Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FZuqT-sDn8sswlDCNKi0We8jgIY.roa
File: FZuqT-sDn8sswlDCNKi0We8jgIY.roa (raw, json)
Hash identifier: reFLu245ctV8j3VFJrcn1Qeg1n9u/qIH+OIzq3jikCg=
Subject key identifier: 15:9B:AA:4F:EB:03:9F:CB:2C:C2:50:C2:34:A8:B4:59:EF:23:80:86
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189841A5C4C316751D2A48F21EB1EAB3F49
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FZuqT-sDn8sswlDCNKi0We8jgIY.roa
Signing time: Sun 23 Jul 2023 18:54:27 +0000
ROA not before: Sun 23 Jul 2023 18:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:84:1a:5c:4c:31:67:51:d2:a4:8f:21:eb:1e:ab:3f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 23 18:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=159baa4feb039fcb2cc250c234a8b459ef238086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:90:97:ae:c7:fd:de:10:95:cc:88:ab:d5:8a:
be:d5:8d:17:ad:f5:ca:4d:fb:4c:86:99:09:05:5b:
ba:c0:83:63:3f:94:48:c7:4f:85:dd:8e:d9:b9:02:
52:06:e5:b8:f2:6c:d8:e5:41:ae:f5:4e:62:fb:b8:
66:54:92:be:70:9d:dd:6e:03:a5:fc:39:57:c9:0b:
27:80:0e:ca:1c:42:93:01:5d:d2:a6:b2:64:ca:6a:
65:e6:45:1e:4c:86:ca:f9:8e:a0:19:e5:08:53:83:
9e:97:70:b8:85:b8:94:68:9a:db:c8:e1:b4:22:be:
76:fe:38:f9:3e:cc:90:5c:2a:3b:28:74:bb:69:78:
56:1a:e9:db:0b:d7:b6:dc:e7:82:d2:61:10:d7:e8:
06:ed:39:c7:a0:69:a6:97:05:26:49:40:dc:7a:48:
da:11:84:69:cb:ff:4a:95:e4:c0:a6:8b:b4:ee:57:
ca:39:5e:d3:25:f0:6c:35:30:11:84:b9:d3:05:cb:
68:35:92:51:f2:65:5d:66:b1:62:9e:44:07:00:83:
7d:0a:ce:0c:0d:ca:6b:4d:c9:6d:89:91:eb:aa:ce:
80:41:a3:d8:2b:6e:77:58:42:56:55:c3:ea:a9:56:
c2:cd:98:a7:b8:9b:1f:0f:b3:10:e0:d6:34:b5:bd:
97:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9B:AA:4F:EB:03:9F:CB:2C:C2:50:C2:34:A8:B4:59:EF:23:80:86
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FZuqT-sDn8sswlDCNKi0We8jgIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
213.209.151.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
04:55:a5:31:a7:0d:71:df:bc:13:9a:82:90:a7:97:9c:86:8b:
c7:7e:69:c6:61:9f:52:0e:bf:06:74:94:1e:e3:4b:04:c0:56:
b0:a8:8d:75:fb:54:23:14:60:ae:b4:2b:fe:a1:23:58:22:e8:
44:fa:81:cc:00:28:b7:a2:f2:d6:be:2a:c1:92:7a:57:71:cb:
94:18:82:84:10:7f:fd:c6:b2:ef:9f:5b:c8:f9:d0:32:e8:bb:
55:16:90:06:ac:0a:59:a5:d7:4c:00:10:e2:ef:53:84:db:db:
8d:e5:be:d8:95:6f:2a:2a:46:6c:cb:31:76:3a:8e:1b:a0:41:
42:88:bd:6b:1e:93:40:79:c7:6d:f0:81:88:09:38:78:97:d9:
9e:dc:fe:a7:0e:ff:f6:f0:88:45:24:00:2b:ec:21:8f:d1:bc:
85:27:3a:69:61:c2:02:29:0d:8e:e5:9e:55:fa:2c:ca:32:01:
8f:8b:bb:33:ce:89:e2:aa:2f:0e:5b:59:55:6c:78:65:b3:30:
88:40:8c:a7:bf:de:57:7c:50:db:cf:e2:6e:0b:69:39:9b:96:
8a:f8:d0:0a:14:0a:d7:30:db:5d:68:03:49:eb:ab:7b:0b:01:
b6:ff:f0:11:af:06:27:96:d2:63:af:ba:80:c2:ef:9f:4b:c2:
eb:18:7e:97
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYmEGlxMMWdR0qSPIeseqz9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzIzMTg1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTliYWE0ZmViMDM5ZmNiMmNjMjUwYzIzNGE4YjQ1OWVmMjM4MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5CXrsf93hCVzIir1Yq+1Y0XrfXK
TftMhpkJBVu6wINjP5RIx0+F3Y7ZuQJSBuW48mzY5UGu9U5i+7hmVJK+cJ3dbgOl
/DlXyQsngA7KHEKTAV3SprJkympl5kUeTIbK+Y6gGeUIU4Oel3C4hbiUaJrbyOG0
Ir52/jj5PsyQXCo7KHS7aXhWGunbC9e23OeC0mEQ1+gG7TnHoGmmlwUmSUDcekja
EYRpy/9KleTApou07lfKOV7TJfBsNTARhLnTBctoNZJR8mVdZrFinkQHAIN9Cs4M
DcprTcltiZHrqs6AQaPYK253WEJWVcPqqVbCzZinuJsfD7MQ4NY0tb2XEwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBWbqk/rA5/LLMJQwjSotFnvI4CGMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRlp1cVQtc0RuOHNzd2xEQ05LaTBXZThqZ0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQA1dGKAwQA1dGXAwQA1dGdAwQA1dGfMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEABFWlMacNcd+8E5qCkKeXnIaL
x35pxmGfUg6/BnSUHuNLBMBWsKiNdftUIxRgrrQr/qEjWCLoRPqBzAAot6Ly1r4q
wZJ6V3HLlBiChBB//cay759byPnQMui7VRaQBqwKWaXXTAAQ4u9ThNvbjeW+2JVv
KipGbMsxdjqOG6BBQoi9ax6TQHnHbfCBiAk4eJfZntz+pw7/9vCIRSQAK+whj9G8
hSc6aWHCAikNjuWeVfosyjIBj4u7M86J4qovDltZVWx4ZbMwiECMp7/eV3xQ28/i
bgtpOZuWivjQChQK1zDbXWgDSeurewsBtv/wEa8GJ5bSY6+6gMLvn0vC6xh+lw==
-----END CERTIFICATE-----
Generated at Mon Jul 31 14:29:36 2023 by rpki-client on console-ams.rpki-client.org