Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/VmAM4NDcYMTQU9Uh_ztu79OVn3A.roa
File: VmAM4NDcYMTQU9Uh_ztu79OVn3A.roa (raw, json)
Hash identifier: K6TONYqeiVCEFnf+UbcH3+Vu4P5TtFaHZxDiD8SKWhI=
Subject key identifier: 56:60:0C:E0:D0:DC:60:C4:D0:53:D5:21:FF:3B:6E:EF:D3:95:9F:70
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019229B7902ABCB3B25343E24BC9B198B26C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/VmAM4NDcYMTQU9Uh_ztu79OVn3A.roa
Signing time: Wed 25 Sep 2024 15:05:48 +0000
ROA not before: Wed 25 Sep 2024 15:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 77.90.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 10:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:b7:90:2a:bc:b3:b2:53:43:e2:4b:c9:b1:98:b2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 25 15:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56600ce0d0dc60c4d053d521ff3b6eefd3959f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:07:07:35:11:85:2a:cb:8a:82:56:6b:03:
f0:22:65:d4:ba:01:d0:d9:7e:7b:df:23:99:df:e4:
31:9b:e5:48:97:62:cc:ba:62:ac:6f:7b:e9:94:9b:
86:c3:a7:63:c0:39:aa:24:8b:fa:8c:68:c2:ed:1c:
cd:e8:e1:c8:33:28:2a:f0:df:7a:7f:de:84:b6:b5:
30:0f:e6:e1:fc:2f:73:6d:e4:fa:e6:3b:ca:4f:0e:
c0:64:22:d5:f9:c5:53:4e:40:ea:fd:85:33:4c:a2:
9c:3d:b3:a0:31:3b:47:c4:85:fa:d6:a6:ed:40:89:
2c:41:02:05:c6:83:06:f2:86:ab:fe:ba:09:a8:5e:
73:35:eb:36:fb:08:b6:11:eb:f7:8b:f6:c2:5b:df:
34:75:5c:c5:47:e9:2b:d9:cc:1a:16:a5:6c:f8:1a:
f1:fd:77:db:c2:39:66:4b:86:5c:c9:8a:13:af:4c:
06:7e:c4:37:b6:26:b5:b8:3b:ef:19:2e:7e:c4:36:
b4:b0:82:c9:56:9f:5b:97:16:09:ba:07:13:d6:97:
1a:8f:07:63:64:74:33:11:31:d3:12:a1:23:01:bd:
9f:5f:ca:5d:5b:36:2a:47:6f:a8:db:73:1b:17:a8:
9d:fd:5d:41:34:aa:61:db:47:0f:3d:c9:e4:93:c8:
0f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:60:0C:E0:D0:DC:60:C4:D0:53:D5:21:FF:3B:6E:EF:D3:95:9F:70
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/VmAM4NDcYMTQU9Uh_ztu79OVn3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:e7:99:1f:69:9b:df:1b:04:a9:7c:9b:25:b9:68:f3:5f:28:
60:99:14:32:93:bd:c4:99:1f:fe:f2:d5:de:7f:5a:28:f9:6d:
71:5b:de:f0:02:f2:da:80:f9:32:7c:ef:ab:e9:cb:88:69:c3:
ca:6c:ce:a9:44:8a:10:63:79:f2:77:ea:70:f2:ad:27:ab:6b:
f3:e2:63:60:3a:96:21:eb:1f:ec:d2:ad:62:54:d7:b4:f2:a6:
37:dc:bb:36:bc:58:c3:a9:17:56:b8:1b:01:5c:9e:e1:ea:3c:
bd:37:62:94:df:50:43:68:b5:70:f7:26:72:1d:b6:fd:da:4c:
ab:52:a3:b4:ca:84:30:fd:08:6c:60:4f:8a:40:ec:12:fd:98:
0e:21:25:e3:03:23:2b:66:63:f5:13:89:07:1a:74:2e:7d:0e:
3b:5f:c8:3f:d3:9e:32:52:d9:6a:e8:6d:a9:61:76:26:e4:66:
fb:af:1f:84:29:1a:d6:7d:44:d0:1a:1e:81:19:3e:f6:f5:2a:
e5:da:dd:09:10:51:d0:79:60:61:45:f1:3f:8f:5c:92:f1:82:
62:ea:70:a3:af:94:0a:dc:24:20:10:0a:7a:41:69:90:0d:3b:
82:49:a2:8f:47:2b:44:e8:6b:97:7f:15:13:dd:48:46:9e:44:
e1:27:9f:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIpt5AqvLOyU0PiS8mxmLJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwOTI1MTUwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYwMGNlMGQwZGM2MGM0ZDA1M2Q1MjFmZjNiNmVlZmQzOTU5ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8QHBzURhSrLioJWawPwImXUugHQ
2X573yOZ3+Qxm+VIl2LMumKsb3vplJuGw6djwDmqJIv6jGjC7RzN6OHIMygq8N96
f96EtrUwD+bh/C9zbeT65jvKTw7AZCLV+cVTTkDq/YUzTKKcPbOgMTtHxIX61qbt
QIksQQIFxoMG8oar/roJqF5zNes2+wi2Eev3i/bCW980dVzFR+kr2cwaFqVs+Brx
/XfbwjlmS4ZcyYoTr0wGfsQ3tia1uDvvGS5+xDa0sILJVp9blxYJugcT1pcajwdj
ZHQzETHTEqEjAb2fX8pdWzYqR2+o23MbF6id/V1BNKph20cPPcnkk8gPkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZgDODQ3GDE0FPVIf87bu/TlZ9wMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVm1BTTRORGNZTVRRVTlVaF96dHU3OU9WbjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqZMA0G
CSqGSIb3DQEBCwUAA4IBAQC155kfaZvfGwSpfJsluWjzXyhgmRQyk73EmR/+8tXe
f1oo+W1xW97wAvLagPkyfO+r6cuIacPKbM6pRIoQY3nyd+pw8q0nq2vz4mNgOpYh
6x/s0q1iVNe08qY33Ls2vFjDqRdWuBsBXJ7h6jy9N2KU31BDaLVw9yZyHbb92kyr
UqO0yoQw/QhsYE+KQOwS/ZgOISXjAyMrZmP1E4kHGnQufQ47X8g/054yUtlq6G2p
YXYm5Gb7rx+EKRrWfUTQGh6BGT729Srl2t0JEFHQeWBhRfE/j1yS8YJi6nCjr5QK
3CQgEAp6QWmQDTuCSaKPRytE6GuXfxUT3UhGnkThJ590
-----END CERTIFICATE-----
Generated at Wed Oct 2 12:47:48 2024 by rpki-client on console-fra.rpki-client.org