Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gjk-MTbFVwi-qHIAPH7y12MVjk.roa
File: _gjk-MTbFVwi-qHIAPH7y12MVjk.roa (raw, json)
Hash identifier: ULmPhiE+tPaMBIbuPAlVPOvO7ukVNwf3w0SY4AkTkp8=
Subject key identifier: FE:08:E4:F8:C4:DB:15:5C:22:FA:A1:C8:00:F1:FB:CB:5D:8C:56:39
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D64B4A3174E4CDBEB9C9B532294E2412A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gjk-MTbFVwi-qHIAPH7y12MVjk.roa
Signing time: Thu 01 Feb 2024 12:46:16 +0000
ROA not before: Thu 01 Feb 2024 12:46:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54600
IP address blocks: 77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 16:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:b4:a3:17:4e:4c:db:eb:9c:9b:53:22:94:e2:41:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 1 12:46:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe08e4f8c4db155c22faa1c800f1fbcb5d8c5639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f4:37:2f:cd:b1:bd:8d:db:8c:32:80:12:9d:
ba:e5:2c:d0:04:cd:20:ce:78:6f:e0:16:1b:22:f6:
66:9d:92:15:39:57:c9:25:87:33:57:1d:49:e6:18:
ad:d7:73:ca:60:a6:2c:65:15:78:5c:e3:a1:6d:46:
44:66:fa:c8:96:4f:b6:f2:12:1c:58:67:37:4b:15:
bc:c2:47:61:29:82:78:48:69:8f:f7:6c:70:c3:28:
1c:17:d1:9a:8d:2d:32:2e:ab:3f:41:de:ad:8d:e6:
d0:20:b4:11:bb:8e:79:4b:11:0a:6f:b0:5b:ab:16:
3e:80:af:27:16:3f:f2:5c:13:60:32:37:9b:a9:51:
1c:51:bc:35:b4:82:40:0c:45:48:80:49:ea:56:41:
80:bc:b1:10:cf:5c:f3:a5:b7:84:5a:b3:b7:79:47:
31:7b:15:df:02:4b:9c:cc:28:09:14:d7:4b:f7:48:
06:98:c6:13:b0:ea:01:a7:fb:34:5b:f9:c4:23:82:
d6:a6:da:ee:d0:b6:51:17:7d:ff:0e:7b:42:12:40:
e7:5f:fe:12:f0:1f:c2:dc:5c:29:5d:30:42:8c:5a:
dd:8a:27:d7:1f:20:ff:46:28:46:bb:62:43:1a:dc:
c9:69:c0:d5:7f:f4:7d:7f:d1:15:f1:5e:c5:18:31:
3b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:08:E4:F8:C4:DB:15:5C:22:FA:A1:C8:00:F1:FB:CB:5D:8C:56:39
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gjk-MTbFVwi-qHIAPH7y12MVjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0-77.90.154.255
213.209.146.0/24
213.209.150.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c7:cd:39:49:0d:df:d5:59:62:7b:f1:43:4f:61:14:52:20:
d1:0a:40:e4:1a:47:15:68:30:25:0d:7d:1c:60:f6:14:1b:e3:
61:31:2b:01:23:4a:5d:75:78:80:21:3a:32:c3:1a:41:ba:96:
fb:a8:a3:be:30:36:85:ad:79:ad:5c:f4:1b:d8:1a:f0:d1:64:
a9:b3:82:90:6a:53:9c:76:cf:a1:e0:a5:93:09:df:d6:36:7c:
74:98:87:93:e9:82:21:77:00:bc:67:80:57:6b:d3:3d:0c:f2:
62:c1:fb:a7:da:1e:ff:ee:ef:8a:df:35:c9:94:6d:fc:05:bd:
f9:c2:97:be:cd:4b:1f:fd:06:06:43:ad:ca:16:4f:ad:35:c7:
10:e2:62:2f:bd:0f:fe:da:f8:e0:a2:cd:49:2e:50:a7:ee:bd:
b5:c2:e8:19:51:56:d2:d9:45:08:15:c0:93:ef:78:a2:42:c5:
d8:83:1d:5f:4c:ae:07:ad:34:de:fd:a4:df:91:45:9e:70:4b:
41:2f:6e:dc:95:a0:4b:a9:7e:ec:20:61:8a:73:e1:c3:7b:25:
bc:e6:47:9b:df:cd:3b:2b:8a:36:18:a5:d2:36:90:b2:a7:26:
f7:8f:b3:4d:fb:5c:33:76:2f:a0:6b:ba:a0:bd:aa:67:aa:9e:
5b:5f:44:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY1ktKMXTkzb65ybUyKU4kEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMjAxMTI0NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA4ZTRmOGM0ZGIxNTVjMjJmYWExYzgwMGYxZmJjYjVkOGM1NjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/Q3L82xvY3bjDKAEp265SzQBM0g
znhv4BYbIvZmnZIVOVfJJYczVx1J5hit13PKYKYsZRV4XOOhbUZEZvrIlk+28hIc
WGc3SxW8wkdhKYJ4SGmP92xwwygcF9GajS0yLqs/Qd6tjebQILQRu455SxEKb7Bb
qxY+gK8nFj/yXBNgMjebqVEcUbw1tIJADEVIgEnqVkGAvLEQz1zzpbeEWrO3eUcx
exXfAkuczCgJFNdL90gGmMYTsOoBp/s0W/nEI4LWptru0LZRF33/DntCEkDnX/4S
8B/C3FwpXTBCjFrdiifXHyD/RihGu2JDGtzJacDVf/R9f9EV8V7FGDE7PwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP4I5PjE2xVcIvqhyADx+8tdjFY5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvX2dqay1NVGJGVndpLXFISUFQSDd5MTJNVmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNWpkD
BABNWpoDBADV0ZIDBADV0ZYwDQYJKoZIhvcNAQELBQADggEBABjHzTlJDd/VWWJ7
8UNPYRRSINEKQOQaRxVoMCUNfRxg9hQb42ExKwEjSl11eIAhOjLDGkG6lvuoo74w
NoWtea1c9BvYGvDRZKmzgpBqU5x2z6HgpZMJ39Y2fHSYh5PpgiF3ALxngFdr0z0M
8mLB+6faHv/u74rfNcmUbfwFvfnCl77NSx/9BgZDrcoWT601xxDiYi+9D/7a+OCi
zUkuUKfuvbXC6BlRVtLZRQgVwJPveKJCxdiDHV9MrgetNN79pN+RRZ5wS0EvbtyV
oEupfuwgYYpz4cN7JbzmR5vfzTsrijYYpdI2kLKnJvePs037XDN2L6BruqC9qmeq
nltfRIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org