Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8bpZiYUn11xLevIcp5ppEVEOh2Q.roa
File: 8bpZiYUn11xLevIcp5ppEVEOh2Q.roa (raw, json)
Hash identifier: 3neJ/KzMrhnIzgrJaD3CbGRK432pyF3fCJ9kRDF1Jgc=
Subject key identifier: F1:BA:59:89:85:27:D7:5C:4B:7A:F2:1C:A7:9A:69:11:51:0E:87:64
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019007ED0E2F217F8043AE26040E16184760
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8bpZiYUn11xLevIcp5ppEVEOh2Q.roa
Signing time: Tue 11 Jun 2024 15:31:34 +0000
ROA not before: Tue 11 Jun 2024 15:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 15:54:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:ed:0e:2f:21:7f:80:43:ae:26:04:0e:16:18:47:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 11 15:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ba59898527d75c4b7af21ca79a6911510e8764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:54:f3:ff:88:20:d4:bd:67:1f:b4:49:f2:
c5:3b:14:15:5b:8a:e5:93:fd:00:55:b3:e0:2b:64:
28:98:80:bc:27:94:5b:9d:dc:87:4a:1d:ca:02:df:
d7:98:91:ec:74:40:3a:f2:09:09:40:c4:e3:01:db:
f9:90:9d:6e:c0:4e:06:7e:0a:94:93:b9:30:20:bc:
6e:9d:ec:2a:82:cf:83:a8:f8:9c:9d:ee:40:7e:86:
66:41:fb:c2:18:01:67:de:43:24:84:25:d0:4d:94:
da:f2:f5:ae:b5:a3:45:b2:d9:e9:a9:67:73:6a:2b:
1e:fa:2c:58:4d:0e:15:cb:7b:a1:a9:c7:29:33:54:
5b:ab:d6:77:d3:ee:9c:2c:f8:0c:ea:e2:43:25:b9:
4d:0a:61:f9:88:de:22:3f:c5:b7:b3:82:07:9b:a5:
3f:8e:4e:56:a5:43:58:d4:fd:d2:62:58:60:e5:17:
05:f9:33:90:11:2d:cc:66:d3:d9:bd:c8:b9:71:a2:
f8:5a:81:8a:92:03:46:25:a7:6a:fb:c6:c3:c3:1c:
85:98:e8:41:4d:44:53:17:3c:d3:ff:76:8f:f7:41:
f9:71:e5:c2:7c:82:66:d1:ff:f9:83:8d:f6:0a:77:
e3:5a:4d:69:8a:50:60:3e:e8:37:9d:bf:60:b0:2e:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BA:59:89:85:27:D7:5C:4B:7A:F2:1C:A7:9A:69:11:51:0E:87:64
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8bpZiYUn11xLevIcp5ppEVEOh2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.14.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
86:23:eb:f7:96:e4:11:b1:f4:06:69:4e:0e:4b:53:10:de:79:
3b:b8:89:f1:6b:d7:d2:cb:8d:0a:ff:f7:12:79:59:df:c7:ff:
ed:f4:ac:5b:34:7c:70:31:b4:ed:b9:9c:c7:06:65:ad:e8:2c:
dd:3c:58:ec:a3:94:40:98:a8:f2:3d:46:f4:60:4d:2d:1a:ca:
94:be:d1:a7:00:22:8b:5a:91:ae:66:fd:8e:9c:d5:6d:0b:29:
0a:ec:a6:0f:7c:87:54:01:5d:3e:dc:93:64:4c:eb:58:8c:10:
d5:1f:ca:a6:e1:b3:c3:ee:ac:ac:45:05:7a:5a:4d:f5:45:fa:
8f:ff:03:46:85:da:c3:14:9e:52:e4:38:92:f5:ca:f4:ac:25:
31:bd:bc:bb:a2:e4:de:f1:b9:d3:5d:97:92:b7:d4:68:09:89:
e6:13:06:94:37:21:4f:84:0d:c6:2c:04:ec:58:af:42:08:e7:
99:a6:c8:b7:60:dc:2c:26:4c:48:4a:b8:af:b1:02:9d:4c:fe:
b8:ac:ef:1a:91:25:53:1f:dd:2e:82:a9:f0:83:0a:c1:d0:fc:
7d:47:d4:8c:b6:ba:b9:d1:81:10:99:2b:54:32:70:37:56:08:
6d:96:39:3e:b9:0a:ef:9d:6f:f1:8f:77:56:9d:d4:36:5b:2b:
63:2c:da:fb
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZAH7Q4vIX+AQ64mBA4WGEdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjExMTUzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJhNTk4OTg1MjdkNzVjNGI3YWYyMWNhNzlhNjkxMTUxMGU4NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZU8/+IINS9Zx+0SfLFOxQVW4rl
k/0AVbPgK2QomIC8J5RbndyHSh3KAt/XmJHsdEA68gkJQMTjAdv5kJ1uwE4GfgqU
k7kwILxunewqgs+DqPicne5AfoZmQfvCGAFn3kMkhCXQTZTa8vWutaNFstnpqWdz
aise+ixYTQ4Vy3uhqccpM1Rbq9Z30+6cLPgM6uJDJblNCmH5iN4iP8W3s4IHm6U/
jk5WpUNY1P3SYlhg5RcF+TOQES3MZtPZvci5caL4WoGKkgNGJadq+8bDwxyFmOhB
TURTFzzT/3aP90H5ceXCfIJm0f/5g432CnfjWk1pilBgPug3nb9gsC7lMQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFPG6WYmFJ9dcS3ryHKeaaRFRDodkMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOGJwWmlZVW4xMXhMZXZJY3A1cHBFVkVPaDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQATVqZAwQAueYOAwQA1dGKAwQA1dGWMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAhiPr95bkEbH0BmlODktTEN55
O7iJ8WvX0suNCv/3EnlZ38f/7fSsWzR8cDG07bmcxwZlregs3TxY7KOUQJio8j1G
9GBNLRrKlL7RpwAii1qRrmb9jpzVbQspCuymD3yHVAFdPtyTZEzrWIwQ1R/KpuGz
w+6srEUFelpN9UX6j/8DRoXawxSeUuQ4kvXK9KwlMb28u6Lk3vG5012XkrfUaAmJ
5hMGlDchT4QNxiwE7FivQgjnmabIt2DcLCZMSEq4r7ECnUz+uKzvGpElUx/dLoKp
8IMKwdD8fUfUjLa6udGBEJkrVDJwN1YIbZY5PrkK751v8Y93Vp3UNlsrYyza+w==
-----END CERTIFICATE-----
Generated at Wed Jun 26 22:04:35 2024 by rpki-client on console-ams.rpki-client.org