Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lrEjvIAT3xBwRmfXt_96UyqyOzw.roa
File: lrEjvIAT3xBwRmfXt_96UyqyOzw.roa (raw, json)
Hash identifier: caH3ravMyId0ZG8SdsobE5B3HZmVaStdmlpLQ0Rh0dk=
Subject key identifier: 96:B1:23:BC:80:13:DF:10:70:46:67:D7:B7:FF:7A:53:2A:B2:3B:3C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A43132C6243043B34CE0BA912633FE3A0
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lrEjvIAT3xBwRmfXt_96UyqyOzw.roa
Signing time: Tue 29 Aug 2023 20:54:04 +0000
ROA not before: Tue 29 Aug 2023 20:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.188.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Sep 2023 09:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:43:13:2c:62:43:04:3b:34:ce:0b:a9:12:63:3f:e3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 29 20:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96b123bc8013df10704667d7b7ff7a532ab23b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:22:9a:d9:2a:b4:57:c9:58:ad:e4:05:3f:
fb:65:b8:b4:af:82:ba:fd:b7:9a:72:b8:3a:b3:a6:
e4:57:5e:12:59:bd:1c:7f:99:f3:19:3a:df:89:09:
a2:d6:30:e5:62:a2:e2:f7:f6:16:d6:d6:7c:d5:da:
e8:56:21:d3:0d:92:65:fc:1b:6e:59:3b:4c:27:76:
85:da:60:eb:da:36:2c:73:bd:38:53:85:ae:30:1f:
d9:2b:f9:18:6e:16:8d:78:05:0c:3c:c8:1b:ed:6c:
9e:e6:24:4e:1c:fa:4b:58:fc:08:ba:2f:08:9e:a9:
87:b6:65:54:39:29:aa:27:da:3f:e2:8b:74:2f:3e:
9f:a2:2f:5e:9f:86:66:c8:81:d5:dd:24:fe:1c:fd:
ca:d9:58:07:93:f3:36:18:d8:87:4c:48:f8:dc:6f:
1d:fe:b6:92:95:43:cb:86:92:b2:f9:c6:85:13:7d:
b9:58:5b:a9:f1:0c:76:86:eb:e7:60:aa:88:41:13:
9c:a9:18:a2:98:c2:14:1c:dd:01:0f:8e:ef:d4:01:
3c:f9:77:d4:6d:61:4f:1c:4d:4d:17:61:81:ad:8e:
83:58:c5:4a:fe:eb:5d:dc:93:71:0c:a4:b6:d3:db:
e1:b7:b7:c2:88:e3:bc:08:02:c2:f6:dd:c6:36:f4:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B1:23:BC:80:13:DF:10:70:46:67:D7:B7:FF:7A:53:2A:B2:3B:3C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lrEjvIAT3xBwRmfXt_96UyqyOzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.153.0/24
77.90.188.0/24
213.209.145.0/24
Signature Algorithm: sha256WithRSAEncryption
90:fc:81:e9:b0:82:e9:7f:b3:a5:76:b1:71:92:3d:65:cc:2f:
05:b5:48:b1:85:92:7c:57:74:de:cd:92:5e:fb:16:7d:34:45:
c6:50:a1:e6:a6:3c:75:de:b5:94:67:ab:23:b8:ac:83:01:93:
b3:e9:5c:e4:d7:cf:48:d5:88:e7:a9:a5:e8:5f:ea:f8:d7:fd:
43:b6:8f:3f:e5:83:71:70:ab:eb:9c:df:8a:91:0b:6d:f3:fb:
b2:53:dd:2e:b6:7b:b1:dc:ac:71:61:dc:6d:f4:23:b7:28:62:
d9:20:9d:95:1e:69:15:cf:05:53:9c:bf:61:80:51:d6:a2:3d:
5a:ad:1f:a9:97:bf:f8:07:d4:a3:a6:1d:d5:f7:36:81:fe:8a:
98:bd:40:21:a0:a7:d4:74:de:e9:f5:a3:b5:47:f7:1e:2c:a1:
4d:c5:a8:86:de:4a:8c:83:1c:d5:d2:a9:ac:07:44:21:0f:f2:
86:a9:1d:55:e3:ce:f6:22:1c:ce:87:e8:61:89:bf:85:9a:43:
60:df:8a:19:46:5c:d8:38:3a:7c:14:c7:72:54:85:20:19:bc:
4a:5d:10:16:d5:86:6c:65:9d:1f:69:37:0c:9b:27:0f:1e:38:
1c:11:7e:71:3f:ad:61:5a:70:c3:68:4e:2c:37:a8:2a:bc:e5:
2b:75:e1:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpDEyxiQwQ7NM4LqRJjP+OgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODI5MjA1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmIxMjNiYzgwMTNkZjEwNzA0NjY3ZDdiN2ZmN2E1MzJhYjIzYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa8imtkqtFfJWK3kBT/7Zbi0r4K6
/beacrg6s6bkV14SWb0cf5nzGTrfiQmi1jDlYqLi9/YW1tZ81droViHTDZJl/Btu
WTtMJ3aF2mDr2jYsc704U4WuMB/ZK/kYbhaNeAUMPMgb7Wye5iROHPpLWPwIui8I
nqmHtmVUOSmqJ9o/4ot0Lz6foi9en4ZmyIHV3ST+HP3K2VgHk/M2GNiHTEj43G8d
/raSlUPLhpKy+caFE325WFup8Qx2huvnYKqIQROcqRiimMIUHN0BD47v1AE8+XfU
bWFPHE1NF2GBrY6DWMVK/utd3JNxDKS209vht7fCiOO8CALC9t3GNvSpSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJaxI7yAE98QcEZn17f/elMqsjs8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbHJFanZJQVQzeEJ3Um1mWHRfOTZVeXF5T3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqZAwQA
TVq8AwQA1dGRMA0GCSqGSIb3DQEBCwUAA4IBAQCQ/IHpsILpf7OldrFxkj1lzC8F
tUixhZJ8V3TezZJe+xZ9NEXGUKHmpjx13rWUZ6sjuKyDAZOz6Vzk189I1YjnqaXo
X+r41/1Dto8/5YNxcKvrnN+KkQtt8/uyU90utnux3KxxYdxt9CO3KGLZIJ2VHmkV
zwVTnL9hgFHWoj1arR+pl7/4B9Sjph3V9zaB/oqYvUAhoKfUdN7p9aO1R/ceLKFN
xaiG3kqMgxzV0qmsB0QhD/KGqR1V4872IhzOh+hhib+FmkNg34oZRlzYODp8FMdy
VIUgGbxKXRAW1YZsZZ0faTcMmycPHjgcEX5xP61hWnDDaE4sN6gqvOUrdeEm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org