Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9DFUAbS3yN7NUBW3P5vy_AQiUtI.roa
File: 9DFUAbS3yN7NUBW3P5vy_AQiUtI.roa (raw, json)
Hash identifier: 1h7foWt78zskqSxYzSAgFanHv99emQj5TSlD3aH4C8c=
Subject key identifier: F4:31:54:01:B4:B7:C8:DE:CD:50:15:B7:3F:9B:F2:FC:04:22:52:D2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F90A15A5E8EBFDAAFB29501277B702857
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9DFUAbS3yN7NUBW3P5vy_AQiUtI.roa
Signing time: Sun 19 May 2024 11:34:04 +0000
ROA not before: Sun 19 May 2024 11:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 10:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:90:a1:5a:5e:8e:bf:da:af:b2:95:01:27:7b:70:28:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 19 11:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4315401b4b7c8decd5015b73f9bf2fc042252d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:c2:15:d1:e9:52:b3:24:f8:14:6e:ca:cf:
f7:cf:6e:0a:40:77:bf:d9:81:0d:35:b8:5b:71:62:
e5:6a:d1:b8:d5:e1:d6:e4:8f:ca:36:b8:f9:a9:13:
e5:1c:da:bb:f0:e5:67:47:0c:3d:98:33:2f:19:2a:
8e:17:be:67:8f:68:06:59:59:7b:e8:9b:26:b3:e5:
20:a9:62:e5:d2:2a:5a:4a:8e:42:56:d1:e6:6e:52:
b7:ae:e3:5e:18:8f:2f:b4:11:c0:18:79:9a:d2:38:
d3:8d:71:fb:5d:0f:4c:c3:eb:52:11:96:de:d5:5c:
7b:e4:92:13:2c:ef:c4:fc:db:5a:c8:3e:21:5f:9f:
b2:f9:e9:d9:8f:8c:e2:f1:eb:fd:cf:0b:82:d7:0b:
1c:01:12:7e:39:bd:d4:78:16:1c:2b:0d:ef:ac:31:
91:bf:dd:74:70:2f:a3:8d:bb:71:e2:87:7c:ce:3e:
1a:8f:6b:bd:fc:9b:af:00:5f:d7:07:71:51:77:32:
5f:3e:ff:83:bd:6f:10:7f:09:09:c6:3f:f5:e5:e7:
a6:84:e0:6a:d8:99:7e:90:e0:09:c6:ad:a2:83:dd:
f5:e4:88:c1:dc:24:52:98:81:d8:91:b9:a0:12:f0:
c2:32:2d:cd:ac:5c:e4:2e:19:40:c8:0d:e8:37:a8:
ea:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:31:54:01:B4:B7:C8:DE:CD:50:15:B7:3F:9B:F2:FC:04:22:52:D2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9DFUAbS3yN7NUBW3P5vy_AQiUtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0/24
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
3f:3d:45:7b:11:66:1d:8f:16:b9:04:5f:97:4f:04:0a:10:1f:
2b:fc:5c:17:a7:5b:83:a6:98:4b:0a:74:cd:b1:d7:72:a6:22:
dc:27:98:7b:76:70:69:b5:d7:70:a7:b6:9e:09:34:68:dd:51:
36:14:8a:9d:fd:bc:df:50:2f:41:b3:61:9b:5b:28:4a:55:cf:
ff:09:07:ac:15:11:07:38:fe:f6:7b:9b:55:63:8b:48:e0:2a:
7d:c6:b2:3b:b9:81:9a:99:50:36:f9:2b:4f:62:a3:ce:b6:20:
1e:3f:ed:42:25:47:39:78:4a:16:55:4a:3f:dc:a1:8d:54:cf:
df:c6:cb:52:2d:ab:06:0c:6c:4d:c6:43:22:98:d8:b2:7a:64:
95:4d:be:f5:34:d1:f8:24:45:bb:59:31:d8:fe:87:f0:7a:9e:
58:d1:4b:aa:3d:59:e3:ae:09:fb:b6:15:a1:d1:4b:8e:89:51:
1d:02:59:2e:d7:a2:0d:5b:77:4a:11:2e:a8:29:c6:f4:44:ff:
fb:1b:c3:07:13:ae:7e:61:90:a5:9b:af:39:11:4f:77:b7:e6:
3f:bc:7d:6a:58:13:81:ce:2e:19:bb:f6:27:da:af:a2:f9:84:
8f:75:91:2c:59:ac:37:c7:d3:04:a1:d5:a5:71:08:76:3b:3b:
f8:09:bf:86
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY+QoVpejr/ar7KVASd7cChXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTE5MTEzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMxNTQwMWI0YjdjOGRlY2Q1MDE1YjczZjliZjJmYzA0MjI1MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9bCFdHpUrMk+BRuys/3z24KQHe/
2YENNbhbcWLlatG41eHW5I/KNrj5qRPlHNq78OVnRww9mDMvGSqOF75nj2gGWVl7
6Jsms+UgqWLl0ipaSo5CVtHmblK3ruNeGI8vtBHAGHma0jjTjXH7XQ9Mw+tSEZbe
1Vx75JITLO/E/NtayD4hX5+y+enZj4zi8ev9zwuC1wscARJ+Ob3UeBYcKw3vrDGR
v910cC+jjbtx4od8zj4aj2u9/JuvAF/XB3FRdzJfPv+DvW8QfwkJxj/15eemhOBq
2Jl+kOAJxq2ig9315IjB3CRSmIHYkbmgEvDCMi3NrFzkLhlAyA3oN6jqmwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFPQxVAG0t8jezVAVtz+b8vwEIlLSMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOURGVUFiUzN5TjdOVUJXM1A1dnlfQVFpVXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBAC55g0DBADV0YEDBADV0YoDBADV0Y8DBADV0ZEDBADV
0Z0wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQA/PUV7
EWYdjxa5BF+XTwQKEB8r/FwXp1uDpphLCnTNsddypiLcJ5h7dnBptddwp7aeCTRo
3VE2FIqd/bzfUC9Bs2GbWyhKVc//CQesFREHOP72e5tVY4tI4Cp9xrI7uYGamVA2
+StPYqPOtiAeP+1CJUc5eEoWVUo/3KGNVM/fxstSLasGDGxNxkMimNiyemSVTb71
NNH4JEW7WTHY/ofwep5Y0UuqPVnjrgn7thWh0UuOiVEdAlku16INW3dKES6oKcb0
RP/7G8MHE65+YZClm685EU93t+Y/vH1qWBOBzi4Zu/Yn2q+i+YSPdZEsWaw3x9ME
odWlcQh2Ozv4Cb+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org