Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa
File: qfcgyh32ZR3_zU4bn16PCmovfVs.roa (raw, json)
Hash identifier: LPf0yciSFSn1DUVd7KjACMUpuA0WNMuH6OPjZlT45FE=
Subject key identifier: A9:F7:20:CA:1D:F6:65:1D:FF:CD:4E:1B:9F:5E:8F:0A:6A:2F:7D:5B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825ED60091A261F4794600B46D205B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa
Signing time: Sun 01 Jan 2023 22:44:53 +0000
ROA not before: Sun 01 Jan 2023 22:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:5e:d6:00:91:a2:61:f4:79:46:00:b4:6d:20:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f720ca1df6651dffcd4e1b9f5e8f0a6a2f7d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:82:de:1a:0c:30:d7:18:71:9d:09:70:ad:
77:4a:25:e4:38:cf:b3:18:b5:f6:63:97:26:18:60:
ad:9e:1c:b2:c6:d3:18:0d:da:b0:4f:2d:11:b6:49:
f5:e3:ef:f7:31:8e:9f:21:f7:cc:11:d3:d3:e6:41:
83:ef:ab:36:e9:7d:1c:c9:b5:b8:54:03:a9:37:67:
9b:66:dc:b7:8d:9e:ec:18:99:b9:a8:ec:ca:fa:83:
c0:ab:07:5f:97:2a:55:aa:cc:16:97:2f:62:1c:8d:
9f:18:f7:f0:e5:99:8b:0a:01:05:2a:aa:ef:ee:de:
69:3a:7b:6f:b5:39:33:ed:35:33:c2:9c:2a:60:1e:
3e:09:35:68:43:84:73:9c:ae:e2:0d:9b:dd:56:04:
c9:0e:e2:1d:22:e8:81:1a:05:b7:e8:9a:21:91:c8:
00:d9:9f:d4:7c:42:58:93:ff:46:76:53:50:50:02:
42:08:1c:cc:8b:23:e4:77:59:31:a1:97:53:bf:71:
63:12:21:2e:60:fe:37:c8:7f:34:04:e4:41:27:33:
61:03:13:86:20:80:50:86:26:5a:f6:a8:c3:59:a4:
71:c7:36:1e:44:d5:dc:88:88:17:7a:63:89:29:9b:
22:0f:72:0e:86:76:8e:19:df:c6:c2:e4:26:c4:de:
e8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F7:20:CA:1D:F6:65:1D:FF:CD:4E:1B:9F:5E:8F:0A:6A:2F:7D:5B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/qfcgyh32ZR3_zU4bn16PCmovfVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.154.0/24
185.230.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:fa:0d:cf:4f:db:b6:37:00:f3:87:96:fe:3b:1f:c6:4b:e3:
89:ef:c0:f6:32:7c:a0:02:0a:13:30:1e:4b:25:45:6c:fb:04:
ab:b5:79:17:9f:e7:ac:9f:50:f4:f9:57:44:7c:12:8a:d3:d0:
92:fb:5f:86:26:5b:d8:6c:40:83:4c:ce:6c:24:65:6d:f9:2d:
18:e1:93:61:66:2e:78:78:10:c8:88:74:03:f9:ae:9a:2d:55:
36:4c:ec:67:63:72:6e:b2:8e:b8:67:a2:2e:7e:48:24:bd:92:
cf:0b:42:44:de:06:5c:bc:cb:5d:4e:a7:7c:85:51:33:7a:e5:
4c:c0:ce:1a:66:8d:96:37:1e:a7:8d:d5:25:e0:0d:b9:ad:49:
6a:24:d7:b2:d0:41:b3:c4:8f:ae:d0:bf:17:a7:a6:81:37:fa:
0f:81:cc:bf:38:c1:6e:fa:a5:ca:f1:bc:33:eb:a8:d8:39:e5:
a7:c3:29:ad:db:6a:88:7c:f5:53:ef:13:3c:dc:45:44:b8:4a:
d4:c7:37:f9:e7:85:c7:78:6b:4e:33:39:79:0b:51:88:67:19:
16:5e:c3:34:a2:ef:75:be:2f:2e:5a:f6:d7:95:01:3b:38:0f:
7c:2c:8a:be:f9:2d:f6:81:56:21:3a:f7:58:6e:0e:6e:a7:91:
c7:50:cc:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvgl7WAJGiYfR5RgC0bSBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY3MjBjYTFkZjY2NTFkZmZjZDRlMWI5ZjVlOGYwYTZhMmY3ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWyC3hoMMNcYcZ0JcK13SiXkOM+z
GLX2Y5cmGGCtnhyyxtMYDdqwTy0Rtkn14+/3MY6fIffMEdPT5kGD76s26X0cybW4
VAOpN2ebZty3jZ7sGJm5qOzK+oPAqwdflypVqswWly9iHI2fGPfw5ZmLCgEFKqrv
7t5pOntvtTkz7TUzwpwqYB4+CTVoQ4RznK7iDZvdVgTJDuIdIuiBGgW36JohkcgA
2Z/UfEJYk/9GdlNQUAJCCBzMiyPkd1kxoZdTv3FjEiEuYP43yH80BORBJzNhAxOG
IIBQhiZa9qjDWaRxxzYeRNXciIgXemOJKZsiD3IOhnaOGd/GwuQmxN7oYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKn3IMod9mUd/81OG59ejwpqL31bMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvcWZjZ3loMzJaUjNfelU0Ym4xNlBDbW92ZlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqRAwQA
TVqaAwQAueYNMA0GCSqGSIb3DQEBCwUAA4IBAQC0+g3PT9u2NwDzh5b+Ox/GS+OJ
78D2MnygAgoTMB5LJUVs+wSrtXkXn+esn1D0+VdEfBKK09CS+1+GJlvYbECDTM5s
JGVt+S0Y4ZNhZi54eBDIiHQD+a6aLVU2TOxnY3Juso64Z6IufkgkvZLPC0JE3gZc
vMtdTqd8hVEzeuVMwM4aZo2WNx6njdUl4A25rUlqJNey0EGzxI+u0L8Xp6aBN/oP
gcy/OMFu+qXK8bwz66jYOeWnwymt22qIfPVT7xM83EVEuErUxzf554XHeGtOMzl5
C1GIZxkWXsM0ou91vi8uWvbXlQE7OA98LIq++S32gVYhOvdYbg5up5HHUMzB
-----END CERTIFICATE-----
Generated at Fri Jul 21 09:43:17 2023 by rpki-client on console-ams.rpki-client.org