Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FGjhYdRzI3fEOmwMdKCUoRIHFZU.roa
File: FGjhYdRzI3fEOmwMdKCUoRIHFZU.roa (raw, json)
Hash identifier: TXLoh0VT2ThX0dZU6go/cNck6qBcL5Hxzg4UeUgLMTw=
Subject key identifier: 14:68:E1:61:D4:73:23:77:C4:3A:6C:0C:74:A0:94:A1:12:07:15:95
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0192AFB8CDEC554745DCFDCE86CDA2EC3FB7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FGjhYdRzI3fEOmwMdKCUoRIHFZU.roa
Signing time: Mon 21 Oct 2024 15:36:17 +0000
ROA not before: Mon 21 Oct 2024 15:36:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 13:34:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:b8:cd:ec:55:47:45:dc:fd:ce:86:cd:a2:ec:3f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 21 15:36:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1468e161d4732377c43a6c0c74a094a112071595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:5b:dc:80:69:0b:f9:ef:4f:e2:68:5e:42:
4a:06:5a:fd:06:28:87:73:5e:41:de:f1:b7:c2:28:
b3:8f:0d:d8:cc:37:aa:24:96:fe:7c:99:2f:ce:0d:
98:d7:d9:95:db:1d:52:ad:7f:ef:9b:d6:c8:51:39:
00:ce:b3:2d:80:73:b4:3b:2a:0d:01:24:26:06:b7:
14:bd:16:bb:73:eb:c9:e6:01:b9:81:4a:e8:c7:e4:
09:31:a3:84:0f:0d:e1:36:ed:ab:d1:c3:f1:58:e8:
d5:2d:2a:67:21:f4:0a:77:8c:52:c2:4b:3d:d2:a3:
9a:80:b1:77:a9:8b:b2:17:2a:66:c0:27:b5:5a:f5:
a0:db:45:94:dd:1d:cc:b4:6d:1a:ea:4d:a9:2b:84:
ea:6e:25:e0:d9:9c:51:3b:c2:ab:ac:76:b8:f4:dd:
52:58:5e:fb:e3:bf:7c:62:35:4a:08:0c:79:6c:74:
f6:51:aa:05:44:1e:86:19:be:4b:cf:fd:c0:b9:8e:
38:32:50:66:2b:b0:75:8a:ef:8d:1e:78:77:eb:8c:
88:81:d5:13:b2:e1:f8:97:33:a3:d7:19:2e:86:58:
3e:34:79:ca:1e:19:e6:b9:32:f4:26:50:b4:c7:0f:
71:b2:a2:fe:09:50:b4:8c:41:ab:15:77:78:4b:a4:
28:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:68:E1:61:D4:73:23:77:C4:3A:6C:0C:74:A0:94:A1:12:07:15:95
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FGjhYdRzI3fEOmwMdKCUoRIHFZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
0a:0e:a8:97:38:45:2a:76:95:b8:10:cc:fc:47:7a:ee:5d:a8:
c4:2e:d8:9a:bd:33:7c:df:b3:1f:2c:3d:ab:9c:93:0b:cc:09:
ce:0d:16:80:16:44:d3:27:33:41:bc:95:e0:68:30:e6:e0:bd:
c8:9b:30:78:31:b6:8e:90:79:85:06:16:b5:94:68:ff:c4:c8:
55:7d:60:09:43:2c:84:84:7d:4f:d5:6e:8a:7d:a6:d4:75:88:
2c:6b:7c:2e:7e:15:6f:e9:1d:74:36:6f:29:16:9e:c8:fa:ef:
17:f0:4d:74:07:a1:33:45:99:7c:16:13:38:48:c4:4b:e0:5a:
ea:2d:a6:d5:ea:b3:a0:49:88:4d:0d:c7:e7:a9:73:7b:4a:a2:
31:a4:97:8a:a1:c0:9e:0e:14:4b:d9:b1:68:12:09:be:94:75:
b7:a5:b4:1d:4b:d5:68:ed:fe:27:0b:48:c9:83:c5:37:b4:3a:
7b:ef:78:9a:b6:0a:0c:8b:25:92:f7:a4:a5:b7:84:4b:c4:e2:
9d:85:f0:60:2a:ac:51:55:8f:e7:b4:07:75:2c:64:76:c4:56:
29:32:a1:5c:2d:2d:b0:33:41:f5:55:bf:16:3e:6b:23:ef:51:
a3:9f:41:73:e3:0d:e6:cf:85:5f:b7:7d:e8:56:38:33:3b:71:
c8:9b:1f:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZKvuM3sVUdF3P3Ohs2i7D+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDIxMTUzNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY4ZTE2MWQ0NzMyMzc3YzQzYTZjMGM3NGEwOTRhMTEyMDcxNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRpb3IBpC/nvT+JoXkJKBlr9BiiH
c15B3vG3wiizjw3YzDeqJJb+fJkvzg2Y19mV2x1SrX/vm9bIUTkAzrMtgHO0OyoN
ASQmBrcUvRa7c+vJ5gG5gUrox+QJMaOEDw3hNu2r0cPxWOjVLSpnIfQKd4xSwks9
0qOagLF3qYuyFypmwCe1WvWg20WU3R3MtG0a6k2pK4TqbiXg2ZxRO8KrrHa49N1S
WF774798YjVKCAx5bHT2UaoFRB6GGb5Lz/3AuY44MlBmK7B1iu+NHnh364yIgdUT
suH4lzOj1xkuhlg+NHnKHhnmuTL0JlC0xw9xsqL+CVC0jEGrFXd4S6QoJQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFBRo4WHUcyN3xDpsDHSglKESBxWVMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRkdqaFlkUnpJM2ZFT213TWRLQ1VvUklIRlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqO
AwQATVqQMAwDBAFNWpIDBABNWpQDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnH
MA0GCSqGSIb3DQEBCwUAA4IBAQAKDqiXOEUqdpW4EMz8R3ruXajELtiavTN837Mf
LD2rnJMLzAnODRaAFkTTJzNBvJXgaDDm4L3ImzB4MbaOkHmFBha1lGj/xMhVfWAJ
QyyEhH1P1W6KfabUdYgsa3wufhVv6R10Nm8pFp7I+u8X8E10B6EzRZl8FhM4SMRL
4FrqLabV6rOgSYhNDcfnqXN7SqIxpJeKocCeDhRL2bFoEgm+lHW3pbQdS9Vo7f4n
C0jJg8U3tDp773iatgoMiyWS96Slt4RLxOKdhfBgKqxRVY/ntAd1LGR2xFYpMqFc
LS2wM0H1Vb8WPmsj71Gjn0Fz4w3mz4Vft33oVjgzO3HImx+V
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:24:29 2024 by rpki-client on console-fra.rpki-client.org