Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pSbZuJKYF0si49C17Lbo9uUlhQk.roa
File: pSbZuJKYF0si49C17Lbo9uUlhQk.roa (raw, json)
Hash identifier: XptL7GnowVVNT+pARdL+QyhdtRsP3G3tCJEMvoBTk3g=
Subject key identifier: A5:26:D9:B8:92:98:17:4B:22:E3:D0:B5:EC:B6:E8:F6:E5:25:85:09
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01857C71ACEE5BE4FB9C4535FC879FFFDCDF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pSbZuJKYF0si49C17Lbo9uUlhQk.roa
Signing time: Wed 04 Jan 2023 11:01:42 +0000
ROA not before: Wed 04 Jan 2023 11:01:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.138.0/24 maxlen: 24
77.90.151.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:71:ac:ee:5b:e4:fb:9c:45:35:fc:87:9f:ff:dc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 4 11:01:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a526d9b89298174b22e3d0b5ecb6e8f6e5258509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:87:1b:9c:ab:44:cc:52:eb:ed:e5:84:e4:d5:
68:9b:6c:72:b8:67:df:12:31:31:55:60:b9:99:ce:
64:21:ce:38:ef:8b:47:fb:9e:b0:d3:c0:93:00:6e:
92:08:5c:f6:69:6e:23:69:56:13:d8:92:b7:a5:ca:
be:9d:af:7e:ec:9e:d7:7f:3b:8d:db:e0:07:d7:47:
ee:68:70:97:0c:c1:19:9f:14:5b:94:74:88:51:45:
a6:b2:11:01:b5:f5:e0:2c:ce:24:d1:77:3a:d2:98:
55:c3:a6:14:d5:66:13:1f:cf:80:67:b0:71:45:ea:
77:d6:78:b6:a5:55:3f:3e:e0:d0:8f:f0:41:ed:a7:
36:05:c2:98:a5:15:e4:2d:14:90:a6:95:df:a4:7f:
83:5a:51:12:9c:68:1b:57:9e:3c:5b:91:05:99:e7:
dc:54:03:05:b1:87:16:2a:64:0b:a3:8b:84:ea:0a:
03:33:8d:5f:d5:09:09:e4:ba:06:07:c5:5b:ae:b8:
90:8a:4c:01:43:2f:b6:c3:04:31:86:ab:44:9a:92:
f1:89:31:7d:ba:90:bf:c8:b3:4d:81:10:5f:3d:24:
5b:91:14:03:af:3c:45:5c:c3:5b:c4:60:00:3b:fb:
e3:d9:15:3b:c1:40:ab:9c:e5:6a:e2:ca:ab:71:58:
39:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:26:D9:B8:92:98:17:4B:22:E3:D0:B5:EC:B6:E8:F6:E5:25:85:09
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/pSbZuJKYF0si49C17Lbo9uUlhQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
77.90.151.0/24
Signature Algorithm: sha256WithRSAEncryption
af:be:0b:42:5c:26:5b:11:6c:5c:9d:6a:92:5d:a6:fa:3d:6d:
9c:40:af:ce:07:8a:24:41:bf:f9:33:3b:4e:c1:c2:7a:e0:da:
71:45:15:ec:06:4d:61:b9:b5:47:27:c4:ac:51:59:5f:ee:42:
e0:b0:d3:13:d5:af:53:f4:d3:1b:ac:06:38:b7:76:62:91:92:
20:7e:92:5d:e2:ff:ca:b6:fe:dd:0c:f3:a8:06:55:66:49:a6:
53:92:23:97:b4:00:40:cf:af:b1:d3:f6:30:0f:a1:0d:12:99:
e5:ae:3f:09:9e:1a:e8:a8:30:e5:9f:6e:b4:24:a9:8f:c9:59:
c4:0c:b7:e9:30:28:55:bc:aa:fa:8c:66:f9:f1:81:1c:49:86:
b0:3f:05:4f:3e:f9:62:82:7f:e9:6e:d2:40:cc:0b:27:aa:ba:
71:8a:27:8c:ef:39:dd:75:8f:b2:20:47:ae:15:7b:c5:a4:cf:
90:48:83:79:ad:a1:d7:1d:0c:bc:8e:f5:9e:5e:d8:14:4a:3e:
03:4f:70:7d:ec:20:4a:8d:bd:4d:42:82:e4:1b:1f:fb:df:a4:
88:5b:a1:77:eb:b9:46:6c:5a:4f:35:8f:80:36:42:e2:86:8f:
a3:6f:9e:b6:a3:14:02:49:65:42:41:31:73:26:5c:31:f1:a6:
e2:80:5b:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV8cazuW+T7nEU1/Ief/9zfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTA0MTEwMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI2ZDliODkyOTgxNzRiMjJlM2QwYjVlY2I2ZThmNmU1MjU4NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyocbnKtEzFLr7eWE5NVom2xyuGff
EjExVWC5mc5kIc4474tH+56w08CTAG6SCFz2aW4jaVYT2JK3pcq+na9+7J7XfzuN
2+AH10fuaHCXDMEZnxRblHSIUUWmshEBtfXgLM4k0Xc60phVw6YU1WYTH8+AZ7Bx
Rep31ni2pVU/PuDQj/BB7ac2BcKYpRXkLRSQppXfpH+DWlESnGgbV548W5EFmefc
VAMFsYcWKmQLo4uE6goDM41f1QkJ5LoGB8VbrriQikwBQy+2wwQxhqtEmpLxiTF9
upC/yLNNgRBfPSRbkRQDrzxFXMNbxGAAO/vj2RU7wUCrnOVq4sqrcVg5PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKUm2biSmBdLIuPQtey26PblJYUJMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvcFNiWnVKS1lGMHNpNDlDMTdMYm85dVVsaFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqKAwQA
TVqXMA0GCSqGSIb3DQEBCwUAA4IBAQCvvgtCXCZbEWxcnWqSXab6PW2cQK/OB4ok
Qb/5MztOwcJ64NpxRRXsBk1hubVHJ8SsUVlf7kLgsNMT1a9T9NMbrAY4t3ZikZIg
fpJd4v/Ktv7dDPOoBlVmSaZTkiOXtABAz6+x0/YwD6ENEpnlrj8JnhroqDDln260
JKmPyVnEDLfpMChVvKr6jGb58YEcSYawPwVPPvlign/pbtJAzAsnqrpxiieM7znd
dY+yIEeuFXvFpM+QSIN5raHXHQy8jvWeXtgUSj4DT3B97CBKjb1NQoLkGx/736SI
W6F367lGbFpPNY+ANkLiho+jb562oxQCSWVCQTFzJlwx8abigFti
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org