Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lJYQIuFF_dtaweVFFHYkgSE2d-o.roa
File: lJYQIuFF_dtaweVFFHYkgSE2d-o.roa (raw, json)
Hash identifier: Me1tCOKdUoauIIIpdjh9leWLWUOW0INAD2eZT4Q0QcQ=
Subject key identifier: 94:96:10:22:E1:45:FD:DB:5A:C1:E5:45:14:76:24:81:21:36:77:EA
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F8253E9257B2A7E0A0BEB0BDA9B80D3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lJYQIuFF_dtaweVFFHYkgSE2d-o.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 77.90.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 19:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:53:e9:25:7b:2a:7e:0a:0b:eb:0b:da:9b:80:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94961022e145fddb5ac1e54514762481213677ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e4:66:15:e5:52:52:5c:4a:4c:8d:39:fd:64:
5c:bf:f5:48:aa:2a:10:f3:f9:a7:ac:89:9f:08:56:
01:3a:75:32:56:66:8c:a0:3f:7f:48:de:ce:e8:63:
b6:b3:b6:7a:9f:9c:05:df:3f:8f:da:89:f5:62:49:
ac:f4:0a:5e:5a:c3:9f:49:cb:5d:99:a9:36:7c:d7:
1d:68:e3:1b:e4:c7:3d:da:64:5e:32:87:e2:99:38:
e6:c7:32:96:50:b8:ff:74:ba:2c:37:fe:63:f4:56:
02:92:c5:79:88:e9:f2:19:5e:22:1d:21:39:06:fc:
26:2c:82:3b:22:5e:f2:91:0f:aa:b4:f6:fc:9a:8c:
5c:da:8f:b2:db:85:4f:77:fc:55:1b:16:3b:ec:08:
a0:0a:2c:cc:22:00:8b:24:4e:bc:fa:aa:2b:dd:28:
c5:81:ff:70:39:f2:00:a0:05:95:65:e8:3c:93:96:
f0:66:f4:44:8c:48:7f:6c:0c:29:40:8d:4f:5d:ca:
c8:69:84:91:92:b2:e9:fb:80:d9:da:56:67:30:40:
ce:eb:8d:90:92:e8:7e:b4:74:94:c6:fb:fe:9f:68:
25:9d:31:83:c9:73:61:16:d9:f4:0f:d0:5e:81:0c:
d6:b7:2a:0a:b4:21:3d:8c:43:25:2d:bf:40:15:73:
bb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:10:22:E1:45:FD:DB:5A:C1:E5:45:14:76:24:81:21:36:77:EA
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lJYQIuFF_dtaweVFFHYkgSE2d-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:bd:73:ec:4d:28:68:1f:c8:fc:3e:fd:b1:fc:a4:bf:74:c3:
ca:2f:27:ee:5e:2c:4b:af:23:8e:17:8a:9f:ad:19:b7:81:11:
42:f0:d6:5d:17:9f:40:63:7e:46:91:63:f2:8c:d0:18:11:30:
73:0c:33:34:a3:88:b7:c5:4b:23:e1:fc:b0:1e:74:0b:4a:01:
39:fc:d6:e6:d9:f6:5d:c6:bd:02:06:ca:59:a9:a4:51:75:4f:
01:b2:76:ff:8e:6b:2d:79:b9:15:78:de:f1:c7:2d:e7:87:a3:
e3:47:61:45:b8:96:8f:c0:19:ac:77:a8:22:b6:b3:87:d6:3f:
a4:00:11:46:ee:6e:00:c0:b1:49:fc:b6:67:fb:a8:31:2c:8b:
e1:e7:10:55:89:9c:3f:cd:3c:3e:72:f3:99:f1:18:79:ca:23:
ef:04:63:fb:7e:1b:c7:78:5a:d9:4f:d0:88:30:3b:ea:91:3a:
0a:89:8a:15:91:63:34:82:66:54:3e:53:82:7d:90:ae:1f:21:
b1:45:fe:f9:63:66:f6:15:e1:27:9f:af:07:23:a8:7a:8d:9d:
29:64:e6:a7:21:a1:d4:98:de:f5:72:17:04:67:91:b6:eb:07:
92:89:3e:92:36:b4:b6:58:29:1c:ab:59:6e:af:a1:e1:4f:51:
5d:45:52:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvglPpJXsqfgoL6wvam4DTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk2MTAyMmUxNDVmZGRiNWFjMWU1NDUxNDc2MjQ4MTIxMzY3N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjORmFeVSUlxKTI05/WRcv/VIqioQ
8/mnrImfCFYBOnUyVmaMoD9/SN7O6GO2s7Z6n5wF3z+P2on1Ykms9ApeWsOfSctd
mak2fNcdaOMb5Mc92mReMofimTjmxzKWULj/dLosN/5j9FYCksV5iOnyGV4iHSE5
BvwmLII7Il7ykQ+qtPb8moxc2o+y24VPd/xVGxY77AigCizMIgCLJE68+qor3SjF
gf9wOfIAoAWVZeg8k5bwZvREjEh/bAwpQI1PXcrIaYSRkrLp+4DZ2lZnMEDO642Q
kuh+tHSUxvv+n2glnTGDyXNhFtn0D9BegQzWtyoKtCE9jEMlLb9AFXO7mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSWECLhRf3bWsHlRRR2JIEhNnfqMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbEpZUUl1RkZfZHRhd2VWRkZIWWtnU0UyZC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQCjvXPsTShoH8j8Pv2x/KS/dMPKLyfuXixLryOOF4qf
rRm3gRFC8NZdF59AY35GkWPyjNAYETBzDDM0o4i3xUsj4fywHnQLSgE5/Nbm2fZd
xr0CBspZqaRRdU8Bsnb/jmstebkVeN7xxy3nh6PjR2FFuJaPwBmsd6gitrOH1j+k
ABFG7m4AwLFJ/LZn+6gxLIvh5xBViZw/zTw+cvOZ8Rh5yiPvBGP7fhvHeFrZT9CI
MDvqkToKiYoVkWM0gmZUPlOCfZCuHyGxRf75Y2b2FeEnn68HI6h6jZ0pZOanIaHU
mN71chcEZ5G26weSiT6SNrS2WCkcq1lur6HhT1FdRVLq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org