Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-mbmWRLTOwUvtK9lPU241tqxjrk.roa
File: 1-mbmWRLTOwUvtK9lPU241tqxjrk.roa (raw, json)
Hash identifier: HX36AS9tGu4RS2Ro+hQsraneWAi11RNj+N4aP6vFyXI=
Subject key identifier: FA:66:E6:59:12:D3:3B:05:2F:B4:AF:65:3D:4D:B8:D6:DA:B1:8E:B9
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F0C10A5CBA19C68A0D4A211088671A35B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-mbmWRLTOwUvtK9lPU241tqxjrk.roa
Signing time: Tue 23 Apr 2024 17:46:08 +0000
ROA not before: Tue 23 Apr 2024 17:46:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 09:18:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:10:a5:cb:a1:9c:68:a0:d4:a2:11:08:86:71:a3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 23 17:46:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa66e65912d33b052fb4af653d4db8d6dab18eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:ba:19:44:64:4d:c9:76:17:03:54:23:c8:
95:c0:43:c9:5e:1b:98:fe:c0:d7:74:69:74:cb:d3:
33:bc:1c:5b:c4:2f:a2:c6:a6:76:07:dd:87:a8:fe:
9b:c0:c5:fe:36:70:cb:6a:50:cc:f3:d4:15:d3:51:
c5:69:2b:95:59:3e:d7:b1:35:e7:14:63:44:6e:e8:
f0:ff:c4:62:55:ed:5a:79:b5:d0:d9:d3:88:cb:ca:
f9:f5:a8:79:76:46:80:11:81:aa:92:37:d0:55:ac:
af:a9:6e:ad:43:e1:e2:1e:8f:90:6f:84:e3:8a:48:
3c:94:c6:35:82:28:1f:14:27:5b:25:4d:c2:c2:ed:
6b:a1:50:8a:4b:b6:1d:bd:65:44:f3:7c:d4:06:44:
76:f6:95:a8:1c:a7:9d:7c:33:61:fa:1c:20:78:74:
4d:d5:f6:ff:b2:92:88:43:11:c3:3a:e7:7d:b7:a4:
ab:c5:5e:f8:9d:1d:4e:6a:65:60:26:f7:5c:ed:60:
76:99:81:e3:b5:79:fa:ce:3b:72:5a:26:2b:2f:ad:
6c:aa:05:09:8d:7e:ff:7b:e6:76:d2:2f:4d:b0:20:
22:27:73:d1:ac:d7:eb:f8:a8:5d:2c:fb:b8:5f:d0:
b1:ed:c9:ce:9b:b7:e6:2e:2c:f9:d2:9a:ba:72:fa:
a3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:66:E6:59:12:D3:3B:05:2F:B4:AF:65:3D:4D:B8:D6:DA:B1:8E:B9
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1-mbmWRLTOwUvtK9lPU241tqxjrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
01:52:f1:45:eb:f4:65:c3:2c:1e:16:01:eb:f4:8e:72:76:27:
ea:a2:cd:ab:c6:bd:16:e3:f1:5b:cf:8f:8e:14:ba:66:8d:18:
28:4a:03:85:28:b3:92:58:fa:c2:e2:58:d6:81:46:7b:17:4a:
d5:fe:24:5c:f2:c7:48:79:1f:71:61:88:6a:9d:ff:15:d7:fc:
d5:aa:a9:d3:97:0b:39:a1:50:76:13:69:c4:64:ef:39:e8:11:
17:fb:d6:d4:6b:79:b4:51:14:e1:ac:2f:9a:b1:cf:0b:07:e8:
da:19:65:3c:bf:53:f1:13:81:42:59:59:2f:49:cb:52:f7:ca:
6e:48:ce:a4:77:75:47:c7:4d:a0:6b:fd:2c:9d:59:94:c0:32:
78:cd:0b:0d:39:51:26:fc:e7:97:09:0b:af:c3:9d:c5:22:16:
6a:76:69:bc:e9:15:8e:d4:b8:99:ab:15:4b:0f:20:ce:45:c0:
6d:22:a8:dc:17:8b:19:40:23:26:a4:16:63:9e:13:6a:9a:49:
b9:3f:ac:77:50:d8:d4:bc:72:3b:7a:d5:e9:a9:fa:f4:c5:cf:
f1:53:42:71:b5:cb:49:0f:81:d9:9b:16:6c:35:9d:2a:d4:7f:
ba:58:69:9f:07:63:bc:eb:89:84:b3:d2:e5:83:ea:7a:9b:b9:
30:24:7b:41
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAY8MEKXLoZxooNSiEQiGcaNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNDIzMTc0NjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY2ZTY1OTEyZDMzYjA1MmZiNGFmNjUzZDRkYjhkNmRhYjE4ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDS6GURkTcl2FwNUI8iVwEPJXhuY
/sDXdGl0y9MzvBxbxC+ixqZ2B92HqP6bwMX+NnDLalDM89QV01HFaSuVWT7XsTXn
FGNEbujw/8RiVe1aebXQ2dOIy8r59ah5dkaAEYGqkjfQVayvqW6tQ+HiHo+Qb4Tj
ikg8lMY1gigfFCdbJU3Cwu1roVCKS7YdvWVE83zUBkR29pWoHKedfDNh+hwgeHRN
1fb/spKIQxHDOud9t6SrxV74nR1OamVgJvdc7WB2mYHjtXn6zjtyWiYrL61sqgUJ
jX7/e+Z20i9NsCAiJ3PRrNfr+KhdLPu4X9Cx7cnOm7fmLiz50pq6cvqjowIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFPpm5lkS0zsFL7SvZT1NuNbasY65MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMS1tYm1XUkxUT3dVdnRLOWxQVTI0MXRxeGpyay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEw
MS8xL08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjQYIKwYBBQUHAQcBAf8EfjB8MGQEAgABMF4wDAMEB01a
gAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAw
DAMEAU1akgMEAE1alDAMAwQAueYNAwQAueYOAwQA1dGKAwQA1dGRMBQEAgACMA4D
BQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAAVLxRev0ZcMsHhYB6/SO
cnYn6qLNq8a9FuPxW8+PjhS6Zo0YKEoDhSizklj6wuJY1oFGexdK1f4kXPLHSHkf
cWGIap3/Fdf81aqp05cLOaFQdhNpxGTvOegRF/vW1Gt5tFEU4awvmrHPCwfo2hll
PL9T8ROBQllZL0nLUvfKbkjOpHd1R8dNoGv9LJ1ZlMAyeM0LDTlRJvznlwkLr8Od
xSIWanZpvOkVjtS4masVSw8gzkXAbSKo3BeLGUAjJqQWY54TappJuT+sd1DY1Lxy
O3rV6an69MXP8VNCcbXLSQ+B2ZsWbDWdKtR/ulhpnwdjvOuJhLPS5YPqepu5MCR7
QQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org