRuNvoGWdc49nCmIo+1BuHPPBBdZ+7Tx
QPvfa32N4GgPzGfjk7AkXraGichPto4eQbfbBjvLdU1HlHJyy9MtlyKia4Wv0Qnl
fkTNXy8rXrbibP8IctnpR8698ONqYo82WzVPLBxMWhHh08zTLmMO03PGRiFoVpZ/
/vgZJjd3OfKq5s6b/1o+8Ed9dlNBu59iwv/8uMDyflDmWfAukxyxPf9TevcW6N62
YsMmg9Gasyr+MueSQ0XDiNiBsTvojsYEPRdUdhPqq6/GW+p+hX99TgcF7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFBFS2XVUbc9ZuxuKqktzrjc05pPMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVUVWTFpkVlJ0ejFtN0c0cXFTM091TnpUbWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqwAwQA
TVq7AwQA1dGEAwQA1dGUMA0GCSqGSIb3DQEBCwUAA4IBAQAz2CXw2GM/T44HxO+I
D1IKMdua/Vurhs0LeUH8gKTW1Wq1TsAXykwRYJDdizrkkd/KGYnYyKF9YxLujhLI
Xe6FtglCJghWhpUhLyXKLpLNGTrr1mPLYu6M2ZWeYphYdpvvrGKQfeOqoidWa9sY
coGhzZD5X6aFXF/30d2x41vQ92NqQk1F69y/qSLafGB7mIJJsvCSHmqnhORNLI1x
SwWhpCzc3HJw9+989rc6e2vbjj0pjcpan8NVQPzhSY9xoxjpcqkFtaIaox6JrHEt
qNiTr6Zw7zKTW2lgZHxGwSvdHFA3LuJt9h1Pvof+0SkLKUxXbNJ9Fs6PU2kmHRV5
j7xs
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:02 2024 by rpki-client on console-ams.rpki-client.org