Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2zmg0TB2n-7jIixFgPS-zADXfuE.roa
File: 2zmg0TB2n-7jIixFgPS-zADXfuE.roa (raw, json)
Hash identifier: 07KCzo+DkCfHiC0sR0CKAbDk1O8EXRtup90/RxLkSLU=
Subject key identifier: DB:39:A0:D1:30:76:9F:EE:E3:22:2C:45:80:F4:BE:CC:00:D7:7E:E1
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A4D8A00FDB114F9F80210B62B119125F8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2zmg0TB2n-7jIixFgPS-zADXfuE.roa
Signing time: Thu 31 Aug 2023 21:40:04 +0000
ROA not before: Thu 31 Aug 2023 21:40:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Sat 09 Sep 2023 09:25:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:8a:00:fd:b1:14:f9:f8:02:10:b6:2b:11:91:25:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 31 21:40:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db39a0d130769feee3222c4580f4becc00d77ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:07:aa:f7:a5:25:79:4d:ac:dd:f9:bc:82:
90:50:97:e3:67:de:45:53:cd:a6:e7:5e:bd:03:67:
2e:a3:9a:2a:ae:62:d0:0f:37:b3:93:13:cd:b1:da:
da:0f:48:96:54:03:40:bb:f2:1b:d7:78:2e:1d:a1:
b1:83:21:bb:2a:e3:12:4b:8a:76:b4:c3:26:4c:ee:
c1:31:e9:68:f9:1c:bb:9d:91:ae:e2:ab:39:09:08:
e6:08:3c:b8:31:ca:69:26:1f:7e:99:08:94:a5:36:
a5:d8:81:b6:64:3c:f3:5e:56:b6:19:0e:df:81:20:
a0:db:e1:66:3f:52:3e:b5:eb:47:c0:57:43:61:dd:
39:fc:60:38:ea:d5:df:82:55:ec:16:b7:82:1f:25:
9e:7a:6e:5d:be:93:31:5a:55:80:88:bd:77:a9:29:
e7:91:c4:1a:1a:f6:5d:b4:30:e0:6e:c0:f0:37:93:
57:b8:3c:84:65:e5:67:60:ce:4a:a9:29:f1:f3:79:
5a:b7:d6:a3:a4:9f:ab:da:c3:92:b1:e8:2a:51:a1:
a0:a7:5c:d1:79:58:9d:8a:d2:13:f8:cd:e9:c0:53:
52:ff:c2:75:78:7f:f1:56:73:35:4a:e0:6d:85:88:
80:ef:9e:84:89:10:7a:85:cc:0a:d2:10:96:2b:f6:
19:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:39:A0:D1:30:76:9F:EE:E3:22:2C:45:80:F4:BE:CC:00:D7:7E:E1
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/2zmg0TB2n-7jIixFgPS-zADXfuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.146.0/24
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
7c:1c:4e:6a:ba:e3:29:6c:65:4f:31:06:31:66:75:fe:74:56:
ee:b0:44:38:6b:21:d7:e7:c6:1a:09:1d:43:82:af:37:8a:75:
68:fa:aa:73:40:c0:19:42:74:9e:31:af:9c:a4:45:c7:a4:c5:
52:48:dc:5c:60:7c:29:ea:ef:a7:80:e7:f3:62:e8:23:2e:31:
ca:97:42:90:b2:61:d5:b5:d5:9c:f9:bd:1d:c9:aa:e1:88:53:
61:67:c2:dd:60:94:ee:3a:67:b3:52:32:39:5d:a9:e7:52:4a:
e4:e2:73:d2:a9:9c:e6:fd:e2:9f:40:7a:fd:39:91:ab:64:30:
1d:be:ec:db:a6:89:f6:a6:e2:b8:75:5e:9c:83:73:06:64:e3:
bd:d1:e4:c7:53:1e:a0:2a:bf:f7:25:c0:b4:e9:ce:ff:91:80:
73:60:9f:3f:de:7c:b0:9d:78:00:2f:fc:28:80:7d:df:1e:34:
93:b6:36:93:bf:a0:3f:7a:be:a2:e4:6a:35:65:c4:d9:b3:c4:
72:25:27:c4:38:a9:db:b6:fe:6f:2d:fc:3f:a2:1f:a1:c0:22:
d3:1b:78:74:a5:5a:91:12:c4:b1:1c:77:0b:2c:36:ee:15:bb:
cb:b5:21:25:ea:80:cd:05:df:61:b3:ba:76:a1:86:67:d0:0c:
4b:1b:9e:54
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYpNigD9sRT5+AIQtisRkSX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODMxMjE0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM5YTBkMTMwNzY5ZmVlZTMyMjJjNDU4MGY0YmVjYzAwZDc3ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkIHqvelJXlNrN35vIKQUJfjZ95F
U82m5169A2cuo5oqrmLQDzezkxPNsdraD0iWVANAu/Ib13guHaGxgyG7KuMSS4p2
tMMmTO7BMelo+Ry7nZGu4qs5CQjmCDy4McppJh9+mQiUpTal2IG2ZDzzXla2GQ7f
gSCg2+FmP1I+tetHwFdDYd05/GA46tXfglXsFreCHyWeem5dvpMxWlWAiL13qSnn
kcQaGvZdtDDgbsDwN5NXuDyEZeVnYM5KqSnx83lat9ajpJ+r2sOSsegqUaGgp1zR
eViditIT+M3pwFNS/8J1eH/xVnM1SuBthYiA756EiRB6hcwK0hCWK/YZUwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFNs5oNEwdp/u4yIsRYD0vswA137hMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvMnptZzBUQjJuLTdqSWl4RmdQUy16QURYZnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRigMEANXRkgMEANXRlgME
ANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAHwc
Tmq64ylsZU8xBjFmdf50Vu6wRDhrIdfnxhoJHUOCrzeKdWj6qnNAwBlCdJ4xr5yk
RcekxVJI3FxgfCnq76eA5/Ni6CMuMcqXQpCyYdW11Zz5vR3JquGIU2Fnwt1glO46
Z7NSMjldqedSSuTic9KpnOb94p9Aev05katkMB2+7Numifam4rh1XpyDcwZk473R
5MdTHqAqv/clwLTpzv+RgHNgnz/efLCdeAAv/CiAfd8eNJO2NpO/oD96vqLkajVl
xNmzxHIlJ8Q4qdu2/m8t/D+iH6HAItMbeHSlWpESxLEcdwssNu4Vu8u1ISXqgM0F
32GzunahhmfQDEsbnlQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org