Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hsmcWnrDT0I5MQiPfohHULBpFvo.roa
File: hsmcWnrDT0I5MQiPfohHULBpFvo.roa (raw, json)
Hash identifier: ku53PGxMi+TMMknyCqtMvq3oH0ArA7Y6pYk0GQSR7mA=
Subject key identifier: 86:C9:9C:5A:7A:C3:4F:42:39:31:08:8F:7E:88:47:50:B0:69:16:FA
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B7C9F4C20D984BFA0EDABF3AD8E12052C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hsmcWnrDT0I5MQiPfohHULBpFvo.roa
Signing time: Sun 29 Oct 2023 18:08:16 +0000
ROA not before: Sun 29 Oct 2023 18:08:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:9f:4c:20:d9:84:bf:a0:ed:ab:f3:ad:8e:12:05:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 29 18:08:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86c99c5a7ac34f423931088f7e884750b06916fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:f7:0e:c4:69:8d:12:fc:ff:db:6e:6c:e3:
a6:4c:db:e3:0a:73:1d:76:ae:e4:21:72:1b:c3:f3:
4a:b4:90:05:54:30:ca:a9:c4:6b:25:95:76:67:18:
00:29:21:80:d9:56:c9:9c:69:e2:a4:05:66:a1:ae:
55:41:c5:64:de:25:d8:13:a3:d7:d3:b4:8a:c5:05:
8e:30:8d:5f:b6:5b:ce:3f:9f:77:9a:fc:74:70:e1:
45:99:0c:a5:b6:26:13:21:68:94:db:6d:49:92:b0:
13:e0:1c:46:e0:00:39:44:f5:6f:ef:22:ab:75:20:
d7:9a:b4:f4:5b:49:b6:c3:50:fe:d5:6e:ea:2c:32:
9a:0e:9d:30:7e:a9:d7:d3:4b:81:39:02:29:c9:b3:
ee:43:72:e1:38:aa:fd:ca:53:31:fd:fd:ef:7d:fa:
c2:02:54:eb:a8:a4:a8:c2:8d:a3:7c:5f:83:4c:c4:
07:99:71:8c:e1:7e:39:02:97:a5:b5:73:a4:2c:b7:
58:88:8b:ed:f4:23:82:93:56:c1:c5:2b:cc:96:1e:
f8:51:a4:7d:58:82:b6:71:38:9e:2a:05:11:ad:ab:
59:e4:7b:bb:4c:0a:b1:59:05:25:fd:e3:60:1e:98:
1b:69:c7:96:f7:5b:32:85:38:03:44:a8:58:06:04:
35:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C9:9C:5A:7A:C3:4F:42:39:31:08:8F:7E:88:47:50:B0:69:16:FA
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hsmcWnrDT0I5MQiPfohHULBpFvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f8:83:c2:87:8d:7c:f3:76:af:67:88:e4:08:50:ec:44:ff:
e5:9d:bd:3c:ab:de:2b:a6:93:0f:53:b3:89:50:24:19:6b:99:
fb:79:0c:99:9a:72:e6:e2:ed:a3:3a:b0:52:7a:5f:a3:db:5b:
d0:e7:8e:ee:dc:e6:a4:15:8d:34:f0:3c:36:af:5b:15:10:1b:
c3:0b:df:8b:c1:39:28:e1:d6:1b:0f:79:1a:3f:22:45:83:46:
bf:0b:f7:34:df:20:da:5e:ad:b2:ef:ca:5d:03:39:b5:2c:c5:
2f:af:ed:c2:3c:ff:a6:44:16:81:6c:ca:de:e6:ee:c5:25:26:
61:c4:56:be:d1:29:ef:7b:5e:45:df:fa:d6:eb:a6:13:d3:cf:
e6:2d:59:d1:8e:72:90:98:24:06:43:8b:4a:6b:f9:14:37:3a:
45:ad:05:cb:4f:25:ff:3f:26:3a:65:76:0a:9c:ae:9b:88:64:
fd:77:aa:7c:b9:fc:1d:ee:c9:5d:55:ef:4e:3e:cb:a2:90:b7:
59:64:c2:49:83:df:82:21:ef:ad:34:55:43:2c:27:a4:8a:72:
eb:97:34:70:c5:a5:c2:ec:1e:90:9e:61:35:0a:cb:b5:e9:3f:
7c:35:ab:19:4f:3a:64:ad:cc:8e:bf:2a:be:6e:8b:38:59:96:
4e:ca:57:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt8n0wg2YS/oO2r862OEgUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI5MTgwODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM5OWM1YTdhYzM0ZjQyMzkzMTA4OGY3ZTg4NDc1MGIwNjkxNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx/3DsRpjRL8/9tubOOmTNvjCnMd
dq7kIXIbw/NKtJAFVDDKqcRrJZV2ZxgAKSGA2VbJnGnipAVmoa5VQcVk3iXYE6PX
07SKxQWOMI1ftlvOP593mvx0cOFFmQyltiYTIWiU221JkrAT4BxG4AA5RPVv7yKr
dSDXmrT0W0m2w1D+1W7qLDKaDp0wfqnX00uBOQIpybPuQ3LhOKr9ylMx/f3vffrC
AlTrqKSowo2jfF+DTMQHmXGM4X45ApeltXOkLLdYiIvt9COCk1bBxSvMlh74UaR9
WIK2cTieKgURratZ5Hu7TAqxWQUl/eNgHpgbaceW91syhTgDRKhYBgQ1CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbJnFp6w09COTEIj36IR1CwaRb6MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaHNtY1duckRUMEk1TVFpUGZvaEhVTEJwRnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqZMA0G
CSqGSIb3DQEBCwUAA4IBAQBn+IPCh41883avZ4jkCFDsRP/lnb08q94rppMPU7OJ
UCQZa5n7eQyZmnLm4u2jOrBSel+j21vQ547u3OakFY008Dw2r1sVEBvDC9+LwTko
4dYbD3kaPyJFg0a/C/c03yDaXq2y78pdAzm1LMUvr+3CPP+mRBaBbMre5u7FJSZh
xFa+0Snve15F3/rW66YT08/mLVnRjnKQmCQGQ4tKa/kUNzpFrQXLTyX/PyY6ZXYK
nK6biGT9d6p8ufwd7sldVe9OPsuikLdZZMJJg9+CIe+tNFVDLCekinLrlzRwxaXC
7B6QnmE1Csu16T98NasZTzpkrcyOvyq+bos4WZZOyleo
-----END CERTIFICATE-----
Generated at Tue Nov 7 10:36:28 2023 by rpki-client on console-ams.rpki-client.org