Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/V21COJJwc1khZK9WmdXTtCUpcnQ.roa
File: V21COJJwc1khZK9WmdXTtCUpcnQ.roa (raw, json)
Hash identifier: 3KC6L0Y2IUoIfXJQUl1JXVWqMONHanrDdCzkmxp/Q/c=
Subject key identifier: 57:6D:42:38:92:70:73:59:21:64:AF:56:99:D5:D3:B4:25:29:72:74
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01909C2081420992B4DF2ECD9FA046859BEB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/V21COJJwc1khZK9WmdXTtCUpcnQ.roa
Signing time: Wed 10 Jul 2024 10:11:34 +0000
ROA not before: Wed 10 Jul 2024 10:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:20:81:42:09:92:b4:df:2e:cd:9f:a0:46:85:9b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 10 10:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=576d4238927073592164af5699d5d3b425297274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:26:23:38:46:00:d1:94:85:bb:75:c0:18:ee:
f0:69:47:48:fe:17:34:df:f7:c9:84:f1:57:03:a1:
1c:cd:de:aa:d0:02:6e:56:b7:3a:fa:a3:17:0f:21:
3b:f9:9b:19:30:66:8e:f3:72:90:6e:ce:2b:8d:05:
24:20:26:37:d3:2b:2a:59:29:75:1d:77:36:82:84:
46:33:85:06:3d:35:2b:97:32:e2:71:a9:ba:fe:9c:
09:51:53:87:29:4c:3c:11:85:24:da:2e:6b:60:92:
c3:3b:59:57:d6:97:99:68:fb:72:f1:f0:b6:68:21:
f5:74:81:1d:00:2b:b6:e3:33:a0:5f:77:03:a3:2c:
5c:06:04:72:f5:fa:81:c6:c4:03:59:6e:72:41:6d:
7b:98:99:37:5c:ff:4b:26:1e:cf:d2:51:51:a2:7e:
2b:15:04:b3:68:25:d9:1e:7a:cf:88:9e:c0:b3:80:
22:5f:7d:2e:38:a6:19:d0:39:1f:2c:d1:39:a2:b0:
16:4b:be:d6:19:d6:45:09:79:c7:69:4a:9c:29:16:
1a:1f:da:b8:ea:b9:b5:0d:52:70:20:e2:e4:f3:a3:
aa:41:dd:5f:46:a8:80:43:b5:e6:9a:5c:7e:e8:0c:
40:a8:af:7c:d7:94:c7:39:b8:6a:6a:c6:79:bf:d9:
81:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:6D:42:38:92:70:73:59:21:64:AF:56:99:D5:D3:B4:25:29:72:74
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/V21COJJwc1khZK9WmdXTtCUpcnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:73:4b:bd:63:b1:d5:c9:d5:e6:ba:43:7a:5e:28:b6:7e:d3:
21:39:e6:89:f3:be:03:9f:24:f4:0d:24:20:a4:3a:34:1a:cb:
87:48:38:08:a1:3a:9f:63:f3:05:87:f6:fb:4d:c3:f4:0d:ec:
db:04:0e:53:1c:77:2d:a7:39:20:55:4a:fb:e8:8d:a9:90:5a:
47:25:b2:c3:cb:a5:81:bf:e7:ad:72:f1:9e:2b:7a:4b:7d:2c:
46:92:42:66:a6:23:b6:e9:79:c6:83:0d:28:68:e3:0f:30:64:
24:19:f5:50:f9:56:6c:2a:cf:bf:5d:e4:19:af:3c:38:e1:5c:
53:27:a1:8c:ed:6d:68:43:c2:38:4e:91:3d:bd:8c:b3:f0:99:
2e:34:85:ed:0b:0c:02:5a:5b:18:55:d2:0b:63:fe:10:e4:44:
08:4b:ca:47:1f:4d:26:c8:df:b1:65:e4:4f:21:c2:1f:38:45:
3e:99:43:d7:f2:c7:4e:ab:7f:a4:ec:cb:f5:b6:dd:b2:b5:29:
7e:d4:00:ec:b0:af:b7:13:ac:e7:12:3a:dc:17:9d:db:5b:39:
71:10:0e:ed:a5:df:85:36:0f:00:2e:ff:61:78:78:fd:4a:71:
b4:58:78:cd:08:23:93:5b:2d:c3:32:54:a6:95:6f:8e:22:19:
aa:88:d4:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCcIIFCCZK03y7Nn6BGhZvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNzEwMTAxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzZkNDIzODkyNzA3MzU5MjE2NGFmNTY5OWQ1ZDNiNDI1Mjk3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SYjOEYA0ZSFu3XAGO7waUdI/hc0
3/fJhPFXA6Eczd6q0AJuVrc6+qMXDyE7+ZsZMGaO83KQbs4rjQUkICY30ysqWSl1
HXc2goRGM4UGPTUrlzLicam6/pwJUVOHKUw8EYUk2i5rYJLDO1lX1peZaPty8fC2
aCH1dIEdACu24zOgX3cDoyxcBgRy9fqBxsQDWW5yQW17mJk3XP9LJh7P0lFRon4r
FQSzaCXZHnrPiJ7As4AiX30uOKYZ0DkfLNE5orAWS77WGdZFCXnHaUqcKRYaH9q4
6rm1DVJwIOLk86OqQd1fRqiAQ7Xmmlx+6AxAqK9815THObhqasZ5v9mBaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFdtQjiScHNZIWSvVpnV07QlKXJ0MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVjIxQ09KSndjMWtoWks5V21kWFR0Q1VwY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqRAwQA
TVq8AwQAueYPAwQA1dGBMA0GCSqGSIb3DQEBCwUAA4IBAQC3c0u9Y7HVydXmukN6
Xii2ftMhOeaJ874DnyT0DSQgpDo0GsuHSDgIoTqfY/MFh/b7TcP0DezbBA5THHct
pzkgVUr76I2pkFpHJbLDy6WBv+etcvGeK3pLfSxGkkJmpiO26XnGgw0oaOMPMGQk
GfVQ+VZsKs+/XeQZrzw44VxTJ6GM7W1oQ8I4TpE9vYyz8JkuNIXtCwwCWlsYVdIL
Y/4Q5EQIS8pHH00myN+xZeRPIcIfOEU+mUPX8sdOq3+k7Mv1tt2ytSl+1ADssK+3
E6znEjrcF53bWzlxEA7tpd+FNg8ALv9heHj9SnG0WHjNCCOTWy3DMlSmlW+OIhmq
iNRg
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org