Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UjSAm7rS5wHyr6ZYK18hw_yK5gg.roa
File: UjSAm7rS5wHyr6ZYK18hw_yK5gg.roa (raw, json)
Hash identifier: pxCNGkW6SMr4VuQ9UQMMxnIGA8g4gIyopdkxKl2UFw0=
Subject key identifier: 52:34:80:9B:BA:D2:E7:01:F2:AF:A6:58:2B:5F:21:C3:FC:8A:E6:08
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01859C65DC26C9F739F3D19EFA92483AFD01
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UjSAm7rS5wHyr6ZYK18hw_yK5gg.roa
Signing time: Tue 10 Jan 2023 15:56:39 +0000
ROA not before: Tue 10 Jan 2023 15:56:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:65:dc:26:c9:f7:39:f3:d1:9e:fa:92:48:3a:fd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 10 15:56:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5234809bbad2e701f2afa6582b5f21c3fc8ae608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:fa:7d:ff:8e:a6:ae:76:59:3f:71:93:a1:
ed:66:a6:d9:41:18:7e:c7:98:16:e0:b5:d5:c2:4b:
28:d4:34:91:f8:31:ab:fe:d4:b5:34:1d:52:c1:ac:
f5:33:1f:11:79:ce:34:1e:d3:04:26:43:57:3d:22:
61:ba:04:3e:ab:6e:79:e8:a6:9c:29:68:48:49:3a:
b8:e9:c2:66:44:94:87:ba:57:4b:96:ba:49:26:a4:
96:3a:0a:d7:f7:ed:f6:18:8c:bd:aa:b4:42:a1:23:
11:93:d4:e8:a5:ea:b3:d5:59:7a:97:75:3c:a9:33:
40:97:f8:1c:93:c1:43:98:0e:9b:e5:2a:3a:64:c0:
9a:d9:36:8e:1e:2d:1a:bc:07:ad:b0:b3:e5:80:0b:
e4:9b:91:24:40:4e:93:3e:64:8d:65:54:61:e1:36:
1b:23:ae:31:01:6c:2a:78:d5:00:39:93:3b:8b:bd:
54:8c:10:5f:77:a6:c4:27:0e:b9:0c:ed:94:46:c2:
73:ea:4c:4a:86:08:c3:6e:55:9e:04:af:e7:52:f3:
c4:a3:23:46:5b:72:4d:f0:ac:87:2c:ae:a6:59:1a:
13:d3:ce:d4:8a:5a:f9:26:0d:83:3e:aa:88:e5:9f:
1f:08:3f:44:37:31:a3:1b:c4:32:06:c3:7f:bc:4a:
d6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:34:80:9B:BA:D2:E7:01:F2:AF:A6:58:2B:5F:21:C3:FC:8A:E6:08
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UjSAm7rS5wHyr6ZYK18hw_yK5gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.156.0/24
77.90.184.0/24
77.90.188.0/24
185.230.14.0/24
213.209.129.0/24
213.209.136.0/24
213.209.143.0/24
213.209.149.0/24
213.209.151.0/24
213.209.156.0/23
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f3:c8:5c:ee:bb:ca:b3:ad:1e:ba:7d:2a:5c:63:ad:47:db:
8f:fd:1d:e8:39:27:f3:38:78:4d:ff:9c:d9:63:35:b6:8c:15:
d8:fb:04:ed:b6:61:c0:b3:4e:a1:83:cd:eb:e0:67:5d:52:dd:
96:1a:c8:29:a7:38:59:59:c1:f4:fd:7a:3e:a3:68:59:01:3e:
12:d0:75:40:2a:ce:66:fe:d1:1b:d0:83:8e:4e:4d:0d:e5:08:
fd:05:f8:7f:64:c4:89:9a:3b:26:52:bb:19:83:da:a9:ad:b2:
79:d1:69:c8:53:56:e0:b1:92:59:fc:74:20:70:0f:f2:73:20:
d1:8e:11:df:dc:60:eb:8a:34:62:0f:cc:fb:53:6f:76:37:5a:
55:59:e8:16:49:2f:a8:e0:23:6b:29:32:3d:f8:22:8e:45:73:
ab:75:26:33:79:55:c2:2a:90:c2:73:09:c0:3d:61:57:8c:d9:
f5:1d:03:01:c0:c5:7e:c9:6b:5c:88:0f:85:78:4e:d2:1b:e2:
4a:65:3b:50:12:08:be:0f:de:9a:c3:a2:44:1d:1f:71:1a:87:
ff:7e:da:2d:55:0f:2a:57:ce:73:76:0f:81:70:ab:24:10:58:
1a:0b:47:4c:d6:7c:e6:f9:3d:9d:1b:ed:ce:6e:8b:ad:12:ad:
5c:f9:c8:dd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYWcZdwmyfc589Ge+pJIOv0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTEwMTU1NjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM0ODA5YmJhZDJlNzAxZjJhZmE2NTgyYjVmMjFjM2ZjOGFlNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki36ff+Opq52WT9xk6HtZqbZQRh+
x5gW4LXVwkso1DSR+DGr/tS1NB1Swaz1Mx8Rec40HtMEJkNXPSJhugQ+q2556Kac
KWhISTq46cJmRJSHuldLlrpJJqSWOgrX9+32GIy9qrRCoSMRk9Topeqz1Vl6l3U8
qTNAl/gck8FDmA6b5So6ZMCa2TaOHi0avAetsLPlgAvkm5EkQE6TPmSNZVRh4TYb
I64xAWwqeNUAOZM7i71UjBBfd6bEJw65DO2URsJz6kxKhgjDblWeBK/nUvPEoyNG
W3JN8KyHLK6mWRoT087Uilr5Jg2DPqqI5Z8fCD9ENzGjG8QyBsN/vErW4wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFI0gJu60ucB8q+mWCtfIcP8iuYIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVWpTQW03clM1d0h5cjZaWUsxOGh3X3lLNWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQATVqZAwQA
TVqcAwQATVq4AwQATVq8AwQAueYOAwQA1dGBAwQA1dGIAwQA1dGPAwQA1dGVAwQA
1dGXAwQB1dGcAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQB288hc7rvKs60eun0q
XGOtR9uP/R3oOSfzOHhN/5zZYzW2jBXY+wTttmHAs06hg83r4GddUt2WGsgppzhZ
WcH0/Xo+o2hZAT4S0HVAKs5m/tEb0IOOTk0N5Qj9Bfh/ZMSJmjsmUrsZg9qprbJ5
0WnIU1bgsZJZ/HQgcA/ycyDRjhHf3GDrijRiD8z7U292N1pVWegWSS+o4CNrKTI9
+CKORXOrdSYzeVXCKpDCcwnAPWFXjNn1HQMBwMV+yWtciA+FeE7SG+JKZTtQEgi+
D96aw6JEHR9xGof/ftotVQ8qV85zdg+BcKskEFgaC0dM1nzm+T2dG+3OboutEq1c
+cjd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org