Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nbuKKWB1qaN9ZpePm5xdU5hcUwo.roa
File: nbuKKWB1qaN9ZpePm5xdU5hcUwo.roa (raw, json)
Hash identifier: DOXTtuYSa9WfoOXfZBly0f/wFQkoSzmcRIlYpVb3NsE=
Subject key identifier: 9D:BB:8A:29:60:75:A9:A3:7D:66:97:8F:9B:9C:5D:53:98:5C:53:0A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825C67A8D7987D82B17548B484E1A7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nbuKKWB1qaN9ZpePm5xdU5hcUwo.roa
Signing time: Sun 01 Jan 2023 22:44:52 +0000
ROA not before: Sun 01 Jan 2023 22:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207795
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:5c:67:a8:d7:98:7d:82:b1:75:48:b4:84:e1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dbb8a296075a9a37d66978f9b9c5d53985c530a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:38:d3:3b:81:9f:85:19:5c:94:97:ae:cf:52:
5e:3f:4c:dd:95:d1:b3:34:af:20:17:d5:ec:ad:bb:
ba:7f:bb:93:7a:d1:73:a4:8c:00:49:1a:b0:47:cd:
52:12:a5:d5:37:13:c3:0e:e3:7b:13:90:0e:cc:26:
ca:db:c1:7b:33:08:ee:73:00:96:96:63:c9:ce:d7:
81:e5:86:7d:40:b3:2c:d0:6a:13:e7:a0:5b:68:84:
72:4f:5c:2d:23:e8:95:47:10:7a:47:0b:8d:0f:8b:
0f:aa:fb:db:e7:bc:27:25:36:e6:36:33:3f:35:f5:
88:96:92:aa:cd:9f:29:10:66:a4:9a:8d:ec:db:2f:
c6:b7:a7:5c:f8:22:68:bc:4c:3a:51:1a:9c:35:2f:
49:3c:7b:ad:b5:63:53:53:ae:65:e1:9b:8d:54:39:
6b:0c:77:48:01:aa:ec:84:d8:8e:60:e4:71:f6:33:
e4:d1:ff:d2:1c:ac:19:92:43:c2:75:40:6e:27:22:
b3:43:bd:7d:cb:49:88:d8:cd:2f:87:be:9b:dd:fb:
90:70:aa:dc:e6:30:09:6b:7c:c5:5c:16:5f:27:f5:
ee:f2:22:31:4b:8f:32:48:a0:4a:ec:8c:8b:bf:5b:
50:71:f4:f0:aa:de:c1:08:9a:f7:dc:01:d9:47:94:
51:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BB:8A:29:60:75:A9:A3:7D:66:97:8F:9B:9C:5D:53:98:5C:53:0A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nbuKKWB1qaN9ZpePm5xdU5hcUwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.159.0/24
77.90.177.0/24
77.90.183.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
34:01:76:89:db:37:b6:83:fe:73:ef:27:ef:24:9a:98:66:4f:
a5:9c:de:73:e7:ff:e1:da:22:a7:61:42:56:11:fe:62:3c:fa:
b2:4f:df:ea:03:72:c2:2d:b5:8f:2f:53:a6:77:8a:13:58:02:
f3:4b:b4:09:45:03:38:3d:ba:94:e5:c8:56:4a:fc:30:8c:15:
8c:a6:51:f8:2a:c3:df:34:bf:e8:2d:d0:7c:34:97:ad:da:48:
bf:c4:92:b0:86:70:39:32:65:06:de:0b:5f:e6:14:0f:0c:94:
93:f1:e9:3c:8b:c4:41:e5:db:95:36:2b:74:35:4e:87:13:d8:
2d:f4:1a:e9:47:80:e3:7c:01:d3:63:1b:1b:60:d1:d3:fe:7c:
2a:46:4e:90:33:f9:95:ab:2e:2a:45:a0:4b:be:21:34:09:a8:
d2:31:05:35:5d:e3:5e:d0:34:1c:b2:e9:36:22:c9:09:03:c4:
d1:a1:22:50:82:c3:ba:fc:6f:c7:9c:c9:38:ff:77:9e:d5:dd:
fa:f6:df:9e:0b:5e:80:60:65:df:85:92:5c:15:e1:da:a6:e5:
46:db:99:b4:d0:41:e8:4c:b7:5e:4a:b9:88:d4:3e:e0:48:17:
0a:ff:ce:38:18:64:8c:c1:01:83:ec:0a:6a:9c:d3:a1:7b:19:
fe:6f:26:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvglxnqNeYfYKxdUi0hOGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGJiOGEyOTYwNzVhOWEzN2Q2Njk3OGY5YjljNWQ1Mzk4NWM1MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizjTO4GfhRlclJeuz1JeP0zdldGz
NK8gF9Xsrbu6f7uTetFzpIwASRqwR81SEqXVNxPDDuN7E5AOzCbK28F7MwjucwCW
lmPJzteB5YZ9QLMs0GoT56BbaIRyT1wtI+iVRxB6RwuND4sPqvvb57wnJTbmNjM/
NfWIlpKqzZ8pEGakmo3s2y/Gt6dc+CJovEw6URqcNS9JPHuttWNTU65l4ZuNVDlr
DHdIAarshNiOYORx9jPk0f/SHKwZkkPCdUBuJyKzQ719y0mI2M0vh76b3fuQcKrc
5jAJa3zFXBZfJ/Xu8iIxS48ySKBK7IyLv1tQcfTwqt7BCJr33AHZR5RRzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ27iilgdamjfWaXj5ucXVOYXFMKMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbmJ1S0tXQjFxYU45WnBlUG01eGRVNWhjVXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqfAwQA
TVqxAwQATVq3AwQA1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQA0AXaJ2ze2g/5z7yfv
JJqYZk+lnN5z5//h2iKnYUJWEf5iPPqyT9/qA3LCLbWPL1Omd4oTWALzS7QJRQM4
PbqU5chWSvwwjBWMplH4KsPfNL/oLdB8NJet2ki/xJKwhnA5MmUG3gtf5hQPDJST
8ek8i8RB5duVNit0NU6HE9gt9BrpR4DjfAHTYxsbYNHT/nwqRk6QM/mVqy4qRaBL
viE0CajSMQU1XeNe0DQcsuk2IskJA8TRoSJQgsO6/G/HnMk4/3ee1d369t+eC16A
YGXfhZJcFeHapuVG25m00EHoTLdeSrmI1D7gSBcK/844GGSMwQGD7ApqnNOhexn+
byYV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org