Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/v7PodA8tzTjv4zWfyefFyOOMztw.roa
File: v7PodA8tzTjv4zWfyefFyOOMztw.roa (raw, json)
Hash identifier: TswqFGg6EiYP8CDhAMvMozK8ag0GwehPL0xxyfpjcTg=
Subject key identifier: BF:B3:E8:74:0F:2D:CD:38:EF:E3:35:9F:C9:E7:C5:C8:E3:8C:CE:DC
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0191B7B5FBDE4B52FCA129F19D7D69B871B9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/v7PodA8tzTjv4zWfyefFyOOMztw.roa
Signing time: Tue 03 Sep 2024 11:47:22 +0000
ROA not before: Tue 03 Sep 2024 11:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:b5:fb:de:4b:52:fc:a1:29:f1:9d:7d:69:b8:71:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 3 11:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfb3e8740f2dcd38efe3359fc9e7c5c8e38ccedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a6:d6:24:87:c0:e8:73:7d:3f:0c:25:d9:a9:
23:0f:d1:07:0d:91:9f:09:57:66:fb:ee:b6:35:1a:
13:69:9f:e4:25:b8:3b:77:ba:16:21:87:3b:c1:57:
8a:9e:a9:a8:5d:3d:b7:55:83:1a:73:9a:9e:83:be:
e4:d1:98:71:01:96:84:7d:c0:b9:cf:91:ad:93:2c:
2f:41:e5:b8:4a:8a:2f:e6:69:eb:fb:f8:8e:1e:91:
62:1d:f3:26:60:67:e5:57:19:a9:99:b8:d2:df:29:
c9:fb:ac:c1:20:61:63:a6:62:ad:1e:1d:ab:cd:9f:
1b:d8:29:f6:d0:b9:18:4a:26:5f:0b:10:9e:e0:6e:
44:22:49:8c:b7:65:95:90:20:6b:ce:60:42:1e:57:
97:6a:20:c7:fd:5a:47:41:b3:f6:93:65:08:9f:e1:
90:05:de:ec:70:23:33:e8:12:d4:d8:26:fb:04:14:
9b:ae:c7:40:f9:e3:8e:ef:0b:7a:bd:87:b3:be:6a:
14:ec:34:aa:70:56:17:5c:dc:fd:47:0d:25:55:71:
17:6c:97:a7:a3:a5:4b:6e:e0:44:e8:e3:71:79:04:
e6:9d:06:e1:6a:0c:ac:79:52:c9:a5:37:d5:aa:62:
ce:7e:9a:2b:d2:58:64:a9:dd:48:08:b0:73:05:44:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B3:E8:74:0F:2D:CD:38:EF:E3:35:9F:C9:E7:C5:C8:E3:8C:CE:DC
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/v7PodA8tzTjv4zWfyefFyOOMztw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.188.0/24
185.230.15.0/24
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:7a:c9:f4:62:8a:59:95:6d:fb:91:0e:04:a7:20:e4:20:a1:
f9:b2:5d:45:ff:82:f6:4d:fb:0d:32:d6:e5:fc:f5:7e:8c:3f:
4c:98:e8:a4:b3:7e:a6:be:67:d0:a7:5b:49:b1:7f:a0:38:e3:
39:8b:fc:95:cf:84:9d:86:66:2d:72:ff:ef:91:4e:6f:0e:61:
3e:04:d6:97:14:ac:33:a6:b2:89:0c:ad:5e:d3:86:3e:cf:ec:
d1:04:6c:9a:31:7b:b3:44:21:32:c4:3a:dd:d4:f3:01:be:52:
ea:81:1f:a5:d3:00:67:c7:6b:c7:89:b1:ff:76:95:c9:93:43:
f2:2d:66:12:69:ff:56:9f:46:07:04:21:fd:4b:8d:5e:dc:89:
a7:a4:97:8d:ee:c3:e8:13:bb:a6:6e:9c:ff:e6:2e:76:a3:ef:
e8:4a:2e:a5:65:11:bc:7e:f7:3f:85:e3:4b:2d:5f:29:e3:12:
b1:29:7f:48:cc:20:25:bd:c5:ee:bd:90:55:ed:1b:f0:f6:63:
02:7a:7a:cc:b5:e5:8d:aa:ca:0a:81:d4:b8:e5:11:34:c6:7d:
ce:dd:bf:05:a7:d0:01:79:54:67:5e:a5:10:95:c5:dd:b1:51:
c9:71:9f:87:96:d0:51:5b:cb:56:3c:f7:6b:a7:d5:06:74:bc:
91:52:c1:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZG3tfveS1L8oSnxnX1puHG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwOTAzMTE0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIzZTg3NDBmMmRjZDM4ZWZlMzM1OWZjOWU3YzVjOGUzOGNjZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKbWJIfA6HN9Pwwl2akjD9EHDZGf
CVdm++62NRoTaZ/kJbg7d7oWIYc7wVeKnqmoXT23VYMac5qeg77k0ZhxAZaEfcC5
z5GtkywvQeW4Soov5mnr+/iOHpFiHfMmYGflVxmpmbjS3ynJ+6zBIGFjpmKtHh2r
zZ8b2Cn20LkYSiZfCxCe4G5EIkmMt2WVkCBrzmBCHleXaiDH/VpHQbP2k2UIn+GQ
Bd7scCMz6BLU2Cb7BBSbrsdA+eOO7wt6vYezvmoU7DSqcFYXXNz9Rw0lVXEXbJen
o6VLbuBE6ONxeQTmnQbhagyseVLJpTfVqmLOfpor0lhkqd1ICLBzBUT76QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL+z6HQPLc047+M1n8nnxcjjjM7cMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdjdQb2RBOHR6VGp2NHpXZnllZkZ5T09NenR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqRAwQA
TVq8AwQAueYPAwQA1dGPMA0GCSqGSIb3DQEBCwUAA4IBAQAuesn0YopZlW37kQ4E
pyDkIKH5sl1F/4L2TfsNMtbl/PV+jD9MmOiks36mvmfQp1tJsX+gOOM5i/yVz4Sd
hmYtcv/vkU5vDmE+BNaXFKwzprKJDK1e04Y+z+zRBGyaMXuzRCEyxDrd1PMBvlLq
gR+l0wBnx2vHibH/dpXJk0PyLWYSaf9Wn0YHBCH9S41e3ImnpJeN7sPoE7umbpz/
5i52o+/oSi6lZRG8fvc/heNLLV8p4xKxKX9IzCAlvcXuvZBV7Rvw9mMCenrMteWN
qsoKgdS45RE0xn3O3b8Fp9ABeVRnXqUQlcXdsVHJcZ+HltBRW8tWPPdrp9UGdLyR
UsFy
-----END CERTIFICATE-----
Generated at Thu Sep 5 16:58:41 2024 by rpki-client on console-ams.rpki-client.org