Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1jMdVOmtkdRIlTyb3J_tMG8Y6R0.roa
File: 1jMdVOmtkdRIlTyb3J_tMG8Y6R0.roa (raw, json)
Hash identifier: 1NZShjH1/OkvCEP1gN5LSgrrXjSv7Yr7i1u7A4+Pgms=
Subject key identifier: D6:33:1D:54:E9:AD:91:D4:48:95:3C:9B:DC:9F:ED:30:6F:18:E9:1D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0187DB975E0A6C10C113B9C69AE0FD4B3BFA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1jMdVOmtkdRIlTyb3J_tMG8Y6R0.roa
Signing time: Tue 02 May 2023 08:32:22 +0000
ROA not before: Tue 02 May 2023 08:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.130.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 04 May 2023 14:54:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:97:5e:0a:6c:10:c1:13:b9:c6:9a:e0:fd:4b:3b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 2 08:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6331d54e9ad91d448953c9bdc9fed306f18e91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:60:63:b5:7e:d0:4e:84:e6:c8:86:17:ff:65:
37:87:8a:4a:e4:50:05:db:56:6e:ae:c2:fd:ba:b0:
69:5f:91:e7:be:91:fe:6a:44:f9:d8:99:28:df:46:
75:25:9b:68:2e:bb:07:41:99:5a:c0:0b:26:90:8c:
55:c3:54:a8:81:b2:2d:00:06:41:77:e9:a2:6b:96:
ad:9e:8c:7c:e5:70:e9:6a:b3:94:70:9b:0d:a6:4e:
73:6c:90:14:36:e2:fd:cf:e7:00:4f:42:dd:e7:66:
57:c2:2d:eb:df:24:11:88:8f:af:4b:d6:fd:a9:f0:
ea:a2:5a:19:a3:e7:cb:20:60:1f:d6:fc:b9:b5:ac:
ee:74:0c:d5:11:34:a1:86:c9:40:01:88:8f:24:da:
5f:66:83:ee:db:d3:67:fb:56:e8:7e:57:65:79:c1:
2d:8f:02:72:83:3e:82:ad:4c:46:eb:ae:86:ee:07:
af:df:dc:22:bf:5d:a7:6f:4a:d5:38:35:55:34:92:
6a:17:34:6c:6b:91:a1:61:41:01:71:cf:af:79:c5:
6a:0c:16:67:dd:4c:ca:0d:da:8b:bf:8d:cb:89:d9:
1b:7a:4e:0b:8d:79:b0:11:b4:2f:7b:18:17:f0:d1:
f0:2a:c9:d4:b6:ba:31:ba:aa:11:b9:b6:49:4c:4e:
77:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:33:1D:54:E9:AD:91:D4:48:95:3C:9B:DC:9F:ED:30:6F:18:E9:1D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/1jMdVOmtkdRIlTyb3J_tMG8Y6R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.130.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
ab:59:3b:4b:c6:0a:1e:01:e2:9d:51:d9:5f:c6:91:aa:f9:00:
0a:9f:14:25:cc:7e:f7:d5:91:61:6c:a4:26:2a:a0:61:21:4b:
3c:90:d5:aa:2e:21:93:09:df:cf:b0:1e:15:ee:93:5e:08:50:
90:a4:e9:4f:30:f2:35:4b:0c:40:ef:db:f9:c8:78:c4:5d:be:
6c:1c:3e:ee:11:e4:7d:15:f4:3e:67:b8:b2:25:2a:0b:c5:b3:
cc:d1:ce:29:0e:ec:5f:e4:ae:ba:b8:c3:3a:02:e0:15:80:6c:
1a:b6:45:5b:ea:96:f8:be:7d:92:d4:77:e6:2c:88:06:b6:0c:
22:66:e2:ef:c1:6f:81:b8:d3:73:64:69:99:e7:69:8f:2f:ac:
cf:01:14:0c:91:df:54:90:8a:db:08:7a:2e:27:3b:c4:27:aa:
2e:d4:94:13:5b:c6:91:01:88:28:f6:24:ed:be:e0:19:92:0b:
0a:55:b3:13:26:6b:7b:ef:93:2d:1f:91:e3:97:9c:42:1a:be:
3c:95:32:de:83:af:6b:15:97:60:2f:c6:1f:16:d3:7b:c0:dd:
0e:fd:c4:8a:44:d8:78:87:7a:b7:da:5b:2a:af:f2:e2:16:c4:
44:e8:bb:ef:d0:2a:f6:e6:d6:f6:af:68:42:84:1b:20:45:4b:
db:35:d2:30
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYfbl14KbBDBE7nGmuD9Szv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNTAyMDgzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjMzMWQ1NGU5YWQ5MWQ0NDg5NTNjOWJkYzlmZWQzMDZmMThlOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGBjtX7QToTmyIYX/2U3h4pK5FAF
21ZursL9urBpX5HnvpH+akT52Jko30Z1JZtoLrsHQZlawAsmkIxVw1SogbItAAZB
d+mia5atnox85XDparOUcJsNpk5zbJAUNuL9z+cAT0Ld52ZXwi3r3yQRiI+vS9b9
qfDqoloZo+fLIGAf1vy5tazudAzVETShhslAAYiPJNpfZoPu29Nn+1bofldlecEt
jwJygz6CrUxG666G7gev39wiv12nb0rVODVVNJJqFzRsa5GhYUEBcc+vecVqDBZn
3UzKDdqLv43Lidkbek4LjXmwEbQvexgX8NHwKsnUtroxuqoRubZJTE53hQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFNYzHVTprZHUSJU8m9yf7TBvGOkdMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMWpNZFZPbXRrZFJJbFR5YjNKX3RNRzhZNlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBADV0YIDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3
DQEBCwUAA4IBAQCrWTtLxgoeAeKdUdlfxpGq+QAKnxQlzH731ZFhbKQmKqBhIUs8
kNWqLiGTCd/PsB4V7pNeCFCQpOlPMPI1SwxA79v5yHjEXb5sHD7uEeR9FfQ+Z7iy
JSoLxbPM0c4pDuxf5K66uMM6AuAVgGwatkVb6pb4vn2S1HfmLIgGtgwiZuLvwW+B
uNNzZGmZ52mPL6zPARQMkd9UkIrbCHouJzvEJ6ou1JQTW8aRAYgo9iTtvuAZkgsK
VbMTJmt775MtH5Hjl5xCGr48lTLeg69rFZdgL8YfFtN7wN0O/cSKRNh4h3q32lsq
r/LiFsRE6Lvv0Cr25tb2r2hChBsgRUvbNdIw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org