Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CpCSia79krYgtYWeV10VMaZ4N1o.roa
File: CpCSia79krYgtYWeV10VMaZ4N1o.roa (raw, json)
Hash identifier: k43h0rofccMeOJyCeEPUOQvH+7wyEBYD5pfVmcFSS1g=
Subject key identifier: 0A:90:92:89:AE:FD:92:B6:20:B5:85:9E:57:5D:15:31:A6:78:37:5A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0191B7B6E5DFD59B9A3C60A5415DB01F128C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CpCSia79krYgtYWeV10VMaZ4N1o.roa
Signing time: Tue 03 Sep 2024 11:48:22 +0000
ROA not before: Tue 03 Sep 2024 11:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:b6:e5:df:d5:9b:9a:3c:60:a5:41:5d:b0:1f:12:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 3 11:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a909289aefd92b620b5859e575d1531a678375a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:03:7f:dd:bf:f7:79:e8:20:56:85:a2:57:1d:
de:ef:05:5d:3c:7f:2d:f3:af:3d:0a:58:0e:11:60:
39:c8:a9:88:07:89:2e:1d:bc:8c:35:d4:61:21:40:
9f:f1:1c:9c:11:13:51:33:f6:4d:b3:11:9d:95:1e:
9d:94:25:49:40:12:fc:46:7d:21:79:00:16:bf:f5:
aa:2b:6e:2d:5d:78:c0:73:b9:de:d6:36:df:9e:43:
7d:a6:12:87:b1:30:a5:a1:93:72:8f:66:3d:39:4a:
12:b9:3f:a0:88:b4:b2:10:93:49:35:fd:3a:d2:bb:
31:69:bf:0e:a4:8e:8e:9a:23:64:59:a7:a0:0e:82:
5b:5c:d6:a9:40:ed:5d:b1:48:23:18:2d:76:f5:24:
e2:04:6c:28:d9:9c:0a:6c:67:ec:3a:17:62:d7:e5:
01:fb:77:ce:ed:4c:f0:38:c7:49:77:6d:18:7c:12:
b1:14:1f:9a:12:78:c3:74:22:35:6e:15:a9:b7:8d:
fe:ed:70:0d:cf:62:07:36:d3:bb:82:48:ac:e3:2e:
14:09:31:69:df:f8:9e:13:ec:a9:1e:54:6d:ca:b9:
f4:ec:42:1e:9e:91:e6:d7:31:84:1d:21:d7:fd:83:
30:ea:75:d2:a7:be:d5:46:ed:e0:46:ad:b2:88:6f:
89:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:90:92:89:AE:FD:92:B6:20:B5:85:9E:57:5D:15:31:A6:78:37:5A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CpCSia79krYgtYWeV10VMaZ4N1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.154.0/24
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
99:f7:43:bd:e9:1f:68:cc:55:73:0c:01:7b:3f:6e:66:9e:54:
8d:0c:ad:01:d2:36:75:4d:83:bc:45:1b:0d:4f:c7:3a:ba:9e:
fc:5f:0e:62:ec:a1:51:14:ad:22:10:47:9e:48:a5:9d:e4:dd:
8f:20:9d:6b:dc:e6:d6:7a:14:5e:66:52:f4:2f:b3:6c:e0:db:
cb:a9:d5:62:6f:3b:60:69:75:51:d9:d7:8b:72:8c:94:fc:9c:
16:19:1c:f6:99:f1:96:ec:dc:0d:6a:bd:ab:7a:91:8f:c5:25:
3c:ae:2b:07:3b:6e:4d:23:c7:1c:6f:ff:f0:05:9c:3b:dc:0d:
ff:f0:61:8d:3d:28:54:6b:3d:e9:e6:cd:90:e5:24:ff:13:41:
e0:6c:02:9c:7b:24:a8:41:33:84:46:37:ba:cc:2f:fb:f5:8c:
d0:2f:32:b1:40:d0:ec:63:f9:b8:71:f5:96:dc:93:ac:2f:9a:
77:b7:43:df:e6:be:3c:76:8b:13:d4:0d:92:f5:f3:a6:2b:dc:
2f:9a:69:ea:a7:20:74:81:1d:8b:00:90:df:12:60:52:8a:2a:
25:f0:d4:d0:63:38:f9:81:82:19:4b:f3:d0:64:b4:9d:9e:66:
b5:36:47:54:51:d6:91:6a:1f:c8:87:c3:29:4e:13:0d:8b:7c:
22:71:8e:b1
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZG3tuXf1ZuaPGClQV2wHxKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwOTAzMTE0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkwOTI4OWFlZmQ5MmI2MjBiNTg1OWU1NzVkMTUzMWE2NzgzNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQN/3b/3eeggVoWiVx3e7wVdPH8t
8689ClgOEWA5yKmIB4kuHbyMNdRhIUCf8RycERNRM/ZNsxGdlR6dlCVJQBL8Rn0h
eQAWv/WqK24tXXjAc7ne1jbfnkN9phKHsTCloZNyj2Y9OUoSuT+giLSyEJNJNf06
0rsxab8OpI6OmiNkWaegDoJbXNapQO1dsUgjGC129STiBGwo2ZwKbGfsOhdi1+UB
+3fO7UzwOMdJd20YfBKxFB+aEnjDdCI1bhWpt43+7XANz2IHNtO7gkis4y4UCTFp
3/ieE+ypHlRtyrn07EIenpHm1zGEHSHX/YMw6nXSp77VRu3gRq2yiG+JxQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAqQkomu/ZK2ILWFnlddFTGmeDdaMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvQ3BDU2lhNzlrcllndFlXZVYxMFZNYVo0TjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqS
AwQATVqUAwQATVqaAwQAueYOAwQA1dGBAwQA1dGKMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAmfdDvekfaMxVcwwBez9uZp5UjQytAdI2
dU2DvEUbDU/HOrqe/F8OYuyhURStIhBHnkilneTdjyCda9zm1noUXmZS9C+zbODb
y6nVYm87YGl1UdnXi3KMlPycFhkc9pnxluzcDWq9q3qRj8UlPK4rBztuTSPHHG//
8AWcO9wN//BhjT0oVGs96ebNkOUk/xNB4GwCnHskqEEzhEY3uswv+/WM0C8ysUDQ
7GP5uHH1ltyTrC+ad7dD3+a+PHaLE9QNkvXzpivcL5pp6qcgdIEdiwCQ3xJgUooq
JfDU0GM4+YGCGUvz0GS0nZ5mtTZHVFHWkWofyIfDKU4TDYt8InGOsQ==
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:44 2024 by rpki-client on console-fra.rpki-client.org