Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9NB3u9jaGzGz4XpRwUHmZWDRst8.roa
File: 9NB3u9jaGzGz4XpRwUHmZWDRst8.roa (raw, json)
Hash identifier: MidUpbXa/AKeiVdMj86DYfZGHEPOcHo+ejv12eyJ2i8=
Subject key identifier: F4:D0:77:BB:D8:DA:1B:31:B3:E1:7A:51:C1:41:E6:65:60:D1:B2:DF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AC1783D79714D70A45DD5B856B0E0161D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9NB3u9jaGzGz4XpRwUHmZWDRst8.roa
Signing time: Sat 23 Sep 2023 09:56:37 +0000
ROA not before: Sat 23 Sep 2023 09:56:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 25 Sep 2023 16:05:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:78:3d:79:71:4d:70:a4:5d:d5:b8:56:b0:e0:16:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 23 09:56:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d077bbd8da1b31b3e17a51c141e66560d1b2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7b:40:8c:6f:16:68:41:ab:61:c6:cb:f9:d6:
45:c0:11:d7:ea:b0:14:51:68:85:7c:55:ba:6b:b0:
75:5b:46:3f:ba:6f:2a:ee:af:10:48:29:64:b5:cd:
14:0f:36:ed:28:9d:13:32:73:56:48:a0:4d:d3:75:
3f:23:f2:2a:ea:2b:94:fa:67:25:1b:2f:ea:ef:a7:
31:f1:d3:ae:a9:3d:eb:a3:f1:44:b9:df:68:4e:dc:
74:0d:19:ce:9a:4b:f0:aa:ff:b8:e4:48:ac:00:54:
59:6b:75:ba:92:39:ca:ec:1c:94:90:c4:00:30:ae:
2f:d7:d7:2b:3d:3f:5d:15:59:a2:54:ba:21:36:f9:
79:9b:ff:ec:cb:f1:60:5e:1c:84:6a:7e:be:1a:6e:
53:56:99:90:b7:fa:be:07:8e:7d:cc:09:f0:a4:e0:
d7:ca:b1:1e:00:0d:eb:15:04:df:3d:f0:e3:57:de:
00:55:15:e0:50:42:65:c0:e2:10:92:86:3e:c9:75:
ef:30:01:55:75:53:02:13:ea:89:8d:65:02:b7:80:
d0:f4:95:70:ef:c8:79:ea:b2:8e:b1:03:09:63:ad:
44:b0:ff:40:82:26:41:97:b7:f9:bf:a3:5c:d1:aa:
24:4b:5f:e7:b8:70:01:6e:8a:3c:05:af:c8:dc:55:
c6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D0:77:BB:D8:DA:1B:31:B3:E1:7A:51:C1:41:E6:65:60:D1:B2:DF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9NB3u9jaGzGz4XpRwUHmZWDRst8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8f:29:64:cf:c6:4b:ad:bd:da:5f:b0:97:7c:09:2c:47:f2:a2:
71:ff:47:ad:57:8a:4b:48:58:46:c9:4d:cd:a8:5b:e8:00:f0:
22:e1:b8:eb:ad:05:64:90:0c:ed:f4:8c:4b:a4:f4:db:2b:1d:
e6:c0:f4:39:f7:f4:ad:8d:d3:68:14:48:f6:52:b5:e8:48:ff:
02:33:93:60:87:9a:d1:02:d1:ca:2b:dc:0d:85:1b:1c:81:c7:
e8:9c:6c:bb:9a:c2:e3:37:38:28:a9:87:a3:b7:65:f1:6e:fd:
bf:f9:76:f7:68:31:4b:b6:a6:a2:52:95:3f:92:b4:1b:bd:d1:
a5:0f:73:15:37:1a:c4:3d:e8:21:d9:ba:60:22:d2:07:d1:cb:
b6:60:14:b1:89:95:dc:c1:f1:65:5f:79:a8:f4:f3:04:39:5a:
c0:70:72:6f:83:4a:56:c1:b4:35:c9:26:f3:59:e4:d5:39:d3:
f9:e0:02:14:87:14:53:8f:23:d7:bd:4d:cd:64:0f:78:a1:1a:
e3:50:87:b3:a7:4f:d7:33:31:77:79:c6:d3:41:2f:c5:a7:53:
e7:a4:77:ef:3d:b8:e6:5b:1c:c9:57:2d:97:39:6c:a3:0e:8b:
e1:78:79:7b:e5:b5:2e:32:b5:57:11:ad:66:0d:f3:2a:9a:60:
93:76:0b:ad
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYrBeD15cU1wpF3VuFaw4BYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTIzMDk1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQwNzdiYmQ4ZGExYjMxYjNlMTdhNTFjMTQxZTY2NTYwZDFiMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHtAjG8WaEGrYcbL+dZFwBHX6rAU
UWiFfFW6a7B1W0Y/um8q7q8QSClktc0UDzbtKJ0TMnNWSKBN03U/I/Iq6iuU+mcl
Gy/q76cx8dOuqT3ro/FEud9oTtx0DRnOmkvwqv+45EisAFRZa3W6kjnK7ByUkMQA
MK4v19crPT9dFVmiVLohNvl5m//sy/FgXhyEan6+Gm5TVpmQt/q+B459zAnwpODX
yrEeAA3rFQTfPfDjV94AVRXgUEJlwOIQkoY+yXXvMAFVdVMCE+qJjWUCt4DQ9JVw
78h56rKOsQMJY61EsP9AgiZBl7f5v6Nc0aokS1/nuHABboo8Ba/I3FXGOwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPTQd7vY2hsxs+F6UcFB5mVg0bLfMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOU5CM3U5amFHekd6NFhwUndVSG1aV0RSc3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEBLnmAAMEANXRigMEANXRjwMEANXRkgME
ANXRlgMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBAI8pZM/GS6292l+wl3wJLEfyonH/R61XiktIWEbJTc2oW+gA8CLhuOutBWSQ
DO30jEuk9NsrHebA9Dn39K2N02gUSPZStehI/wIzk2CHmtEC0cor3A2FGxyBx+ic
bLuawuM3OCiph6O3ZfFu/b/5dvdoMUu2pqJSlT+StBu90aUPcxU3GsQ96CHZumAi
0gfRy7ZgFLGJldzB8WVfeaj08wQ5WsBwcm+DSlbBtDXJJvNZ5NU50/ngAhSHFFOP
I9e9Tc1kD3ihGuNQh7OnT9czMXd5xtNBL8WnU+ekd+89uOZbHMlXLZc5bKMOi+F4
eXvltS4ytVcRrWYN8yqaYJN2C60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org