Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FJuoGTTYTm9pT3TJKylgQZ-WSXc.roa
File: FJuoGTTYTm9pT3TJKylgQZ-WSXc.roa (raw, json)
Hash identifier: uBRviO1Hyh3veeZ1dIVzgpMfROeXwJPwidC99hhcR/E=
Subject key identifier: 14:9B:A8:19:34:D8:4E:6F:69:4F:74:C9:2B:29:60:41:9F:96:49:77
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018637453860458A909C37BBB09D7FD30683
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FJuoGTTYTm9pT3TJKylgQZ-WSXc.roa
Signing time: Thu 09 Feb 2023 17:42:08 +0000
ROA not before: Thu 09 Feb 2023 17:42:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 10 Feb 2023 10:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:45:38:60:45:8a:90:9c:37:bb:b0:9d:7f:d3:06:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 9 17:42:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149ba81934d84e6f694f74c92b2960419f964977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2f:c4:8c:7c:d7:1c:f6:0e:1b:0f:d6:8b:48:
36:53:be:85:c1:4e:fd:dd:62:2f:6f:86:c8:48:0f:
13:20:87:ec:26:a1:39:a2:e5:93:ab:9b:98:c8:d8:
c8:ba:50:b5:09:9d:3c:52:7c:95:51:ef:ce:76:b6:
1f:a3:45:86:9f:89:17:9c:a0:d3:00:17:80:8c:16:
45:b0:a1:26:fa:2b:83:1f:2b:e2:fd:62:54:0b:24:
a6:76:8e:7c:75:96:1d:9a:5f:30:1b:a8:92:e5:e3:
11:95:34:c7:cb:40:c0:a9:d7:e7:f8:99:4b:5c:60:
77:08:a0:06:b1:c6:d9:e7:43:cf:52:39:22:ff:f8:
4c:d5:79:5b:32:16:80:ff:78:d0:d5:fd:8b:99:1f:
19:c2:f3:ee:08:dc:0c:2e:e1:32:84:57:56:2a:14:
c0:54:b5:b2:d8:d4:b0:0c:8c:ff:dd:7a:b6:9e:af:
23:f4:b1:e8:1f:22:60:17:c9:e9:d8:9f:31:20:47:
92:f1:d4:1c:9c:84:62:05:c0:4b:b0:7b:f0:89:f5:
94:2b:f4:26:78:60:c0:09:92:a7:14:e4:a7:1e:c3:
25:91:11:a1:60:00:37:f6:3b:2e:b9:63:7f:1c:d1:
e5:4f:2f:37:90:1d:98:61:1e:37:9b:2c:3a:fb:fb:
2d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9B:A8:19:34:D8:4E:6F:69:4F:74:C9:2B:29:60:41:9F:96:49:77
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FJuoGTTYTm9pT3TJKylgQZ-WSXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8e:d4:8e:55:c6:a9:a8:cb:5c:19:82:27:8e:8b:23:f4:5a:53:
66:da:56:a2:95:df:d4:7c:55:fb:7b:ed:1a:16:aa:ca:35:d8:
28:25:12:71:be:75:74:7b:71:3d:89:26:54:6c:8d:ca:a6:de:
8f:19:5f:db:a4:fd:ba:79:b6:f9:b3:92:f8:bc:f1:5d:a9:a3:
95:f2:3b:f2:9c:06:1c:47:df:01:a9:f2:50:c8:a8:26:cf:e1:
e3:56:02:91:e0:e6:91:83:c4:1f:97:a8:36:b6:ac:a2:69:56:
b4:b1:48:09:ba:67:39:5b:8b:d0:c6:2e:6f:34:20:d6:d3:4b:
d2:31:ca:e3:7a:f9:88:63:c5:cc:f0:f5:bd:5d:87:e3:43:f0:
02:b6:16:55:83:ce:42:94:df:4a:6c:92:86:cb:bd:db:79:5c:
38:9a:13:1f:d7:d7:a8:c9:df:af:f6:c0:b0:95:6d:0f:1b:1c:
7d:ea:30:62:6b:50:53:f4:dc:d8:65:9a:94:da:ae:a0:41:29:
fb:1b:a0:de:71:0a:de:fc:a3:05:d4:2f:31:ec:d6:93:cc:c9:
23:52:f1:77:84:96:8b:b4:40:cb:3a:35:8d:7b:46:34:73:e6:
04:65:c2:cf:2d:07:1c:d8:4c:94:80:af:09:c2:83:4c:06:5c:
03:7d:37:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYY3RThgRYqQnDe7sJ1/0waDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMjA5MTc0MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDliYTgxOTM0ZDg0ZTZmNjk0Zjc0YzkyYjI5NjA0MTlmOTY0OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy/EjHzXHPYOGw/Wi0g2U76FwU79
3WIvb4bISA8TIIfsJqE5ouWTq5uYyNjIulC1CZ08UnyVUe/OdrYfo0WGn4kXnKDT
ABeAjBZFsKEm+iuDHyvi/WJUCySmdo58dZYdml8wG6iS5eMRlTTHy0DAqdfn+JlL
XGB3CKAGscbZ50PPUjki//hM1XlbMhaA/3jQ1f2LmR8ZwvPuCNwMLuEyhFdWKhTA
VLWy2NSwDIz/3Xq2nq8j9LHoHyJgF8np2J8xIEeS8dQcnIRiBcBLsHvwifWUK/Qm
eGDACZKnFOSnHsMlkRGhYAA39jsuuWN/HNHlTy83kB2YYR43myw6+/stVQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFBSbqBk02E5vaU90ySspYEGflkl3MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRkp1b0dUVFlUbTlwVDNUSkt5bGdRWi1XU1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBADV0YoDBADV0ZEDBADV0ZYwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0G
CSqGSIb3DQEBCwUAA4IBAQCO1I5Vxqmoy1wZgieOiyP0WlNm2laild/UfFX7e+0a
FqrKNdgoJRJxvnV0e3E9iSZUbI3Kpt6PGV/bpP26ebb5s5L4vPFdqaOV8jvynAYc
R98BqfJQyKgmz+HjVgKR4OaRg8Qfl6g2tqyiaVa0sUgJumc5W4vQxi5vNCDW00vS
McrjevmIY8XM8PW9XYfjQ/ACthZVg85ClN9KbJKGy73beVw4mhMf19eoyd+v9sCw
lW0PGxx96jBia1BT9NzYZZqU2q6gQSn7G6DecQre/KMF1C8x7NaTzMkjUvF3hJaL
tEDLOjWNe0Y0c+YEZcLPLQcc2EyUgK8JwoNMBlwDfTfZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org