Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxLkRvCrPiSTJ0dH1dnmp3chpr4.roa
File: DxLkRvCrPiSTJ0dH1dnmp3chpr4.roa (raw, json)
Hash identifier: xO7lfcYuwm9sBwzoFRVGmRqAAT1oQg9Ujak8Gp8tcD8=
Subject key identifier: 0F:12:E4:46:F0:AB:3E:24:93:27:47:47:D5:D9:E6:A7:77:21:A6:BE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0188FD90ABF902AED71B7E9DDF7C300CDD00
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxLkRvCrPiSTJ0dH1dnmp3chpr4.roa
Signing time: Tue 27 Jun 2023 15:54:56 +0000
ROA not before: Tue 27 Jun 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 28 Jun 2023 16:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:90:ab:f9:02:ae:d7:1b:7e:9d:df:7c:30:0c:dd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 27 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f12e446f0ab3e2493274747d5d9e6a77721a6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0d:cd:09:0b:0a:4e:11:0d:7f:f3:cd:73:72:
cd:ed:54:bc:94:29:4d:2d:8d:d0:90:55:33:0f:3a:
86:41:86:16:45:53:10:67:fd:c4:b5:09:66:d2:c7:
cd:1f:19:a2:d8:24:fe:b1:6e:ea:0e:ad:a9:6d:c4:
1f:52:26:87:76:a1:2a:3b:64:00:c3:b2:b1:ca:c1:
49:cc:2a:87:ef:6b:e9:8c:16:64:2d:5d:c1:93:3b:
6c:9a:33:b4:db:be:48:90:5d:e8:59:58:d9:17:6a:
fb:2d:19:ee:1a:fd:c6:43:65:b7:e4:b0:57:e4:a9:
51:95:c8:a8:c2:19:95:74:03:08:75:64:f8:6f:b8:
45:3b:e4:64:a2:48:b5:b8:90:a3:95:13:0c:ce:08:
23:b9:8c:82:38:b1:78:26:6c:97:e5:3c:62:78:f4:
ce:70:5c:c4:43:64:14:34:12:8b:e3:13:00:b5:1f:
c1:30:ad:4e:e7:2c:f0:d4:a1:85:5d:5b:1b:37:b5:
73:d1:21:59:79:b5:8b:1a:59:50:0d:74:f8:b2:48:
aa:eb:ba:01:f7:17:cd:4d:9f:3d:f1:30:7c:1d:58:
eb:54:83:af:71:33:d5:f7:ac:82:89:ed:de:83:6f:
69:ef:1f:e4:f1:24:a9:41:de:67:f0:b7:90:70:30:
4f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:12:E4:46:F0:AB:3E:24:93:27:47:47:D5:D9:E6:A7:77:21:A6:BE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DxLkRvCrPiSTJ0dH1dnmp3chpr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.185.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6b:f5:a8:b3:b9:0a:6c:bd:5a:81:6f:69:10:6d:1d:e1:59:bd:
ff:4d:56:60:4d:0a:7b:2f:c9:0d:1b:2c:03:41:49:79:83:50:
ff:d2:6d:5b:ee:ce:98:d2:98:86:26:a9:06:de:0b:b4:0d:d9:
d4:db:16:72:70:65:90:c3:77:c0:c8:9f:30:c5:81:29:e7:f6:
00:71:90:97:8a:ee:8f:8e:2b:b9:fb:7f:25:bb:8c:00:c5:f7:
e5:5e:4f:e1:3c:c6:3d:6f:a8:42:6a:d8:e9:a5:10:fa:1e:1c:
da:ff:4e:a8:77:b2:1c:99:16:99:c7:52:1c:6a:b9:9b:9e:b5:
49:d0:84:bc:90:f6:65:99:e9:4b:48:d5:15:67:f7:fb:d2:72:
88:e5:7d:ef:39:77:30:f6:c9:cd:af:06:47:42:0a:0e:3a:ad:
18:6b:04:18:6f:fd:05:1e:e3:5d:a9:4b:5b:fc:fa:fb:b3:0b:
14:af:e1:ac:b2:12:d8:2d:0c:5d:60:2a:33:13:97:13:c6:96:
f5:7b:16:68:b3:d4:ba:ae:a6:d9:d1:9f:74:05:80:d2:89:9e:
7b:25:10:02:87:dc:7e:85:f3:ba:52:d2:7c:64:bd:24:af:19:
18:b5:18:25:4e:a9:f8:d1:f6:3c:45:2a:09:0d:64:9a:76:60:
3c:b7:90:02
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYj9kKv5Aq7XG36d33wwDN0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjI3MTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjEyZTQ0NmYwYWIzZTI0OTMyNzQ3NDdkNWQ5ZTZhNzc3MjFhNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g3NCQsKThENf/PNc3LN7VS8lClN
LY3QkFUzDzqGQYYWRVMQZ/3EtQlm0sfNHxmi2CT+sW7qDq2pbcQfUiaHdqEqO2QA
w7KxysFJzCqH72vpjBZkLV3BkztsmjO0275IkF3oWVjZF2r7LRnuGv3GQ2W35LBX
5KlRlciowhmVdAMIdWT4b7hFO+Rkoki1uJCjlRMMzggjuYyCOLF4JmyX5TxiePTO
cFzEQ2QUNBKL4xMAtR/BMK1O5yzw1KGFXVsbN7Vz0SFZebWLGllQDXT4skiq67oB
9xfNTZ898TB8HVjrVIOvcTPV96yCie3eg29p7x/k8SSpQd5n8LeQcDBPPwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFA8S5Ebwqz4kkydHR9XZ5qd3Iaa+MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRHhMa1J2Q3JQaVNUSjBkSDFkbm1wM2NocHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBABNWrkDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3
DQEBCwUAA4IBAQBr9aizuQpsvVqBb2kQbR3hWb3/TVZgTQp7L8kNGywDQUl5g1D/
0m1b7s6Y0piGJqkG3gu0DdnU2xZycGWQw3fAyJ8wxYEp5/YAcZCXiu6Pjiu5+38l
u4wAxfflXk/hPMY9b6hCatjppRD6Hhza/06od7IcmRaZx1IcarmbnrVJ0IS8kPZl
melLSNUVZ/f70nKI5X3vOXcw9snNrwZHQgoOOq0YawQYb/0FHuNdqUtb/Pr7swsU
r+GsshLYLQxdYCozE5cTxpb1exZos9S6rqbZ0Z90BYDSiZ57JRACh9x+hfO6UtJ8
ZL0krxkYtRglTqn40fY8RSoJDWSadmA8t5AC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org