Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EhxvEiMKlGOhoIKteE9ZhuKXPIk.roa
File: EhxvEiMKlGOhoIKteE9ZhuKXPIk.roa (raw, json)
Hash identifier: k4C6U2sVaT9AwZdhdN4VVpb3H38jaitGiZXpo2NL3o4=
Subject key identifier: 12:1C:6F:12:23:0A:94:63:A1:A0:82:AD:78:4F:59:86:E2:97:3C:89
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0187E741D1A93F177163065E58510225648A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EhxvEiMKlGOhoIKteE9ZhuKXPIk.roa
Signing time: Thu 04 May 2023 14:54:23 +0000
ROA not before: Thu 04 May 2023 14:54:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:41:d1:a9:3f:17:71:63:06:5e:58:51:02:25:64:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 4 14:54:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=121c6f12230a9463a1a082ad784f5986e2973c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8a:c1:0f:42:3c:51:8d:5d:dc:b0:a3:48:92:
55:af:5f:03:ec:44:03:f5:42:08:d5:e0:16:c2:83:
29:fe:3e:bd:a7:93:ba:e9:80:73:48:0e:fe:5f:96:
f8:4b:03:1f:2e:1c:10:5c:20:c6:52:6f:ac:1c:b9:
dd:18:69:d6:d7:08:ee:10:f9:e5:24:1d:27:e5:61:
04:7c:79:18:f7:ae:ff:8c:fd:fc:b2:21:79:d9:64:
61:11:a8:f0:77:52:e7:97:99:44:70:30:90:c8:7d:
70:b1:0b:58:2c:d2:90:bd:97:77:64:1e:84:e1:65:
4a:69:e3:e6:25:0e:d2:7c:f2:ce:fd:76:83:05:02:
42:1d:4c:ab:7f:f0:47:90:9e:93:86:f2:e8:d1:aa:
7c:2e:d2:b3:fc:86:6f:e7:b6:22:a2:22:ee:c8:f6:
f7:33:54:e5:82:2a:2a:75:7d:91:db:0b:bd:8b:06:
e8:1a:9f:e7:3f:de:db:65:ba:c2:68:13:79:de:c4:
d4:49:59:ce:f0:9b:00:52:4e:2a:89:c8:f9:93:ac:
07:ad:a5:fd:59:8c:40:d3:51:9f:12:97:f8:5f:0a:
ea:02:cb:ac:48:4f:48:29:a8:15:9c:cd:5e:2e:a1:
88:c1:28:ef:df:82:5b:14:53:3b:1b:2d:93:92:7e:
4c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1C:6F:12:23:0A:94:63:A1:A0:82:AD:78:4F:59:86:E2:97:3C:89
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/EhxvEiMKlGOhoIKteE9ZhuKXPIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
41:86:68:46:b8:02:0e:8d:c5:48:77:64:be:0a:28:d9:a3:dc:
ac:fc:bc:73:5e:e5:a7:d6:33:51:2f:7e:64:89:79:99:ec:16:
67:fb:34:c2:b8:e4:f3:b0:d9:28:11:c3:83:e6:f8:b5:e5:f8:
26:f4:0a:d4:2b:45:05:8a:0c:aa:c7:cb:eb:8d:2f:d8:f7:c6:
9a:cf:9d:63:c9:aa:0d:26:f8:bc:70:22:2c:23:fd:e0:6a:d7:
93:24:d9:6d:42:54:18:9f:49:9b:3a:29:52:82:a0:19:50:69:
f1:58:b9:87:09:64:1f:b0:9a:00:20:0b:33:8f:66:5d:b9:7a:
5e:13:e6:b9:bd:6e:67:01:70:ea:3f:5d:73:2b:73:d9:b5:ff:
01:eb:2b:5b:90:5d:cc:e5:f6:9e:be:0b:7f:26:16:67:58:80:
f6:4b:0e:71:b3:91:bc:b8:4e:ce:cf:8e:98:7c:78:3a:04:dc:
4f:84:a9:3a:a9:b0:1f:7e:96:3b:0d:de:1f:b0:99:37:fa:bb:
3c:d1:bc:69:2c:c3:f1:80:24:62:08:1d:a2:3d:ec:dc:da:bb:
9b:73:e2:3f:67:21:8d:61:3f:8c:e1:65:38:44:28:eb:20:8e:
cb:06:13:80:00:41:28:f4:06:fb:a2:ca:34:b6:9d:fe:f5:de:
f7:54:23:bc
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYfnQdGpPxdxYwZeWFECJWSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNTA0MTQ1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFjNmYxMjIzMGE5NDYzYTFhMDgyYWQ3ODRmNTk4NmUyOTczYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYrBD0I8UY1d3LCjSJJVr18D7EQD
9UII1eAWwoMp/j69p5O66YBzSA7+X5b4SwMfLhwQXCDGUm+sHLndGGnW1wjuEPnl
JB0n5WEEfHkY967/jP38siF52WRhEajwd1Lnl5lEcDCQyH1wsQtYLNKQvZd3ZB6E
4WVKaePmJQ7SfPLO/XaDBQJCHUyrf/BHkJ6ThvLo0ap8LtKz/IZv57YioiLuyPb3
M1TlgioqdX2R2wu9iwboGp/nP97bZbrCaBN53sTUSVnO8JsAUk4qicj5k6wHraX9
WYxA01GfEpf4XwrqAsusSE9IKagVnM1eLqGIwSjv34JbFFM7Gy2Tkn5MJQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBIcbxIjCpRjoaCCrXhPWYbilzyJMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRWh4dkVpTUtsR09ob0lLdGVFOVpodUtYUElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUA
A4IBAQBBhmhGuAIOjcVId2S+CijZo9ys/LxzXuWn1jNRL35kiXmZ7BZn+zTCuOTz
sNkoEcOD5vi15fgm9ArUK0UFigyqx8vrjS/Y98aaz51jyaoNJvi8cCIsI/3gateT
JNltQlQYn0mbOilSgqAZUGnxWLmHCWQfsJoAIAszj2ZduXpeE+a5vW5nAXDqP11z
K3PZtf8B6ytbkF3M5faevgt/JhZnWID2Sw5xs5G8uE7Oz46YfHg6BNxPhKk6qbAf
fpY7Dd4fsJk3+rs80bxpLMPxgCRiCB2iPezc2rubc+I/ZyGNYT+M4WU4RCjrII7L
BhOAAEEo9Ab7oso0tp3+9d73VCO8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org