Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3R8tmGGiu8UbmU6GFdMUmWNT1G4.roa
File: 3R8tmGGiu8UbmU6GFdMUmWNT1G4.roa (raw, json)
Hash identifier: ksHOoroMQIQr9JsjmXbdpK9aWcd0A3yTpCjpJ0c2YAQ=
Subject key identifier: DD:1F:2D:98:61:A2:BB:C5:1B:99:4E:86:15:D3:14:99:63:53:D4:6E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B67133D2AAEE6BEA27D769CB37746F63C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3R8tmGGiu8UbmU6GFdMUmWNT1G4.roa
Signing time: Wed 25 Oct 2023 13:43:15 +0000
ROA not before: Wed 25 Oct 2023 13:43:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:13:3d:2a:ae:e6:be:a2:7d:76:9c:b3:77:46:f6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 25 13:43:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1f2d9861a2bbc51b994e8615d314996353d46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:9e:d1:d7:e5:4f:aa:c7:1f:3e:ad:3f:5d:
24:4f:c1:52:01:14:e2:1a:5b:b4:39:89:a3:63:64:
6e:30:61:55:85:a4:ff:3c:a7:64:79:ed:1d:70:e0:
b0:68:53:6e:b7:4e:14:fc:f8:18:be:1b:43:c6:d1:
8a:45:a8:de:95:09:1f:f9:34:47:77:38:65:c0:00:
fb:48:39:da:19:63:20:95:b7:30:2d:b1:57:52:19:
32:c3:9d:d9:ac:e8:43:88:d9:19:d4:34:e5:79:fd:
66:3d:e0:a1:27:73:27:83:5f:f6:08:f2:68:d5:89:
ff:2a:da:62:c9:b3:14:01:e4:d5:8b:f2:ac:f4:89:
f2:b2:78:2a:51:68:b6:da:77:1e:84:04:0b:fa:a2:
11:ae:4d:3c:75:e9:7d:70:b0:58:e6:0e:14:26:8e:
c4:f9:4a:31:2c:94:88:a2:d1:81:9a:9a:63:b9:a9:
c8:88:10:66:cc:af:6b:7e:f5:ae:6d:55:5e:d7:f1:
15:d4:0d:1f:5e:0e:dc:a7:dc:51:d8:da:50:46:4f:
b3:c9:c6:2b:8a:8f:70:34:53:ae:bc:e6:36:56:7c:
9b:c1:22:9b:85:51:3a:70:46:c7:fa:3e:e4:97:57:
1f:4c:c9:1b:f1:7a:31:31:a0:68:72:b9:e5:7a:7c:
94:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1F:2D:98:61:A2:BB:C5:1B:99:4E:86:15:D3:14:99:63:53:D4:6E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3R8tmGGiu8UbmU6GFdMUmWNT1G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
185.230.14.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
04:c1:51:0a:a1:c0:ce:07:c0:10:c9:5b:30:ae:08:3b:82:46:
9f:b9:0f:4f:19:a4:bf:ec:12:83:a2:89:b2:f4:f7:e7:8a:d9:
80:b9:15:1e:be:73:3d:d3:6c:08:5a:10:fa:43:31:5c:ce:8c:
85:5c:86:c9:27:5c:8a:69:d1:b8:ea:36:93:85:bd:81:f3:9a:
3f:e5:b4:c5:f6:f7:0b:44:2c:53:b4:97:5b:6f:dc:e0:08:dd:
b1:8a:07:db:8b:9a:43:8d:a6:6c:37:22:5a:f8:24:2f:5d:78:
63:75:16:19:84:63:2f:7d:44:84:d4:5b:45:75:5c:af:40:f4:
00:54:10:7a:9e:99:ec:b3:fd:ec:fd:ef:b9:73:73:9c:06:56:
55:2c:93:7f:26:47:1a:6d:35:99:00:d0:fa:b7:bd:84:3c:41:
5d:27:3b:a8:4c:6c:72:2e:6c:82:cd:07:2f:53:ac:29:bf:03:
ea:89:c1:15:ee:e1:f4:88:9e:52:6a:27:21:ef:c2:f4:83:4c:
41:af:52:a9:fc:93:52:b6:dd:6b:d1:1f:72:98:0a:07:94:d9:
2e:75:8e:83:0e:46:4a:23:ad:26:a8:64:c1:91:f8:80:7a:da:
b7:a5:23:52:f7:96:8e:8c:02:dc:bb:f9:8f:2e:fc:30:46:a7:
bb:ad:63:40
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYtnEz0qrua+on12nLN3RvY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI1MTM0MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFmMmQ5ODYxYTJiYmM1MWI5OTRlODYxNWQzMTQ5OTYzNTNkNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvOe0dflT6rHHz6tP10kT8FSARTi
Glu0OYmjY2RuMGFVhaT/PKdkee0dcOCwaFNut04U/PgYvhtDxtGKRajelQkf+TRH
dzhlwAD7SDnaGWMglbcwLbFXUhkyw53ZrOhDiNkZ1DTlef1mPeChJ3Mng1/2CPJo
1Yn/KtpiybMUAeTVi/Ks9InysngqUWi22ncehAQL+qIRrk08del9cLBY5g4UJo7E
+UoxLJSIotGBmppjuanIiBBmzK9rfvWubVVe1/EV1A0fXg7cp9xR2NpQRk+zycYr
io9wNFOuvOY2VnybwSKbhVE6cEbH+j7kl1cfTMkb8XoxMaBocrnlenyUUwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFN0fLZhhorvFG5lOhhXTFJljU9RuMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvM1I4dG1HR2l1OFVibVU2R0ZkTVVtV05UMUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1alAME
ALnmDgMEANXRigMEANXRkQMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAATBUQqhwM4HwBDJWzCuCDuCRp+5D08ZpL/s
EoOiibL09+eK2YC5FR6+cz3TbAhaEPpDMVzOjIVchsknXIpp0bjqNpOFvYHzmj/l
tMX29wtELFO0l1tv3OAI3bGKB9uLmkONpmw3Ilr4JC9deGN1FhmEYy99RITUW0V1
XK9A9ABUEHqemeyz/ez977lzc5wGVlUsk38mRxptNZkA0Pq3vYQ8QV0nO6hMbHIu
bILNBy9TrCm/A+qJwRXu4fSInlJqJyHvwvSDTEGvUqn8k1K23WvRH3KYCgeU2S51
joMORkojrSaoZMGR+IB62relI1L3lo6MAty7+Y8u/DBGp7utY0A=
-----END CERTIFICATE-----
Generated at Sun Oct 29 19:05:54 2023 by rpki-client on console-ams.rpki-client.org