Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WSvGSyjIghniGIe2mSaboCKFRng.roa
File: WSvGSyjIghniGIe2mSaboCKFRng.roa (raw, json)
Hash identifier: e7MmfhIUNIjRn5ielQctRx0MhxNE5DY3IKfNK6LkAJo=
Subject key identifier: 59:2B:C6:4B:28:C8:82:19:E2:18:87:B6:99:26:9B:A0:22:85:46:78
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189B0C9E127EF693805D1EE38505356CA37
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WSvGSyjIghniGIe2mSaboCKFRng.roa
Signing time: Tue 01 Aug 2023 11:09:27 +0000
ROA not before: Tue 01 Aug 2023 11:09:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Aug 2023 06:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:c9:e1:27:ef:69:38:05:d1:ee:38:50:53:56:ca:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 1 11:09:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=592bc64b28c88219e21887b699269ba022854678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3b:d6:f7:53:d0:61:37:ce:71:5d:a3:e2:64:
ba:f9:0c:4b:5f:fe:58:28:a7:b0:6e:9b:19:f7:e3:
16:72:23:a6:15:65:50:7e:6c:dd:76:fe:e5:3f:d6:
32:51:94:5d:27:71:19:b5:3b:7e:38:b8:48:0f:09:
cb:a7:5f:e5:df:ea:09:bd:27:44:57:2e:76:88:1f:
70:6b:39:ca:53:df:49:9a:24:7c:c0:ba:85:87:b3:
86:6b:da:7e:dc:5c:87:c0:69:96:bd:e7:d0:3d:9c:
11:23:dc:14:09:6e:0d:38:ca:1b:65:11:a0:09:25:
cc:d0:b6:2e:8f:56:31:b9:af:c7:d9:27:e7:35:f7:
9f:19:e4:e5:94:f4:6b:bb:e0:d9:c5:cc:19:75:65:
80:f1:f1:36:04:e9:9e:7f:bc:13:74:c1:67:e7:7b:
19:bb:f3:3c:4d:21:ce:85:43:8f:1b:d8:ee:9d:17:
a1:65:07:3e:4e:79:39:b2:13:69:06:aa:a0:a2:e1:
f7:de:86:58:3d:f6:be:17:2c:a9:d8:4d:98:c3:3e:
23:f8:8e:7c:fa:57:04:45:33:9a:2b:8a:06:8c:b7:
e6:8d:96:73:72:cc:09:3d:97:9b:4a:75:f7:f6:ab:
85:d2:b9:2b:aa:9d:30:70:b9:05:65:82:09:9f:74:
5f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2B:C6:4B:28:C8:82:19:E2:18:87:B6:99:26:9B:A0:22:85:46:78
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WSvGSyjIghniGIe2mSaboCKFRng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
185.230.14.0/24
213.209.129.0/24
213.209.143.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
71:bc:3b:11:03:32:79:6d:bd:8a:ec:87:f5:83:78:a9:4b:b7:
f8:7a:55:58:33:25:0a:28:fc:9a:d7:40:1e:1d:c9:91:5b:ca:
18:d7:94:89:0e:91:f9:36:2d:b6:df:41:44:ac:1b:5d:d0:19:
12:d4:04:20:45:1a:de:b5:b9:32:ba:3a:f8:c7:39:10:d8:09:
23:0e:df:57:56:04:fb:42:c5:73:04:b4:e1:45:8c:1e:f0:d5:
fb:13:2c:d3:8a:f7:df:ce:0f:f2:4b:d7:74:c6:c7:df:b7:40:
44:00:cb:c4:6c:b2:72:0b:c1:34:d5:a6:5d:e3:aa:27:a0:9f:
d7:26:75:c1:52:48:91:2c:c7:23:79:5d:bf:b9:41:2d:52:bb:
6c:4e:69:5d:99:50:f5:a6:d7:e8:43:55:81:5a:aa:16:9e:d9:
24:c5:ab:ec:af:bf:80:eb:26:4f:9f:e9:c3:de:79:7a:bc:d9:
39:05:dc:eb:25:e0:a6:c5:4b:47:cb:01:95:17:f5:69:da:f4:
67:50:d8:21:5a:09:07:8a:b1:74:b9:e3:8a:41:51:1b:61:b7:
19:fa:a4:67:4b:32:bf:b1:4b:a5:2b:06:23:3a:34:81:30:7e:
1b:12:6f:be:a2:4c:87:c5:12:32:ba:2c:80:0f:99:6b:65:4f:
73:4a:5c:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmwyeEn72k4BdHuOFBTVso3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODAxMTEwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJiYzY0YjI4Yzg4MjE5ZTIxODg3YjY5OTI2OWJhMDIyODU0Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDvW91PQYTfOcV2j4mS6+QxLX/5Y
KKewbpsZ9+MWciOmFWVQfmzddv7lP9YyUZRdJ3EZtTt+OLhIDwnLp1/l3+oJvSdE
Vy52iB9waznKU99JmiR8wLqFh7OGa9p+3FyHwGmWvefQPZwRI9wUCW4NOMobZRGg
CSXM0LYuj1Yxua/H2SfnNfefGeTllPRru+DZxcwZdWWA8fE2BOmef7wTdMFn53sZ
u/M8TSHOhUOPG9junRehZQc+Tnk5shNpBqqgouH33oZYPfa+Fyyp2E2Ywz4j+I58
+lcERTOaK4oGjLfmjZZzcswJPZebSnX39quF0rkrqp0wcLkFZYIJn3RflQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFkrxksoyIIZ4hiHtpkmm6AihUZ4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvV1N2R1N5aklnaG5pR0llMm1TYWJvQ0tGUm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqKAwQA
ueYOAwQA1dGBAwQA1dGPAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQBxvDsRAzJ5
bb2K7If1g3ipS7f4elVYMyUKKPya10AeHcmRW8oY15SJDpH5Ni2230FErBtd0BkS
1AQgRRretbkyujr4xzkQ2AkjDt9XVgT7QsVzBLThRYwe8NX7EyzTivffzg/yS9d0
xsfft0BEAMvEbLJyC8E01aZd46onoJ/XJnXBUkiRLMcjeV2/uUEtUrtsTmldmVD1
ptfoQ1WBWqoWntkkxavsr7+A6yZPn+nD3nl6vNk5BdzrJeCmxUtHywGVF/Vp2vRn
UNghWgkHirF0ueOKQVEbYbcZ+qRnSzK/sUulKwYjOjSBMH4bEm++okyHxRIyuiyA
D5lrZU9zSlwf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org