Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FYyXgpam5yHt7Nyc0Oe8g9WLxH0.roa
File: FYyXgpam5yHt7Nyc0Oe8g9WLxH0.roa (raw, json)
Hash identifier: sEcP3/x1d9UtikeHFtpI3fYp0OgGMnySVraW9ldx/JE=
Subject key identifier: 15:8C:97:82:96:A6:E7:21:ED:EC:DC:9C:D0:E7:BC:83:D5:8B:C4:7D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01863AD3405AC8467068F7DC4363F5E3BFC7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FYyXgpam5yHt7Nyc0Oe8g9WLxH0.roa
Signing time: Fri 10 Feb 2023 10:16:08 +0000
ROA not before: Fri 10 Feb 2023 10:16:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 22 Feb 2023 11:45:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:d3:40:5a:c8:46:70:68:f7:dc:43:63:f5:e3:bf:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 10 10:16:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=158c978296a6e721edecdc9cd0e7bc83d58bc47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a0:fb:15:cd:b5:e2:7e:9d:fb:2a:6f:01:f2:
fb:1d:61:ac:ab:0a:74:f1:e4:9f:f6:74:a4:97:af:
cd:9e:ce:02:0a:c4:6d:29:3c:62:fc:fa:d8:f5:05:
c3:d0:1f:94:66:a8:de:3d:61:26:23:fa:56:0d:e6:
ff:6f:a3:bc:9b:46:98:89:86:40:84:5d:34:4c:eb:
65:fe:f6:b8:ca:58:44:5d:3f:b7:67:36:bc:1b:70:
0c:48:c6:3c:d5:27:6f:81:45:36:35:43:e7:48:33:
76:af:90:67:9e:fa:55:13:23:35:c9:81:3d:c6:83:
9b:d4:f2:d5:fb:e9:cd:f3:5f:14:f3:10:d8:8a:4d:
7f:3b:c3:2a:95:1b:b1:16:1c:0c:d7:03:03:94:93:
45:85:54:7a:a3:20:5c:25:44:79:cb:cb:d0:d7:5f:
54:43:98:f5:6f:35:1b:d9:1e:ff:ff:5d:74:9a:98:
75:de:29:cf:f1:54:d9:27:1a:90:fa:6e:d2:4b:ec:
d9:b0:47:23:8c:9d:c0:6d:a5:0a:ca:af:8d:89:5c:
a9:da:90:fb:60:ea:70:46:f2:bf:47:9a:53:88:90:
e6:bb:3a:a1:b2:39:1b:dd:30:b9:d4:cb:01:86:ad:
58:3e:32:11:4d:d8:21:7a:5b:94:6e:46:bd:f0:df:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8C:97:82:96:A6:E7:21:ED:EC:DC:9C:D0:E7:BC:83:D5:8B:C4:7D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FYyXgpam5yHt7Nyc0Oe8g9WLxH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
70:31:2c:e7:ff:0b:41:b4:ba:2a:b2:70:e6:ce:f5:f7:ae:fd:
34:89:28:58:64:01:33:8c:9c:6e:12:ff:64:82:90:aa:43:3f:
65:bb:12:1a:ae:e5:dc:f9:fe:74:24:ad:e3:c5:13:29:4b:9d:
b6:a0:f4:99:b7:72:f9:f4:98:e6:65:02:ee:83:f8:74:6e:01:
5f:fd:5c:bf:c1:60:12:e6:d1:0d:85:2b:14:50:f0:75:e5:2d:
30:82:da:ab:16:67:54:3f:e7:71:fc:37:81:84:d9:ff:76:fa:
92:fb:1d:1a:a6:f9:95:1a:cb:16:9e:e3:8b:8b:3b:db:60:6b:
61:09:af:7e:12:41:d7:7b:f8:2e:24:84:b5:87:92:53:6f:e9:
90:22:73:9c:4c:e5:2f:6f:4a:e8:31:35:00:da:4a:c5:12:c6:
9a:d3:f5:6d:38:0e:45:ac:0f:6f:dd:13:e0:d6:eb:80:09:a3:
3a:b4:a2:d4:01:3a:6b:af:0c:9a:6f:1d:8d:d4:41:4c:62:ec:
92:b4:70:db:97:f1:9c:9e:26:0f:ca:ff:5f:8e:ac:c0:93:b6:
03:f0:a2:df:0c:12:1a:f6:32:8f:12:72:66:5d:7b:d7:c7:be:
dd:54:bb:ee:8d:05:e1:2b:d4:57:da:00:64:ca:42:84:7e:97:
0e:2e:68:07
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYY600BayEZwaPfcQ2P147/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMjEwMTAxNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNThjOTc4Mjk2YTZlNzIxZWRlY2RjOWNkMGU3YmM4M2Q1OGJjNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqD7Fc214n6d+ypvAfL7HWGsqwp0
8eSf9nSkl6/Nns4CCsRtKTxi/PrY9QXD0B+UZqjePWEmI/pWDeb/b6O8m0aYiYZA
hF00TOtl/va4ylhEXT+3Zza8G3AMSMY81SdvgUU2NUPnSDN2r5BnnvpVEyM1yYE9
xoOb1PLV++nN818U8xDYik1/O8MqlRuxFhwM1wMDlJNFhVR6oyBcJUR5y8vQ119U
Q5j1bzUb2R7//110mph13inP8VTZJxqQ+m7SS+zZsEcjjJ3AbaUKyq+NiVyp2pD7
YOpwRvK/R5pTiJDmuzqhsjkb3TC51MsBhq1YPjIRTdgheluUbka98N/0ZwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBWMl4KWpuch7ezcnNDnvIPVi8R9MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRll5WGdwYW01eUh0N055YzBPZThnOVdMeEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUA
A4IBAQBwMSzn/wtBtLoqsnDmzvX3rv00iShYZAEzjJxuEv9kgpCqQz9luxIaruXc
+f50JK3jxRMpS522oPSZt3L59JjmZQLug/h0bgFf/Vy/wWAS5tENhSsUUPB15S0w
gtqrFmdUP+dx/DeBhNn/dvqS+x0apvmVGssWnuOLizvbYGthCa9+EkHXe/guJIS1
h5JTb+mQInOcTOUvb0roMTUA2krFEsaa0/VtOA5FrA9v3RPg1uuACaM6tKLUATpr
rwyabx2N1EFMYuyStHDbl/GcniYPyv9fjqzAk7YD8KLfDBIa9jKPEnJmXXvXx77d
VLvujQXhK9RX2gBkykKEfpcOLmgH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org