Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kT36GM51bgaUzcFbqWteKYMoAEY.roa
File: kT36GM51bgaUzcFbqWteKYMoAEY.roa (raw, json)
Hash identifier: nhWpg/T3IfvMfXk+oOq7biYUdpDlG7OcRrsDW1hTmnU=
Subject key identifier: 91:3D:FA:18:CE:75:6E:06:94:CD:C1:5B:A9:6B:5E:29:83:28:00:46
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D574A1FBF608FE65392FC510C5A419110
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kT36GM51bgaUzcFbqWteKYMoAEY.roa
Signing time: Mon 29 Jan 2024 22:14:52 +0000
ROA not before: Mon 29 Jan 2024 22:14:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 16:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:57:4a:1f:bf:60:8f:e6:53:92:fc:51:0c:5a:41:91:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 29 22:14:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=913dfa18ce756e0694cdc15ba96b5e2983280046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2d:48:cd:33:19:9f:c2:5d:35:04:f3:fd:db:
8c:d5:67:be:68:a7:e8:8f:39:9d:80:7b:20:2a:ec:
7a:5c:a3:a0:fd:f9:f0:10:0e:ee:f5:99:61:3a:90:
87:a2:92:d7:02:32:4f:43:9b:eb:70:48:47:67:7a:
34:4a:d7:2f:2d:f1:4d:83:d8:47:fe:f6:d0:78:fb:
d8:fc:54:ca:f6:d6:6a:10:fa:9e:0d:bc:ac:0e:7d:
6a:89:4b:a8:d2:cf:d6:72:36:b9:10:ee:29:be:2f:
55:aa:00:db:af:a7:8e:e3:9c:73:24:43:3f:70:93:
32:3b:aa:92:99:ec:7a:e9:eb:a5:b3:45:c9:78:15:
14:1f:2a:bc:d1:d2:cd:ad:b9:df:ac:9d:75:b9:e3:
ab:ac:78:a0:d3:d7:be:c5:47:b2:93:a1:35:09:c6:
4a:96:2f:28:c5:58:38:ab:98:98:9e:58:13:d5:45:
b3:7d:53:64:92:a9:ab:34:3a:7d:48:1b:d8:c0:34:
5c:b9:a6:e1:f4:a5:90:76:2d:e0:f7:cb:6b:ee:e8:
74:e7:21:6f:40:10:98:46:cc:2b:63:2d:a0:b9:d9:
5a:ba:3b:42:a0:5f:11:9f:81:fd:5f:ae:3c:46:10:
36:79:b5:c1:ba:ff:9c:ef:73:81:11:0f:6c:34:57:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3D:FA:18:CE:75:6E:06:94:CD:C1:5B:A9:6B:5E:29:83:28:00:46
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/kT36GM51bgaUzcFbqWteKYMoAEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.188.0/24
185.230.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:df:ff:dd:1f:d0:64:47:f0:4e:ef:ca:79:67:a8:da:6a:2f:
59:c2:ef:50:16:44:a2:1e:0c:58:ad:47:dd:b9:64:f9:72:10:
67:f2:6d:41:95:3d:86:05:35:82:37:51:cf:19:6e:5a:e6:ab:
f9:61:18:9c:74:5e:a0:b9:b3:15:74:32:ef:9f:21:04:c0:b1:
de:06:2a:48:f2:d8:d9:f0:a2:c3:45:d9:0c:e1:3e:a4:5a:7b:
49:67:15:d8:20:a9:a8:f4:3f:69:a0:84:23:70:63:de:8f:e7:
42:dd:35:4d:84:ac:57:5e:9f:11:05:8a:a7:8d:15:8a:d3:f9:
e6:97:c6:19:d4:40:78:70:41:4c:af:c0:58:e7:85:d5:81:4b:
44:71:a2:16:40:f5:64:f8:90:10:8a:9e:0c:4d:fd:3c:31:1f:
94:02:ef:de:ae:36:d1:af:01:f2:51:8c:61:2c:09:24:c2:cd:
7a:ff:8e:f1:dd:e1:f8:40:6b:cc:c2:7b:8d:c0:14:7e:a5:32:
86:d2:18:a4:c6:3d:53:5e:09:99:66:fd:81:3c:d4:d9:e6:f8:
c0:ac:b3:55:cd:88:15:42:9c:17:bd:86:cb:d6:a4:4d:ec:d2:
67:24:8c:2e:98:ee:8c:ac:13:b2:42:c6:00:b6:b8:f2:0f:fd:
51:c7:34:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1XSh+/YI/mU5L8UQxaQZEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTI5MjIxNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNkZmExOGNlNzU2ZTA2OTRjZGMxNWJhOTZiNWUyOTgzMjgwMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS1IzTMZn8JdNQTz/duM1We+aKfo
jzmdgHsgKux6XKOg/fnwEA7u9ZlhOpCHopLXAjJPQ5vrcEhHZ3o0StcvLfFNg9hH
/vbQePvY/FTK9tZqEPqeDbysDn1qiUuo0s/Wcja5EO4pvi9VqgDbr6eO45xzJEM/
cJMyO6qSmex66euls0XJeBUUHyq80dLNrbnfrJ11ueOrrHig09e+xUeyk6E1CcZK
li8oxVg4q5iYnlgT1UWzfVNkkqmrNDp9SBvYwDRcuabh9KWQdi3g98tr7uh05yFv
QBCYRswrYy2gudlaujtCoF8Rn4H9X648RhA2ebXBuv+c73OBEQ9sNFfM+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJE9+hjOdW4GlM3BW6lrXimDKABGMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEva1QzNkdNNTFiZ2FVemNGYnFXdGVLWU1vQUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqRAwQA
TVq8AwQBueYOMA0GCSqGSIb3DQEBCwUAA4IBAQBt3//dH9BkR/BO78p5Z6jaai9Z
wu9QFkSiHgxYrUfduWT5chBn8m1BlT2GBTWCN1HPGW5a5qv5YRicdF6gubMVdDLv
nyEEwLHeBipI8tjZ8KLDRdkM4T6kWntJZxXYIKmo9D9poIQjcGPej+dC3TVNhKxX
Xp8RBYqnjRWK0/nml8YZ1EB4cEFMr8BY54XVgUtEcaIWQPVk+JAQip4MTf08MR+U
Au/erjbRrwHyUYxhLAkkws16/47x3eH4QGvMwnuNwBR+pTKG0hikxj1TXgmZZv2B
PNTZ5vjArLNVzYgVQpwXvYbL1qRN7NJnJIwumO6MrBOyQsYAtrjyD/1RxzTN
-----END CERTIFICATE-----
Generated at Tue Feb 13 20:34:24 2024 by rpki-client on console-fra.rpki-client.org