Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9vODZGl_xozKb23xQ5Fngp3fBFk.roa
File: 9vODZGl_xozKb23xQ5Fngp3fBFk.roa (raw, json)
Hash identifier: ZORXXcgmp7c5w3t4qDJ/H+WJ5iv7sLWcQPRHFcZV/Pw=
Subject key identifier: F6:F3:83:64:69:7F:C6:8C:CA:6F:6D:F1:43:91:67:82:9D:DF:04:59
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B5D1ABFE8997437024E2A133D46CD390C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9vODZGl_xozKb23xQ5Fngp3fBFk.roa
Signing time: Mon 23 Oct 2023 15:15:15 +0000
ROA not before: Mon 23 Oct 2023 15:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5d:1a:bf:e8:99:74:37:02:4e:2a:13:3d:46:cd:39:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 23 15:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6f38364697fc68cca6f6df1439167829ddf0459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4a:c2:8a:7b:13:bd:fa:48:e2:97:f9:be:dc:
8a:2b:85:e5:18:c4:3c:7b:50:18:4f:78:63:e7:3c:
3b:85:5d:43:0c:2f:d7:c8:dd:ae:3b:f3:35:55:e4:
e8:22:4e:fa:90:77:65:13:12:9f:e2:55:20:93:a7:
3b:f1:be:ea:fe:c3:68:00:ef:9b:59:91:8b:28:f9:
57:db:ec:ca:1d:a5:74:b3:b6:a7:b5:7a:a0:f6:b1:
8a:67:1a:89:5e:22:f3:83:f4:1a:b6:14:2f:03:d8:
79:94:13:9a:2f:0d:65:a6:c8:6e:1e:f4:2a:e1:ab:
07:c2:36:af:4c:f9:c2:2c:cd:15:96:6a:00:c7:38:
b7:27:7f:58:64:42:e5:3a:fd:ca:0a:b8:5c:d6:0a:
57:26:8c:df:13:63:b8:f1:4e:9f:fd:ec:60:6c:b2:
f1:92:e5:d2:ee:4b:1b:e2:2f:2c:65:a2:50:7a:43:
f6:4d:74:af:f3:2c:b9:b5:6f:4f:08:5e:9d:41:2f:
78:7c:6e:92:cc:53:7e:cb:97:8b:b7:28:f5:e7:5f:
1b:91:e2:c1:d2:c4:f9:14:8f:8d:a0:48:68:e5:1f:
6c:94:1a:5a:8b:51:c8:48:d3:b0:a6:4a:68:4a:79:
26:3a:11:7d:bb:42:8c:c7:4c:c9:97:74:a3:b4:85:
6e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F3:83:64:69:7F:C6:8C:CA:6F:6D:F1:43:91:67:82:9D:DF:04:59
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9vODZGl_xozKb23xQ5Fngp3fBFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
185.230.14.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4f:a5:3e:71:0e:23:c5:b0:8f:b4:e2:16:53:83:a3:3a:af:f3:
83:a7:68:b5:4b:1f:c4:33:16:1e:d6:74:8a:4c:3c:5e:5e:cf:
77:ac:df:a3:9a:46:bb:4a:e0:23:3b:34:ef:29:8f:ea:a3:55:
85:50:0c:bf:33:9f:81:b7:dd:72:ea:23:0a:71:f3:ea:61:c3:
ea:f1:b8:a5:51:48:8a:b4:e7:a2:8c:17:e8:92:d0:00:4d:d0:
33:79:37:a2:87:70:d4:6a:aa:bb:f5:42:51:61:63:d1:19:83:
32:d3:4a:7f:36:f6:2e:b2:d1:8c:b1:c7:82:2f:5c:f0:10:16:
34:80:7b:89:31:fd:b0:0c:52:60:9c:31:5d:6f:a6:0a:63:dc:
62:ac:85:4f:a9:4a:18:db:2f:6e:bc:80:8e:e7:20:9e:67:ac:
fd:1a:79:fc:ed:ad:42:81:70:57:59:85:69:82:6d:10:72:4f:
54:47:21:d5:85:5f:76:cc:ab:84:57:fd:d4:12:8e:c9:2a:97:
38:36:51:2f:1c:1f:b3:1f:1b:72:47:e1:56:37:57:50:fc:fb:
28:b4:ad:80:b2:98:95:ce:74:e0:93:1a:b4:57:15:8d:dd:2d:
97:88:f7:ff:0e:7c:ee:77:c2:55:ef:a9:37:e0:dc:9c:66:20:
b4:97:74:7e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYtdGr/omXQ3Ak4qEz1GzTkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDIzMTUxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYzODM2NDY5N2ZjNjhjY2E2ZjZkZjE0MzkxNjc4MjlkZGYwNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0rCinsTvfpI4pf5vtyKK4XlGMQ8
e1AYT3hj5zw7hV1DDC/XyN2uO/M1VeToIk76kHdlExKf4lUgk6c78b7q/sNoAO+b
WZGLKPlX2+zKHaV0s7antXqg9rGKZxqJXiLzg/QathQvA9h5lBOaLw1lpshuHvQq
4asHwjavTPnCLM0VlmoAxzi3J39YZELlOv3KCrhc1gpXJozfE2O48U6f/exgbLLx
kuXS7ksb4i8sZaJQekP2TXSv8yy5tW9PCF6dQS94fG6SzFN+y5eLtyj1518bkeLB
0sT5FI+NoEho5R9slBpai1HISNOwpkpoSnkmOhF9u0KMx0zJl3SjtIVuwQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFPbzg2Rpf8aMym9t8UORZ4Kd3wRZMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOXZPRFpHbF94b3pLYjIzeFE1Rm5ncDNmQkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1alAME
ALnmDgMEANXRijAMAwQA1dGRAwQA1dGSAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAT6U+cQ4jxbCPtOIWU4OjOq/zg6dotUsf
xDMWHtZ0ikw8Xl7Pd6zfo5pGu0rgIzs07ymP6qNVhVAMvzOfgbfdcuojCnHz6mHD
6vG4pVFIirTnoowX6JLQAE3QM3k3oodw1Gqqu/VCUWFj0RmDMtNKfzb2LrLRjLHH
gi9c8BAWNIB7iTH9sAxSYJwxXW+mCmPcYqyFT6lKGNsvbryAjucgnmes/Rp5/O2t
QoFwV1mFaYJtEHJPVEch1YVfdsyrhFf91BKOySqXODZRLxwfsx8bckfhVjdXUPz7
KLStgLKYlc504JMatFcVjd0tl4j3/w587nfCVe+pN+DcnGYgtJd0fg==
-----END CERTIFICATE-----
Generated at Tue Oct 24 11:07:44 2023 by rpki-client on console-fra.rpki-client.org