Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5qpuw1hIwjN1H5ck_sjSmuwDUbI.roa
File: 5qpuw1hIwjN1H5ck_sjSmuwDUbI.roa (raw, json)
Hash identifier: HAouaAm3OBWAbDKyYo0pEywnSMoabCz0kUvFKZPyWGk=
Subject key identifier: E6:AA:6E:C3:58:48:C2:33:75:1F:97:24:FE:C8:D2:9A:EC:03:51:B2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01914D18D884F5FE34F1F53770C3C4B5935C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5qpuw1hIwjN1H5ck_sjSmuwDUbI.roa
Signing time: Tue 13 Aug 2024 18:55:59 +0000
ROA not before: Tue 13 Aug 2024 18:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 25 Aug 2024 09:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:18:d8:84:f5:fe:34:f1:f5:37:70:c3:c4:b5:93:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 13 18:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6aa6ec35848c233751f9724fec8d29aec0351b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ef:dd:25:3a:9d:56:e7:a0:9f:16:f5:0d:d9:
f3:5f:1f:86:34:f2:16:e6:0e:3a:cb:13:24:28:d2:
b8:bd:66:d3:4a:be:00:db:75:11:18:4b:00:8f:e9:
64:09:57:f7:9f:55:70:c0:3c:47:bb:97:8e:81:c5:
2b:cd:c1:c3:ff:be:57:92:92:c3:8d:85:14:2e:46:
fe:ed:fb:06:28:61:34:b6:2a:0e:7f:1c:48:dd:19:
ad:1d:e2:97:0b:a1:6d:9a:31:64:c8:37:65:aa:87:
90:81:5a:35:d7:41:13:fa:a1:10:7e:de:fd:2b:73:
1f:5a:e9:6d:e4:fe:73:38:d2:8d:85:da:71:27:c9:
30:bf:9d:30:07:14:54:f5:2d:3a:ef:28:f6:bf:3d:
e4:91:9d:9d:b6:5f:cd:f5:dc:c0:8d:3c:71:5f:90:
3e:89:4d:e8:34:6c:4b:95:de:a3:16:83:43:7f:65:
ad:6c:0d:57:f3:f8:b3:ea:7d:ce:5e:52:09:2b:25:
b6:9a:c4:4d:2d:9c:98:37:5f:41:df:4d:b6:9a:85:
50:a2:83:c2:bd:67:fc:3c:28:2c:a7:56:af:fb:e4:
40:8f:70:2f:a4:25:c5:54:4f:a7:c4:c9:3a:fd:d6:
f1:b3:a7:3c:62:af:7b:55:4a:60:9e:38:38:28:4a:
77:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AA:6E:C3:58:48:C2:33:75:1F:97:24:FE:C8:D2:9A:EC:03:51:B2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5qpuw1hIwjN1H5ck_sjSmuwDUbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a7:54:53:6d:c9:76:54:c5:3f:7c:07:e1:1a:46:69:7f:5b:4e:
b7:e6:45:af:e0:4b:c5:0f:c1:0a:93:aa:34:0a:86:16:12:1c:
86:07:dc:98:16:09:48:4a:f6:c7:b0:f7:4e:c7:2c:c6:16:16:
4f:1b:fc:62:f6:2e:56:ce:8f:1a:e2:6f:5c:16:50:cf:91:e9:
d3:93:43:15:b6:d9:97:c1:68:e4:46:78:a3:8a:0c:58:6d:7d:
b6:96:76:7e:cb:67:c0:48:a3:ad:f1:99:22:94:ed:d4:80:4f:
bc:47:df:c3:6a:8c:ad:c4:8f:8c:e3:3f:26:b9:97:d7:b8:af:
2f:21:9e:26:02:e6:44:f8:fb:50:5f:2b:cc:af:d8:fc:12:6b:
cb:91:82:31:38:b5:8d:53:d4:93:30:45:28:50:c8:43:c1:1a:
fc:f9:ad:d5:fa:5e:87:3b:8c:7b:4c:3a:00:49:22:88:f9:c4:
c6:68:23:56:7b:91:44:69:13:0b:19:7d:5c:6d:e5:71:3a:c8:
54:75:60:6a:b6:61:48:be:23:8a:4e:30:54:4c:8e:b7:66:55:
95:d7:9b:a4:52:d2:b5:ba:ea:ca:e9:f6:fc:9e:f6:c6:13:6f:
dd:c4:c4:55:0e:84:b2:91:4f:09:d0:6b:8b:91:09:a3:f0:48:
0c:93:64:57
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZFNGNiE9f408fU3cMPEtZNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODEzMTg1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFhNmVjMzU4NDhjMjMzNzUxZjk3MjRmZWM4ZDI5YWVjMDM1MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+/dJTqdVuegnxb1DdnzXx+GNPIW
5g46yxMkKNK4vWbTSr4A23URGEsAj+lkCVf3n1VwwDxHu5eOgcUrzcHD/75XkpLD
jYUULkb+7fsGKGE0tioOfxxI3RmtHeKXC6FtmjFkyDdlqoeQgVo110ET+qEQft79
K3MfWult5P5zONKNhdpxJ8kwv50wBxRU9S067yj2vz3kkZ2dtl/N9dzAjTxxX5A+
iU3oNGxLld6jFoNDf2WtbA1X8/iz6n3OXlIJKyW2msRNLZyYN19B3022moVQooPC
vWf8PCgsp1av++RAj3AvpCXFVE+nxMk6/dbxs6c8Yq97VUpgnjg4KEp3mwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFOaqbsNYSMIzdR+XJP7I0prsA1GyMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNXFwdXcxaEl3ak4xSDVja19zalNtdXdEVWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQAueYOAwQA1dGB
AwQA1dGKAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsF
AAOCAQEAp1RTbcl2VMU/fAfhGkZpf1tOt+ZFr+BLxQ/BCpOqNAqGFhIchgfcmBYJ
SEr2x7D3TscsxhYWTxv8YvYuVs6PGuJvXBZQz5Hp05NDFbbZl8Fo5EZ4o4oMWG19
tpZ2fstnwEijrfGZIpTt1IBPvEffw2qMrcSPjOM/JrmX17ivLyGeJgLmRPj7UF8r
zK/Y/BJry5GCMTi1jVPUkzBFKFDIQ8Ea/Pmt1fpehzuMe0w6AEkiiPnExmgjVnuR
RGkTCxl9XG3lcTrIVHVgarZhSL4jik4wVEyOt2ZVldebpFLStbrqyun2/J72xhNv
3cTEVQ6EspFPCdBri5EJo/BIDJNkVw==
-----END CERTIFICATE-----
Generated at Sun Aug 25 13:04:10 2024 by rpki-client on console-ams.rpki-client.org