Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qESfZe5JuqaXuYdkbWSKZ82IA_k.roa
File: qESfZe5JuqaXuYdkbWSKZ82IA_k.roa (raw, json)
Hash identifier: /Q3lqUcXff7wxEsfrQCyRPG/1iVn2KoEARpb8T+3GZQ=
Subject key identifier: A8:44:9F:65:EE:49:BA:A6:97:B9:87:64:6D:64:8A:67:CD:88:03:F9
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189AB569BE271562FBF58F7A18326A936C7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qESfZe5JuqaXuYdkbWSKZ82IA_k.roa
Signing time: Mon 31 Jul 2023 09:45:26 +0000
ROA not before: Mon 31 Jul 2023 09:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 213.209.135.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:56:9b:e2:71:56:2f:bf:58:f7:a1:83:26:a9:36:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 31 09:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8449f65ee49baa697b987646d648a67cd8803f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ff:e7:19:6a:a3:63:b7:ee:31:f9:a2:bd:92:
27:c3:5d:37:f1:a5:28:1d:ab:26:44:40:8b:dd:cd:
5b:f6:f1:59:bb:76:89:71:8d:0b:40:54:45:b4:aa:
cd:fd:c0:ff:4c:13:64:c3:75:16:18:cf:d6:9a:cd:
63:69:8d:c7:94:46:d4:e2:20:66:1a:74:1c:84:ec:
91:3c:1e:92:80:50:36:2a:c7:c7:55:9a:79:b7:27:
6a:1f:ab:ad:64:63:fa:f8:1c:2a:b1:77:72:8b:83:
e1:ab:1d:cb:00:63:5d:4b:ec:da:24:64:a8:0f:6e:
de:70:43:89:6d:47:64:d5:31:a5:75:fa:67:9b:03:
34:a7:fc:e3:89:57:0e:12:fc:ae:cd:15:d3:7f:66:
e3:6e:10:30:e5:07:d2:ab:a7:d8:73:8c:e1:91:28:
56:94:b3:14:4f:93:b4:f1:89:62:05:54:6b:cf:75:
6d:4e:f2:d3:1d:61:04:0a:64:92:a7:b4:69:62:05:
1f:22:b1:02:f2:57:34:a1:10:64:5d:59:67:ff:90:
bd:fb:32:be:3b:1c:31:72:6f:42:04:c5:21:37:3e:
57:13:0f:43:61:92:da:61:85:c7:31:2e:c5:fe:94:
14:12:24:f5:44:9f:b3:b2:ac:57:7d:d2:ff:93:9f:
eb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:44:9F:65:EE:49:BA:A6:97:B9:87:64:6D:64:8A:67:CD:88:03:F9
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qESfZe5JuqaXuYdkbWSKZ82IA_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
213.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
99:88:6a:65:64:d2:61:2f:cf:bf:24:a4:f5:1b:9f:9d:bf:86:
c6:bc:da:17:35:0e:54:14:b3:02:fd:33:17:08:80:76:af:e9:
73:c4:55:fe:8f:c9:a1:e8:2c:b9:a5:8d:01:fb:84:97:32:65:
a4:f8:ea:fb:63:3d:e7:df:56:c1:7b:84:a9:ad:0d:57:98:d7:
5a:46:f8:f9:a6:25:c7:0c:8a:e4:5b:c6:3b:50:52:e2:29:48:
c0:8b:0d:bf:54:4b:26:88:fc:4e:12:57:0f:df:92:7a:66:3e:
c2:ce:92:6b:bd:23:37:56:89:4f:b7:11:5a:8f:71:44:ac:34:
fd:67:5a:6c:ee:cb:49:84:d3:e5:fc:8a:dc:ce:96:b7:5a:7c:
ca:d7:9d:79:a8:eb:9a:e6:c2:3c:54:a7:70:69:36:69:97:0d:
94:30:55:a4:6c:99:23:b6:8c:6e:d6:9a:0d:0d:af:e7:5a:f2:
70:09:8c:19:f5:31:d3:c4:fa:5b:30:53:5a:b6:f1:f1:0c:3e:
f4:7f:6b:44:84:6b:4e:08:09:f4:23:6c:5d:a0:ad:35:02:a4:
a9:58:ab:da:43:33:91:b6:3d:aa:c6:78:b1:75:00:2d:16:e7:
84:7b:5c:94:c5:ee:a3:74:5c:3a:1a:f0:cc:10:86:6d:13:15:
3b:58:7b:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmrVpvicVYvv1j3oYMmqTbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzMxMDk0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ0OWY2NWVlNDliYWE2OTdiOTg3NjQ2ZDY0OGE2N2NkODgwM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf/nGWqjY7fuMfmivZInw1038aUo
HasmRECL3c1b9vFZu3aJcY0LQFRFtKrN/cD/TBNkw3UWGM/Wms1jaY3HlEbU4iBm
GnQchOyRPB6SgFA2KsfHVZp5tydqH6utZGP6+BwqsXdyi4Phqx3LAGNdS+zaJGSo
D27ecEOJbUdk1TGldfpnmwM0p/zjiVcOEvyuzRXTf2bjbhAw5QfSq6fYc4zhkShW
lLMUT5O08YliBVRrz3VtTvLTHWEECmSSp7RpYgUfIrEC8lc0oRBkXVln/5C9+zK+
Oxwxcm9CBMUhNz5XEw9DYZLaYYXHMS7F/pQUEiT1RJ+zsqxXfdL/k5/rowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKhEn2XuSbqml7mHZG1kimfNiAP5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvcUVTZlplNUp1cWFYdVlka2JXU0taODJJQV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqnAwQA
1dGHMA0GCSqGSIb3DQEBCwUAA4IBAQCZiGplZNJhL8+/JKT1G5+dv4bGvNoXNQ5U
FLMC/TMXCIB2r+lzxFX+j8mh6Cy5pY0B+4SXMmWk+Or7Yz3n31bBe4SprQ1XmNda
Rvj5piXHDIrkW8Y7UFLiKUjAiw2/VEsmiPxOElcP35J6Zj7CzpJrvSM3VolPtxFa
j3FErDT9Z1ps7stJhNPl/Irczpa3WnzK1515qOua5sI8VKdwaTZplw2UMFWkbJkj
toxu1poNDa/nWvJwCYwZ9THTxPpbMFNatvHxDD70f2tEhGtOCAn0I2xdoK01AqSp
WKvaQzORtj2qxnixdQAtFueEe1yUxe6jdFw6GvDMEIZtExU7WHsn
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:02 2024 by rpki-client on console-ams.rpki-client.org