Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FkFT48FDNk8gccyyaHKIdHrVQ4s.roa
File: FkFT48FDNk8gccyyaHKIdHrVQ4s.roa (raw, json)
Hash identifier: CL5HDbR/ug8RUJ/9kjxDyH29B853Hz2blcbjWgoP8Cs=
Subject key identifier: 16:41:53:E3:C1:43:36:4F:20:71:CC:B2:68:72:88:74:7A:D5:43:8B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01889A890A8C0029AF6AEC1492D6DDF6B2DC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FkFT48FDNk8gccyyaHKIdHrVQ4s.roa
Signing time: Thu 08 Jun 2023 10:24:12 +0000
ROA not before: Thu 08 Jun 2023 10:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:89:0a:8c:00:29:af:6a:ec:14:92:d6:dd:f6:b2:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 8 10:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=164153e3c143364f2071ccb2687288747ad5438b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:a8:e1:da:e3:c3:04:f8:b9:58:d7:49:96:
f8:27:8a:f0:28:91:99:c2:7a:d5:4b:1e:a9:43:28:
3a:17:ed:b8:de:45:ef:ff:4c:b9:59:15:cd:72:9f:
04:a8:5b:1b:9a:82:57:db:8c:e0:67:0f:1e:77:c6:
a9:19:f1:6d:a4:52:27:77:30:59:b4:d7:e2:92:8d:
25:bf:1e:03:38:48:b6:da:50:40:b4:19:0a:6b:b4:
a8:aa:d1:9c:34:97:1d:12:4d:a2:c7:99:df:af:87:
71:e3:4e:41:2d:db:72:03:eb:be:a7:c7:65:1f:72:
e6:b9:8b:9f:9c:fd:d1:c3:37:ea:b9:2f:88:fe:52:
c8:01:9c:a3:c6:ad:3e:04:a4:67:68:a7:a5:b5:fa:
84:45:70:44:bd:f0:bc:62:f0:3f:d1:5c:0b:41:92:
38:98:91:12:21:ab:ea:c5:3f:7d:7c:1c:73:98:d0:
12:d9:23:8b:52:8f:77:20:1d:a4:0a:57:b3:ee:6c:
6d:c6:76:6e:e5:2b:6c:00:49:a8:0f:8d:29:67:3b:
13:fd:a3:0a:b1:a8:46:89:ac:1d:c9:8b:7b:4d:e1:
48:64:f4:9e:45:41:f8:97:20:67:66:8e:0b:12:86:
0a:0a:64:ba:da:7a:23:bd:3d:ae:dc:f6:3d:92:fb:
e7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:41:53:E3:C1:43:36:4F:20:71:CC:B2:68:72:88:74:7A:D5:43:8B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/FkFT48FDNk8gccyyaHKIdHrVQ4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.185.0/24
77.90.188.0/24
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.151.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6d:0e:93:70:dc:a2:87:7b:39:37:96:90:49:8a:df:f1:90:7a:
39:01:2e:37:ba:21:0a:ee:78:d7:13:7c:c7:96:70:e5:72:6c:
b9:bb:3e:14:cd:9b:5a:62:62:c5:af:1c:27:1a:3d:a3:cd:f4:
4f:51:0a:9c:4c:61:14:c4:dc:ff:d7:cb:ef:b0:5c:63:bd:71:
86:e6:bc:e8:f4:f8:dd:dc:a1:f0:90:b9:e2:7f:51:24:2b:f1:
fb:36:84:4f:7d:97:b0:27:e6:80:12:68:d7:83:2a:4a:cb:96:
ec:a5:50:ad:95:69:7e:9c:fd:b7:3d:86:5e:ce:18:bc:43:06:
60:79:9a:4d:b5:25:4e:73:1b:4a:fe:e8:be:1b:d3:93:58:d8:
d4:92:55:00:30:1f:0e:c2:b7:b5:80:5f:47:58:4f:ca:59:93:
ca:cc:ab:65:5a:5e:13:6c:c6:ac:24:f5:9a:8a:c1:97:a4:ae:
57:6b:1d:92:f5:e3:e3:e4:b6:ba:c7:b4:0a:e3:7e:d8:c1:34:
2f:57:5d:9e:bd:2c:56:b3:03:94:3e:f5:26:ca:21:9a:7b:e4:
e2:54:5b:14:f2:ac:96:1a:1f:ed:e9:97:24:56:9d:94:61:6c:
18:ec:3e:02:e9:0a:d4:53:c7:89:c7:c5:66:8e:cd:ab:b0:32:
00:d4:2f:87
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYiaiQqMACmvauwUktbd9rLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjA4MTAyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQxNTNlM2MxNDMzNjRmMjA3MWNjYjI2ODcyODg3NDdhZDU0MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVuo4drjwwT4uVjXSZb4J4rwKJGZ
wnrVSx6pQyg6F+243kXv/0y5WRXNcp8EqFsbmoJX24zgZw8ed8apGfFtpFIndzBZ
tNfiko0lvx4DOEi22lBAtBkKa7SoqtGcNJcdEk2ix5nfr4dx405BLdtyA+u+p8dl
H3LmuYufnP3RwzfquS+I/lLIAZyjxq0+BKRnaKeltfqERXBEvfC8YvA/0VwLQZI4
mJESIavqxT99fBxzmNAS2SOLUo93IB2kClez7mxtxnZu5StsAEmoD40pZzsT/aMK
sahGiawdyYt7TeFIZPSeRUH4lyBnZo4LEoYKCmS62nojvT2u3PY9kvvn3wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFBZBU+PBQzZPIHHMsmhyiHR61UOLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRmtGVDQ4RkROazhnY2N5eWFIS0lkSHJWUTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwejAMAwQH
TVqAAwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQB
TVqSAwQATVqUAwQATVqZAwQATVq5AwQATVq8AwQAueYOAwQA1dGBAwQA1dGKAwQA
1dGPAwQA1dGXAwQA1dGdAwQA1dGfMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkq
hkiG9w0BAQsFAAOCAQEAbQ6TcNyih3s5N5aQSYrf8ZB6OQEuN7ohCu541xN8x5Zw
5XJsubs+FM2bWmJixa8cJxo9o830T1EKnExhFMTc/9fL77BcY71xhua86PT43dyh
8JC54n9RJCvx+zaET32XsCfmgBJo14MqSsuW7KVQrZVpfpz9tz2GXs4YvEMGYHma
TbUlTnMbSv7ovhvTk1jY1JJVADAfDsK3tYBfR1hPylmTysyrZVpeE2zGrCT1morB
l6SuV2sdkvXj4+S2use0CuN+2ME0L1ddnr0sVrMDlD71Jsohmnvk4lRbFPKslhof
7emXJFadlGFsGOw+AukK1FPHicfFZo7Nq7AyANQvhw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org