Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4IKG-Rn9y2pkhuKeHmqhu5BiRDc.roa
File: 4IKG-Rn9y2pkhuKeHmqhu5BiRDc.roa (raw, json)
Hash identifier: UwSBUcnFefs+CQ9yn0JH9ttJZsOwJ116qxDlU27NA3Y=
Subject key identifier: E0:82:86:F9:19:FD:CB:6A:64:86:E2:9E:1E:6A:A1:BB:90:62:44:37
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01908D3C02BA0FB0F43BCCD073DAB86E2F05
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4IKG-Rn9y2pkhuKeHmqhu5BiRDc.roa
Signing time: Sun 07 Jul 2024 12:47:18 +0000
ROA not before: Sun 07 Jul 2024 12:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jul 2024 10:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8d:3c:02:ba:0f:b0:f4:3b:cc:d0:73:da:b8:6e:2f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 7 12:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e08286f919fdcb6a6486e29e1e6aa1bb90624437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b1:4c:f6:43:c0:04:ef:27:dd:59:20:56:2b:
32:47:45:75:90:5c:04:ea:1e:48:a8:bc:41:53:0a:
fb:75:d6:32:b5:62:22:c2:ab:00:86:b2:7c:1b:c3:
76:de:33:76:4c:ba:05:e4:92:f0:2c:80:1a:73:7c:
f4:72:e0:e7:fc:d0:4e:e4:59:0e:25:6c:d4:cf:a4:
ed:5d:86:db:af:a2:5d:91:f3:78:b2:77:18:dd:19:
91:2f:5a:1d:d7:8c:7a:c4:ea:ff:cc:1d:51:6b:84:
d2:b5:5b:0a:b1:2c:6a:05:90:d9:61:fb:5c:90:24:
83:ef:b1:37:1b:79:44:6c:05:c4:f6:5d:92:e4:84:
41:78:6e:61:6d:84:1c:64:c7:8e:5e:f0:e1:ca:f5:
e7:f1:e1:93:f5:38:e3:79:79:cc:e7:92:9e:c7:36:
c8:aa:a0:4e:ca:2b:1a:71:72:c3:49:5a:b4:33:b7:
13:ca:fa:ea:c2:e8:b4:c5:db:93:b3:2e:d8:a4:75:
a1:66:d1:f7:30:7e:1c:36:45:c3:ef:4b:c2:38:56:
f5:d8:ce:f8:5a:53:4f:35:ba:66:27:3d:97:0e:54:
cb:58:ea:51:9c:2d:8d:7d:c2:71:da:ae:94:93:fe:
0e:bf:32:2f:c8:18:79:f2:af:db:08:56:03:21:91:
73:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:82:86:F9:19:FD:CB:6A:64:86:E2:9E:1E:6A:A1:BB:90:62:44:37
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/4IKG-Rn9y2pkhuKeHmqhu5BiRDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
72:ab:97:a3:dd:43:68:f5:a9:1a:29:68:cb:a8:c0:10:8a:24:
91:dc:de:af:6d:b8:5e:49:b4:b7:7f:43:63:89:f9:00:50:2b:
9d:5d:a9:06:80:2b:11:92:9b:4f:5f:bf:ad:14:8f:fd:3f:1b:
33:7b:24:ec:78:c9:1f:83:43:83:90:8f:05:bb:8a:d6:58:fb:
a6:15:e8:4d:25:39:b6:8a:06:b5:f8:c6:dc:0d:6a:c8:eb:14:
f1:d2:34:e9:7b:0e:15:bc:bf:db:c8:69:bb:c0:1f:be:88:81:
28:b3:0d:39:9b:e8:f5:2e:93:2f:db:01:a8:8d:61:4b:91:e0:
5a:1f:00:9c:e6:c1:78:65:b4:4e:e1:36:10:15:8e:21:1b:88:
fb:b3:f2:23:02:ca:cb:2d:54:48:59:15:09:44:24:e6:fe:24:
ec:09:46:3a:c7:d4:0a:ac:62:06:d8:61:23:6a:6e:0a:08:c5:
ad:d6:c6:03:af:fc:bd:1f:a9:a6:2c:34:30:b6:70:42:c4:2a:
97:67:5d:68:d3:39:c7:48:22:a1:c9:10:62:86:c6:b8:78:ae:
fc:b2:d7:ac:05:b4:aa:2d:ef:b8:c3:ab:75:13:a0:71:fe:a2:
5a:30:7d:0c:f6:ae:03:7c:a1:c0:8b:27:b9:6d:7c:05:99:33:
dc:94:21:28
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZCNPAK6D7D0O8zQc9q4bi8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNzA3MTI0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgyODZmOTE5ZmRjYjZhNjQ4NmUyOWUxZTZhYTFiYjkwNjI0NDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7FM9kPABO8n3VkgVisyR0V1kFwE
6h5IqLxBUwr7ddYytWIiwqsAhrJ8G8N23jN2TLoF5JLwLIAac3z0cuDn/NBO5FkO
JWzUz6TtXYbbr6JdkfN4sncY3RmRL1od14x6xOr/zB1Ra4TStVsKsSxqBZDZYftc
kCSD77E3G3lEbAXE9l2S5IRBeG5hbYQcZMeOXvDhyvXn8eGT9TjjeXnM55KexzbI
qqBOyisacXLDSVq0M7cTyvrqwui0xduTsy7YpHWhZtH3MH4cNkXD70vCOFb12M74
WlNPNbpmJz2XDlTLWOpRnC2NfcJx2q6Uk/4OvzIvyBh58q/bCFYDIZFznQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFOCChvkZ/ctqZIbinh5qobuQYkQ3MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNElLRy1Sbjl5MnBraHVLZUhtcWh1NUJpUkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqS
AwQATVqUAwQATVqZAwQAueYOAwQA1dGKAwQA1dGPAwQA1dGWMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAcquXo91DaPWpGiloy6jAEIok
kdzer224Xkm0t39DY4n5AFArnV2pBoArEZKbT1+/rRSP/T8bM3sk7HjJH4NDg5CP
BbuK1lj7phXoTSU5tooGtfjG3A1qyOsU8dI06XsOFby/28hpu8AfvoiBKLMNOZvo
9S6TL9sBqI1hS5HgWh8AnObBeGW0TuE2EBWOIRuI+7PyIwLKyy1USFkVCUQk5v4k
7AlGOsfUCqxiBthhI2puCgjFrdbGA6/8vR+ppiw0MLZwQsQql2ddaNM5x0giockQ
YobGuHiu/LLXrAW0qi3vuMOrdROgcf6iWjB9DPauA3yhwIsnuW18BZkz3JQhKA==
-----END CERTIFICATE-----
Generated at Wed Jul 10 12:35:03 2024 by rpki-client on console-ams.rpki-client.org