Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aEDg2eLbu9rScpxYCg0uVOf2drI.roa
File: aEDg2eLbu9rScpxYCg0uVOf2drI.roa (raw, json)
Hash identifier: rx1ddoQi9XJW1r0grW2KwoQkQkyrOSei3E7wa4t699k=
Subject key identifier: 68:40:E0:D9:E2:DB:BB:DA:D2:72:9C:58:0A:0D:2E:54:E7:F6:76:B2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CA5E74D6D0ED028D7F50EC9B34352B593
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aEDg2eLbu9rScpxYCg0uVOf2drI.roa
Signing time: Tue 26 Dec 2023 11:34:08 +0000
ROA not before: Tue 26 Dec 2023 11:34:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 213.209.135.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:e7:4d:6d:0e:d0:28:d7:f5:0e:c9:b3:43:52:b5:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 26 11:34:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6840e0d9e2dbbbdad2729c580a0d2e54e7f676b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:f2:8f:39:d8:12:d9:cf:b6:cf:54:a0:7e:
09:d4:7d:f0:ec:c1:56:d4:a0:c5:a9:c4:7b:7f:4e:
3d:de:dd:90:5f:53:61:7c:c1:db:58:72:88:ca:ea:
06:f1:40:17:7f:43:92:55:18:97:aa:d7:28:00:d0:
96:0d:22:d4:59:21:17:4e:f4:ef:8d:54:22:e3:91:
c2:5a:de:81:49:2b:51:4a:2c:94:f2:8f:8c:54:43:
7f:bd:19:25:1e:b9:0f:01:26:66:05:95:52:af:39:
3d:58:01:24:02:6a:be:49:f7:cf:c7:01:84:eb:e2:
c3:27:4e:31:03:c3:36:e5:ec:5c:f0:33:0f:f7:76:
2d:ad:60:d8:c8:c7:8f:96:a6:ff:87:7c:78:b3:da:
06:02:db:d2:75:4e:f7:d4:11:12:c5:37:27:e5:8e:
62:e0:e8:2a:00:5d:47:36:b8:43:a6:87:5f:16:1e:
f7:ff:4a:71:6c:a9:ca:d9:c0:83:75:f7:fd:b7:23:
e4:8b:63:31:5f:72:d8:4f:c5:ee:2c:c1:02:5c:83:
30:db:62:54:2c:47:da:06:ee:72:6e:17:3c:24:f2:
66:69:ba:a6:c7:34:ea:90:3d:98:c7:4a:7d:a1:d3:
d5:57:02:9d:06:4f:bc:0b:4b:3b:1a:90:d0:a5:82:
d2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:40:E0:D9:E2:DB:BB:DA:D2:72:9C:58:0A:0D:2E:54:E7:F6:76:B2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/aEDg2eLbu9rScpxYCg0uVOf2drI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
213.209.135.0/24
213.209.141.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
34:a6:dc:e3:47:78:18:4f:bf:0a:69:19:b9:59:e8:94:fb:e5:
bf:5f:41:88:14:d6:0c:2b:97:1a:68:28:9d:df:bf:6d:4c:67:
ce:61:e6:c4:b8:a5:73:bf:a9:97:53:cc:7c:3f:63:50:de:e2:
20:d5:1a:86:86:a6:8c:e8:47:32:48:1c:2d:34:ca:1b:04:ef:
ac:20:82:24:72:8c:10:7c:26:9a:b4:7b:b3:59:37:38:d1:10:
49:02:05:34:d4:ce:2c:8b:12:6a:07:8c:35:db:ae:00:96:3d:
36:16:85:84:d4:02:37:f7:39:fa:ba:7e:d7:e5:ac:3f:2f:d5:
cb:17:1c:d1:18:a6:55:30:9a:54:44:c1:3e:31:2a:b7:8f:2d:
df:53:8b:41:6e:4d:61:75:e5:22:55:93:4d:54:b8:77:3e:81:
c5:e3:81:fc:a4:4e:a1:d3:d5:8a:26:d3:e8:f8:f2:bf:7e:3c:
4b:28:88:e0:13:93:8a:2f:37:a0:72:48:e0:e1:de:66:56:95:
a6:93:95:b2:8a:a6:34:91:37:26:5e:93:1d:be:a2:4e:91:fd:
76:4c:a0:7f:84:f5:52:60:d1:c0:1b:98:8a:7f:bf:9a:51:68:
f1:c8:19:8c:ad:fb:44:90:ac:a1:3f:48:c1:88:3c:03:4b:56:
49:86:9d:2f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYyl501tDtAo1/UOybNDUrWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMjI2MTEzNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQwZTBkOWUyZGJiYmRhZDI3MjljNTgwYTBkMmU1NGU3ZjY3NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVnyjznYEtnPts9UoH4J1H3w7MFW
1KDFqcR7f0493t2QX1NhfMHbWHKIyuoG8UAXf0OSVRiXqtcoANCWDSLUWSEXTvTv
jVQi45HCWt6BSStRSiyU8o+MVEN/vRklHrkPASZmBZVSrzk9WAEkAmq+SffPxwGE
6+LDJ04xA8M25exc8DMP93YtrWDYyMePlqb/h3x4s9oGAtvSdU731BESxTcn5Y5i
4OgqAF1HNrhDpodfFh73/0pxbKnK2cCDdff9tyPki2MxX3LYT8XuLMECXIMw22JU
LEfaBu5ybhc8JPJmabqmxzTqkD2Yx0p9odPVVwKdBk+8C0s7GpDQpYLS9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGhA4Nni27va0nKcWAoNLlTn9nayMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvYUVEZzJlTGJ1OXJTY3B4WUNnMHVWT2YyZHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATVqnAwQA
1dGHAwQA1dGNMAwDBADV0ZkDBADV0ZowDQYJKoZIhvcNAQELBQADggEBADSm3ONH
eBhPvwppGblZ6JT75b9fQYgU1gwrlxpoKJ3fv21MZ85h5sS4pXO/qZdTzHw/Y1De
4iDVGoaGpozoRzJIHC00yhsE76wggiRyjBB8Jpq0e7NZNzjREEkCBTTUziyLEmoH
jDXbrgCWPTYWhYTUAjf3Ofq6ftflrD8v1csXHNEYplUwmlREwT4xKrePLd9Ti0Fu
TWF15SJVk01UuHc+gcXjgfykTqHT1Yom0+j48r9+PEsoiOATk4ovN6BySODh3mZW
laaTlbKKpjSRNyZekx2+ok6R/XZMoH+E9VJg0cAbmIp/v5pRaPHIGYyt+0SQrKE/
SMGIPANLVkmGnS8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:02 2024 by rpki-client on console-ams.rpki-client.org