Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yH9VuCVXyt1wRjyiSl7USIbdfFo.roa
File: yH9VuCVXyt1wRjyiSl7USIbdfFo.roa (raw, json)
Hash identifier: v2uKLQgA4wchHMHc87JW414Gn+ISCwxlRnzrNCWJ+do=
Subject key identifier: C8:7F:55:B8:25:57:CA:DD:70:46:3C:A2:4A:5E:D4:48:86:DD:7C:5A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019007E4D0DD5ABF3DCFBC2E2975BEAFD024
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yH9VuCVXyt1wRjyiSl7USIbdfFo.roa
Signing time: Tue 11 Jun 2024 15:22:34 +0000
ROA not before: Tue 11 Jun 2024 15:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 77.90.145.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 10:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:e4:d0:dd:5a:bf:3d:cf:bc:2e:29:75:be:af:d0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 11 15:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c87f55b82557cadd70463ca24a5ed44886dd7c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:41:6c:2f:36:16:6e:4a:1d:dd:41:e6:e1:
4f:8b:80:2d:d5:9d:57:7d:14:7f:94:a9:77:89:ad:
fa:06:8e:d7:bc:4e:aa:97:a6:ff:df:fa:fd:d2:a9:
99:b5:a0:b3:bb:fd:e4:53:6f:d3:0b:6b:00:80:ea:
e8:50:a9:1e:80:91:de:91:7c:29:c8:55:16:b3:c3:
a2:f4:fa:7c:8a:9b:32:72:27:fa:77:bc:5f:c2:52:
30:89:dd:c6:52:d3:d8:8e:01:ba:57:c5:a1:cc:a7:
09:20:03:16:91:52:0a:4e:37:47:5c:5c:36:33:e6:
83:7c:9e:35:24:cc:9c:e0:67:53:75:64:ec:89:b3:
aa:5e:19:c7:63:9e:a7:9e:8e:06:a8:9a:fa:53:95:
f4:1d:78:3a:14:8d:b1:91:9a:72:97:27:a2:85:04:
55:75:8e:c3:25:56:e5:55:a7:1d:50:0f:00:e5:d3:
f7:98:d8:6c:59:1a:11:fd:6d:34:c5:8f:a0:f4:57:
e1:cb:f3:ef:af:52:18:67:92:e0:90:a5:5a:4a:52:
40:15:84:84:9a:9f:b0:81:49:9f:7f:5d:ef:fe:29:
e0:77:fe:9f:b1:0d:ce:f8:e4:06:88:ce:39:7d:d3:
0b:75:16:25:f9:97:d4:fc:8e:3e:3b:18:55:5a:e2:
27:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7F:55:B8:25:57:CA:DD:70:46:3C:A2:4A:5E:D4:48:86:DD:7C:5A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yH9VuCVXyt1wRjyiSl7USIbdfFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.145.0/24
77.90.154.0/24
77.90.188.0/24
185.230.15.0/24
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8a:d6:0d:50:08:c5:19:16:88:d4:1e:2d:43:1f:f4:56:fa:
9d:bc:d0:11:18:8a:82:8e:26:38:a1:a9:7c:67:37:5e:c0:00:
06:54:44:26:0d:9f:1a:19:13:da:f6:9d:89:2d:65:84:8a:50:
d8:6c:6a:a9:76:0c:fd:45:80:c8:8e:b2:8c:dd:6b:51:16:8b:
07:9a:7f:c2:70:16:90:ad:45:99:e9:ab:ca:23:65:ea:5e:4b:
4e:78:28:72:61:9b:79:bd:54:b5:ea:66:a1:b7:4a:c3:25:85:
0e:26:d6:a9:97:99:73:46:ab:8a:40:fb:fc:30:6a:ab:1d:61:
3d:7a:39:24:08:ec:41:57:ba:28:89:51:b5:4d:a3:51:7c:a3:
2a:29:e3:23:db:12:f1:26:95:f3:c1:22:7c:3b:4e:a3:a8:42:
01:b9:24:c1:d4:00:d9:03:f1:33:09:54:a5:65:e1:67:88:ac:
0c:b2:fb:6d:09:6e:9e:e9:dd:b9:c2:7a:a4:be:1d:2f:f5:20:
49:6d:98:09:f7:51:10:57:9b:e5:8d:81:53:4e:d7:61:6b:dc:
0f:76:36:ea:dc:ec:af:1c:5f:1c:46:e4:69:b6:35:1f:12:98:
de:c0:48:12:3a:ae:da:57:fe:61:a2:63:30:0c:07:0f:b6:c7:
18:b7:7a:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZAH5NDdWr89z7wuKXW+r9AkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjExMTUyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdmNTViODI1NTdjYWRkNzA0NjNjYTI0YTVlZDQ0ODg2ZGQ3YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTlBbC82Fm5KHd1B5uFPi4At1Z1X
fRR/lKl3ia36Bo7XvE6ql6b/3/r90qmZtaCzu/3kU2/TC2sAgOroUKkegJHekXwp
yFUWs8Oi9Pp8ipsycif6d7xfwlIwid3GUtPYjgG6V8WhzKcJIAMWkVIKTjdHXFw2
M+aDfJ41JMyc4GdTdWTsibOqXhnHY56nno4GqJr6U5X0HXg6FI2xkZpylyeihQRV
dY7DJVblVacdUA8A5dP3mNhsWRoR/W00xY+g9Ffhy/Pvr1IYZ5LgkKVaSlJAFYSE
mp+wgUmff13v/ingd/6fsQ3O+OQGiM45fdMLdRYl+ZfU/I4+OxhVWuInMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMh/VbglV8rdcEY8okpe1EiG3XxaMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveUg5VnVDVlh5dDF3Ump5aVNsN1VTSWJkZkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqRAwQA
TVqaAwQATVq8AwQAueYPAwQA1dGBMA0GCSqGSIb3DQEBCwUAA4IBAQAFitYNUAjF
GRaI1B4tQx/0VvqdvNARGIqCjiY4oal8ZzdewAAGVEQmDZ8aGRPa9p2JLWWEilDY
bGqpdgz9RYDIjrKM3WtRFosHmn/CcBaQrUWZ6avKI2XqXktOeChyYZt5vVS16mah
t0rDJYUOJtapl5lzRquKQPv8MGqrHWE9ejkkCOxBV7ooiVG1TaNRfKMqKeMj2xLx
JpXzwSJ8O06jqEIBuSTB1ADZA/EzCVSlZeFniKwMsvttCW6e6d25wnqkvh0v9SBJ
bZgJ91EQV5vljYFTTtdha9wPdjbq3OyvHF8cRuRptjUfEpjewEgSOq7aV/5homMw
DAcPtscYt3qp
-----END CERTIFICATE-----
Generated at Wed Jul 10 12:35:03 2024 by rpki-client on console-ams.rpki-client.org