Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y0ZVnhg-1uPqdb5V9V9UNUtPBTk.roa
File: Y0ZVnhg-1uPqdb5V9V9UNUtPBTk.roa (raw, json)
Hash identifier: PSJRZNaW1m+swkRoTdrx96y2SaOqhhAZmz/3BPYkTxI=
Subject key identifier: 63:46:55:9E:18:3E:D6:E3:EA:75:BE:55:F5:5F:54:35:4B:4F:05:39
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0185A143F9F512E5E7F91BF2F72DF0DBA741
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y0ZVnhg-1uPqdb5V9V9UNUtPBTk.roa
Signing time: Wed 11 Jan 2023 14:37:44 +0000
ROA not before: Wed 11 Jan 2023 14:37:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.138.0/24 maxlen: 24
77.90.151.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 11:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:43:f9:f5:12:e5:e7:f9:1b:f2:f7:2d:f0:db:a7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 11 14:37:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6346559e183ed6e3ea75be55f55f54354b4f0539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9a:9a:50:b9:35:79:da:54:46:9e:84:ba:25:
01:25:d4:05:ae:09:d4:f9:23:ba:4b:a2:23:18:66:
c4:92:02:a4:e8:6d:4b:40:a1:9d:8e:dd:15:e7:7b:
a6:05:7d:df:f2:c1:7d:b7:69:6c:81:e6:66:64:05:
54:26:8c:c2:67:29:b4:83:15:21:f8:ba:94:d6:00:
13:4c:bb:ee:29:b9:81:d3:9e:f1:55:09:c1:ff:39:
d3:2c:91:e5:eb:6d:5e:2f:0a:47:a9:b6:68:01:5a:
ea:e9:e6:4d:77:e8:37:54:b3:79:95:12:e6:12:38:
cd:87:4a:f9:ee:cd:5d:1b:90:e3:ee:21:cf:5f:5b:
92:c5:8e:a2:28:14:da:ce:f7:b8:2e:3b:ff:eb:f6:
32:1d:0b:26:f4:cf:40:00:00:35:a3:68:46:b9:0d:
0b:31:f7:50:92:41:48:e2:21:9f:3b:f7:6e:b7:a3:
41:72:b8:70:67:4a:9e:08:b8:4e:4a:b5:b5:2d:09:
8e:f8:40:57:61:9e:ea:c1:b2:6e:e0:27:19:6a:b6:
49:c3:80:2d:2c:44:d7:83:bd:6a:dc:b1:c1:27:94:
22:6c:2c:e3:7e:ce:e9:e7:ca:fd:cb:f3:56:b0:e6:
4c:87:a8:96:1d:b9:a9:ae:43:12:4a:fe:d0:fe:40:
0c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:55:9E:18:3E:D6:E3:EA:75:BE:55:F5:5F:54:35:4B:4F:05:39
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Y0ZVnhg-1uPqdb5V9V9UNUtPBTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
77.90.151.0/24
77.90.185.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:6f:46:7a:84:63:8a:4b:2a:04:6f:eb:50:d5:4c:c4:7d:f0:
a5:38:9f:d2:72:f4:0d:15:a3:ff:93:4a:2b:d5:05:94:2b:bf:
ae:50:e1:6a:0d:52:65:70:41:f7:23:48:35:3d:9f:79:82:91:
71:0a:ed:0a:1f:02:2f:65:f1:86:2c:36:5b:cf:7d:b8:4e:78:
57:15:15:9a:18:b2:26:da:7c:52:b8:f4:46:86:67:14:ce:0c:
25:62:9a:83:0e:8a:e8:5a:cd:5f:96:5e:5d:3c:2b:69:de:b1:
f6:83:44:a9:a6:d3:33:90:49:a7:ff:b7:1e:d2:50:87:cf:5b:
62:d7:87:d4:cb:0f:79:25:17:52:99:6a:08:17:f1:ff:7c:01:
47:86:a6:1c:9d:16:82:aa:ef:cc:1b:f2:b9:4a:f8:4d:71:fb:
b5:78:92:dc:ca:ab:0d:e7:c0:5e:50:4e:cf:6d:45:b6:1e:15:
0a:aa:e8:76:f8:a0:e6:55:0a:7f:0e:cb:3f:7d:59:2d:a8:d3:
de:f8:1b:25:59:a7:08:4d:61:8a:c1:0a:6f:00:48:4a:30:aa:
56:74:16:8f:08:10:96:58:75:56:79:28:31:29:53:01:da:36:
e8:4c:47:3e:cb:25:65:d8:cc:c6:91:8c:b4:7f:fe:84:64:44:
5d:3d:a7:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWhQ/n1EuXn+Rvy9y3w26dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTExMTQzNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2NTU5ZTE4M2VkNmUzZWE3NWJlNTVmNTVmNTQzNTRiNGYwNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZqaULk1edpURp6EuiUBJdQFrgnU
+SO6S6IjGGbEkgKk6G1LQKGdjt0V53umBX3f8sF9t2lsgeZmZAVUJozCZym0gxUh
+LqU1gATTLvuKbmB057xVQnB/znTLJHl621eLwpHqbZoAVrq6eZNd+g3VLN5lRLm
EjjNh0r57s1dG5Dj7iHPX1uSxY6iKBTazve4Ljv/6/YyHQsm9M9AAAA1o2hGuQ0L
MfdQkkFI4iGfO/dut6NBcrhwZ0qeCLhOSrW1LQmO+EBXYZ7qwbJu4CcZarZJw4At
LETXg71q3LHBJ5QibCzjfs7p58r9y/NWsOZMh6iWHbmprkMSSv7Q/kAMNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNGVZ4YPtbj6nW+VfVfVDVLTwU5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWTBaVm5oZy0xdVBxZGI1VjlWOVVOVXRQQlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqKAwQA
TVqXAwQATVq5MA0GCSqGSIb3DQEBCwUAA4IBAQB8b0Z6hGOKSyoEb+tQ1UzEffCl
OJ/ScvQNFaP/k0or1QWUK7+uUOFqDVJlcEH3I0g1PZ95gpFxCu0KHwIvZfGGLDZb
z324TnhXFRWaGLIm2nxSuPRGhmcUzgwlYpqDDoroWs1fll5dPCtp3rH2g0SpptMz
kEmn/7ce0lCHz1ti14fUyw95JRdSmWoIF/H/fAFHhqYcnRaCqu/MG/K5SvhNcfu1
eJLcyqsN58BeUE7PbUW2HhUKquh2+KDmVQp/Dss/fVktqNPe+BslWacITWGKwQpv
AEhKMKpWdBaPCBCWWHVWeSgxKVMB2jboTEc+yyVl2MzGkYy0f/6EZERdPadX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org