Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oNotmAQOykrp8ki9I4tZ8ZQOHuc.roa
File: oNotmAQOykrp8ki9I4tZ8ZQOHuc.roa (raw, json)
Hash identifier: e9HaPLqTNNnCPCrJ9wk6nbWaLADuQcWFp0n9TbPKau0=
Subject key identifier: A0:DA:2D:98:04:0E:CA:4A:E9:F2:48:BD:23:8B:59:F1:94:0E:1E:E7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F9FC29DC9945B3946AC6C94B3D19D57C2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oNotmAQOykrp8ki9I4tZ8ZQOHuc.roa
Signing time: Wed 22 May 2024 10:04:42 +0000
ROA not before: Wed 22 May 2024 10:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.135.0/24 maxlen: 24
77.90.138.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 10:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:c2:9d:c9:94:5b:39:46:ac:6c:94:b3:d1:9d:57:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 22 10:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0da2d98040eca4ae9f248bd238b59f1940e1ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:a9:d1:aa:72:66:2b:80:84:b3:1a:a2:f1:
d7:55:80:56:31:ae:ea:e4:81:d8:4a:49:21:b3:60:
81:a7:8d:75:6c:9f:d8:5f:d1:f2:10:dc:8f:60:c3:
a9:aa:3c:70:1a:c5:cc:74:e4:2f:11:ba:18:36:9d:
45:1a:c4:21:96:1a:99:8b:46:ed:af:d3:9b:11:4d:
58:b9:e5:0a:ba:a4:97:05:19:6a:61:5a:5f:f6:ca:
ce:b0:f1:1a:c6:85:b8:e5:0e:09:5b:a5:12:d8:eb:
66:51:08:80:e8:07:ba:b1:94:07:c0:c5:d4:ef:a9:
88:eb:1d:46:2b:a5:a1:f6:39:2d:9c:15:7b:20:77:
33:34:dc:c6:29:c7:44:d5:2d:e2:9c:49:c1:11:fe:
91:6d:26:23:70:45:71:11:08:f9:c6:f4:34:fa:b1:
c8:f0:83:be:1b:f8:44:75:ea:8f:fa:b5:38:70:41:
13:20:7d:61:81:5f:97:fd:88:7e:7b:06:96:2f:35:
86:bc:61:49:0d:1d:16:5a:02:5c:8c:18:8d:50:d7:
3d:c1:e1:2e:eb:d5:cf:98:ee:73:e0:08:8a:89:26:
25:cf:de:29:ac:87:74:09:33:8f:e6:4a:41:c0:94:
16:3d:a6:14:d3:ba:f0:63:b4:a0:d8:d7:fb:b3:63:
ef:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DA:2D:98:04:0E:CA:4A:E9:F2:48:BD:23:8B:59:F1:94:0E:1E:E7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oNotmAQOykrp8ki9I4tZ8ZQOHuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.135.0/24
77.90.138.0/24
185.230.14.0/24
213.209.143.0/24
213.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
96:00:7b:b8:59:04:d9:01:cd:86:68:e3:03:c4:38:9b:89:99:
eb:56:05:21:4b:c2:95:67:59:cf:27:20:dd:33:ac:af:dc:9e:
a8:33:f4:99:c8:f7:72:f2:16:bd:73:4f:15:9c:e4:ff:85:70:
2a:4d:87:51:66:3c:6d:e1:38:8e:1e:47:65:80:a4:ee:f4:bc:
ad:04:cd:17:68:83:2a:a4:8c:16:c0:70:25:5b:b5:8b:53:05:
9d:6c:ee:e7:aa:d1:e5:ff:42:76:7e:de:9d:56:7f:4c:f9:2c:
e5:de:8f:42:57:47:50:86:34:f9:09:65:7b:c0:23:2f:47:98:
d1:7a:d6:2c:a4:71:a2:43:9e:df:76:70:10:30:0d:d9:90:dc:
49:59:6a:98:7c:64:34:7a:44:e1:ff:7e:e3:27:71:59:d6:90:
13:6b:0b:40:53:d9:f0:99:9c:0b:5b:e6:39:2d:8a:0d:61:c5:
c0:50:08:12:8e:39:04:43:01:5f:92:f4:42:65:63:ed:ae:28:
93:2d:a7:96:50:ba:cf:46:aa:d3:2a:31:ac:9b:f7:32:7a:6d:
c0:04:5d:29:79:bf:eb:15:f9:b9:45:83:f8:50:e1:9e:d5:45:
3d:0a:2b:0a:6f:0c:af:37:2d:9e:20:8e:a0:12:a2:8d:13:42:
b2:22:5c:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+fwp3JlFs5RqxslLPRnVfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTIyMTAwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRhMmQ5ODA0MGVjYTRhZTlmMjQ4YmQyMzhiNTlmMTk0MGUxZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeep0apyZiuAhLMaovHXVYBWMa7q
5IHYSkkhs2CBp411bJ/YX9HyENyPYMOpqjxwGsXMdOQvEboYNp1FGsQhlhqZi0bt
r9ObEU1YueUKuqSXBRlqYVpf9srOsPEaxoW45Q4JW6US2OtmUQiA6Ae6sZQHwMXU
76mI6x1GK6Wh9jktnBV7IHczNNzGKcdE1S3inEnBEf6RbSYjcEVxEQj5xvQ0+rHI
8IO+G/hEdeqP+rU4cEETIH1hgV+X/Yh+ewaWLzWGvGFJDR0WWgJcjBiNUNc9weEu
69XPmO5z4AiKiSYlz94prId0CTOP5kpBwJQWPaYU07rwY7Sg2Nf7s2PvPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKDaLZgEDspK6fJIvSOLWfGUDh7nMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvb05vdG1BUU95a3JwOGtpOUk0dFo4WlFPSHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqHAwQA
TVqKAwQAueYOAwQA1dGPAwQA1dGfMA0GCSqGSIb3DQEBCwUAA4IBAQCWAHu4WQTZ
Ac2GaOMDxDibiZnrVgUhS8KVZ1nPJyDdM6yv3J6oM/SZyPdy8ha9c08VnOT/hXAq
TYdRZjxt4TiOHkdlgKTu9LytBM0XaIMqpIwWwHAlW7WLUwWdbO7nqtHl/0J2ft6d
Vn9M+Szl3o9CV0dQhjT5CWV7wCMvR5jRetYspHGiQ57fdnAQMA3ZkNxJWWqYfGQ0
ekTh/37jJ3FZ1pATawtAU9nwmZwLW+Y5LYoNYcXAUAgSjjkEQwFfkvRCZWPtriiT
LaeWULrPRqrTKjGsm/cyem3ABF0peb/rFfm5RYP4UOGe1UU9CisKbwyvNy2eII6g
EqKNE0KyIlxK
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:07 2024 by rpki-client on console-fra.rpki-client.org