Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2soBE6rY0VRzdq_Tpq0MJvzPQAs.roa
File: 2soBE6rY0VRzdq_Tpq0MJvzPQAs.roa (raw, json)
Hash identifier: znuBPCxR0HafKsdLZH9dxfmf+cNMNHs4S2BcYbF67vQ=
Subject key identifier: DA:CA:01:13:AA:D8:D1:54:73:76:AF:D3:A6:AD:0C:26:FC:CF:40:0B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AB6FCD3DDEF7BAEE2E17F65C29A594B37
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2soBE6rY0VRzdq_Tpq0MJvzPQAs.roa
Signing time: Thu 21 Sep 2023 09:05:37 +0000
ROA not before: Thu 21 Sep 2023 09:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Sat 23 Sep 2023 09:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:fc:d3:dd:ef:7b:ae:e2:e1:7f:65:c2:9a:59:4b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 21 09:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daca0113aad8d1547376afd3a6ad0c26fccf400b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:08:6e:44:30:23:a5:96:15:0b:22:bb:48:
83:97:41:43:54:a6:1e:fe:6b:08:98:5e:3d:7e:3c:
40:5c:9c:49:14:ba:43:f5:8e:8f:a5:4c:3d:a7:e9:
03:75:15:32:ce:05:f8:47:29:58:30:70:81:8e:b8:
5a:98:02:9e:0d:a1:d5:f0:52:b0:67:22:e4:3f:96:
ec:20:60:14:d6:82:e6:0c:39:5d:80:86:0a:76:5d:
bc:57:4f:ef:c0:8e:6e:67:5e:a3:37:90:d6:67:04:
c8:df:1b:64:eb:ea:5f:71:93:0e:44:5f:9e:25:61:
31:92:ce:df:0a:24:a0:c8:ee:4b:33:30:ab:88:6e:
22:d3:cb:27:a5:36:59:19:d9:27:bb:53:b7:d4:23:
3a:8e:d9:0c:d3:89:88:9c:69:d5:00:29:e8:6e:ef:
59:2c:a9:aa:f0:f5:3d:2a:b5:98:8d:e0:4e:39:40:
5c:e2:8d:c7:c4:3d:8a:ec:4b:87:0e:0c:7b:83:57:
13:31:19:3a:44:63:bd:16:79:64:e3:02:fc:51:31:
d6:35:ad:87:b8:bb:3f:3a:97:f2:45:f3:74:43:83:
97:85:5a:cb:73:71:60:6c:a4:58:8f:02:b5:14:9e:
62:db:d5:72:fa:30:cd:a5:54:14:cf:52:ca:a7:16:
f8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CA:01:13:AA:D8:D1:54:73:76:AF:D3:A6:AD:0C:26:FC:CF:40:0B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2soBE6rY0VRzdq_Tpq0MJvzPQAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
39:3e:f6:02:d2:69:6a:77:4a:c0:97:ed:02:d1:50:6f:09:26:
74:4c:5d:4b:ed:eb:6e:6f:d8:95:48:6e:02:74:11:6c:18:b3:
54:81:5d:dd:36:67:83:19:8d:0b:2c:9d:33:0a:ee:84:43:02:
d7:aa:c0:9a:0d:7c:84:d0:b4:f0:8d:62:78:ed:2a:7b:c9:45:
a1:67:84:c8:d6:db:e7:b4:01:6d:64:f8:42:3f:a6:c2:e4:ed:
e0:16:24:0e:de:0d:49:41:17:56:d6:47:3e:7b:05:ea:39:d2:
2d:79:8f:8f:54:91:45:33:98:37:b6:08:5c:16:2d:fd:79:78:
1a:e7:c5:64:7e:9f:5d:b3:fc:bc:89:a9:1a:aa:06:99:28:8e:
d0:06:36:16:af:56:5f:aa:0b:52:c4:82:63:27:68:f6:f7:15:
30:4d:ff:b4:e2:21:23:5d:d0:3d:49:ae:6f:a3:af:9d:82:16:
a3:fe:d0:df:b6:c2:b2:2e:f1:1f:67:d2:bc:f5:e2:c1:bc:d6:
69:46:83:09:94:3f:38:8f:66:ba:d4:f5:b1:e9:d2:73:29:78:
4e:c3:cc:67:dc:63:3d:03:e5:88:fd:60:e6:7a:77:b0:ed:df:
bc:35:f7:69:67:db:79:57:9f:40:ed:15:31:92:09:fc:5b:1b:
b8:ac:50:d4
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYq2/NPd73uu4uF/ZcKaWUs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTIxMDkwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNhMDExM2FhZDhkMTU0NzM3NmFmZDNhNmFkMGMyNmZjY2Y0MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR0IbkQwI6WWFQsiu0iDl0FDVKYe
/msImF49fjxAXJxJFLpD9Y6PpUw9p+kDdRUyzgX4RylYMHCBjrhamAKeDaHV8FKw
ZyLkP5bsIGAU1oLmDDldgIYKdl28V0/vwI5uZ16jN5DWZwTI3xtk6+pfcZMORF+e
JWExks7fCiSgyO5LMzCriG4i08snpTZZGdknu1O31CM6jtkM04mInGnVACnobu9Z
LKmq8PU9KrWYjeBOOUBc4o3HxD2K7EuHDgx7g1cTMRk6RGO9Fnlk4wL8UTHWNa2H
uLs/OpfyRfN0Q4OXhVrLc3FgbKRYjwK1FJ5i29Vy+jDNpVQUz1LKpxb42QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFNrKAROq2NFUc3av06atDCb8z0ALMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMnNvQkU2clkwVlJ6ZHFfVHBxME1KdnpQUUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEBLnmAAMEANXRigMEANXRjwMEANXRkgME
ANXRlgMEANXRnQMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBADk+9gLSaWp3SsCX7QLRUG8JJnRMXUvt625v2JVIbgJ0EWwYs1SB
Xd02Z4MZjQssnTMK7oRDAteqwJoNfITQtPCNYnjtKnvJRaFnhMjW2+e0AW1k+EI/
psLk7eAWJA7eDUlBF1bWRz57Beo50i15j49UkUUzmDe2CFwWLf15eBrnxWR+n12z
/LyJqRqqBpkojtAGNhavVl+qC1LEgmMnaPb3FTBN/7TiISNd0D1Jrm+jr52CFqP+
0N+2wrIu8R9n0rz14sG81mlGgwmUPziPZrrU9bHp0nMpeE7DzGfcYz0D5Yj9YOZ6
d7Dt37w192ln23lXn0DtFTGSCfxbG7isUNQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org