Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HDHkJA34NWVg7a6MMdLWkgxgY8g.roa
File: HDHkJA34NWVg7a6MMdLWkgxgY8g.roa (raw, json)
Hash identifier: jMmoyLjGI9TSBU1V20PgDTvDNEmqeCUNUbNXYO3gkbc=
Subject key identifier: 1C:31:E4:24:0D:F8:35:65:60:ED:AE:8C:31:D2:D6:92:0C:60:63:C8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D08CDC996A0C6B776C52E957707F81820
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HDHkJA34NWVg7a6MMdLWkgxgY8g.roa
Signing time: Sun 14 Jan 2024 16:28:40 +0000
ROA not before: Sun 14 Jan 2024 16:28:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 18 Jan 2024 17:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:cd:c9:96:a0:c6:b7:76:c5:2e:95:77:07:f8:18:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 14 16:28:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c31e4240df8356560edae8c31d2d6920c6063c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:89:45:af:7e:d0:47:d4:ec:da:9c:e3:48:fd:
aa:c0:17:24:e6:65:70:b0:91:7d:bb:ab:51:84:49:
b7:99:b5:6a:92:3a:f5:89:91:13:c6:f9:fb:da:b6:
d2:2e:fe:66:59:0e:06:e0:ad:09:3c:fb:66:17:d2:
02:02:a5:85:05:4d:e5:ed:a1:4c:a9:22:98:f6:8d:
4c:f6:51:61:33:0e:63:30:3e:1c:a1:3f:2d:ac:75:
d2:3a:7e:e9:a3:ba:95:27:93:30:a7:aa:49:9d:7d:
34:c0:51:b9:3b:76:e7:40:7f:e1:d2:63:67:5c:6e:
dc:03:b9:67:6b:a0:fb:ee:e5:4c:cf:5d:3a:78:53:
48:12:3d:ed:9a:71:77:bd:08:7e:ae:82:25:ef:37:
a7:76:1e:78:cd:8f:b3:33:0a:ba:99:ce:b6:12:40:
f6:5e:15:68:2e:d2:1b:9d:95:81:1d:f5:29:d9:f3:
7c:8a:1b:21:b5:b5:35:43:58:2e:bb:79:39:b8:bd:
1c:1c:f6:ca:89:af:55:5b:93:c8:d8:d7:d6:72:bc:
3c:4e:8e:f1:f5:d9:a5:b0:1c:6c:2a:da:83:d2:02:
c4:19:e8:0f:8c:2f:86:b3:f7:d2:ac:77:a1:f2:b2:
1a:dd:16:e2:d2:18:24:35:47:f7:78:c2:59:36:80:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:E4:24:0D:F8:35:65:60:ED:AE:8C:31:D2:D6:92:0C:60:63:C8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HDHkJA34NWVg7a6MMdLWkgxgY8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
01:30:b9:dd:34:05:62:b7:c5:09:60:07:d3:e5:0a:94:67:d8:
95:25:cf:62:6d:23:78:98:1d:c5:e1:51:69:c6:72:24:5c:b8:
99:a1:ae:a3:f3:e4:3e:31:6c:bb:49:7d:aa:31:a8:47:10:3e:
09:27:00:cc:62:8e:56:d0:d0:2c:dd:4a:ff:cd:3f:d4:cd:6b:
c8:6c:e6:3f:9f:04:fa:17:46:85:33:78:c6:79:1e:1c:3f:50:
d3:23:e0:eb:cb:23:a5:f1:5d:21:dd:71:9e:83:d0:2b:40:0b:
04:f0:f2:db:5b:6f:a8:61:4e:0e:ae:6e:6a:c8:9f:df:1a:60:
84:bf:44:e8:1e:b9:1b:d6:c8:a5:de:d4:ce:76:56:f2:41:7d:
b6:f7:2c:bc:44:02:4d:14:76:73:41:da:3f:77:68:98:67:0d:
f7:8b:ec:8d:f2:5a:c4:0a:79:ea:8c:23:f2:8a:40:df:0e:5c:
b5:fb:58:fa:6f:02:af:91:ba:5d:d2:5f:a6:6b:4a:04:9a:9f:
62:78:2c:4f:17:63:4c:f1:18:30:29:65:6b:29:a4:91:fd:7d:
f2:2b:30:57:5f:a1:39:40:c4:82:f6:53:78:a4:cb:b9:12:d6:
b0:33:12:ed:91:59:ff:50:13:f4:b2:1a:57:1c:c0:32:68:49:
22:5a:8c:96
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY0IzcmWoMa3dsUulXcH+BggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTE0MTYyODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMxZTQyNDBkZjgzNTY1NjBlZGFlOGMzMWQyZDY5MjBjNjA2M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYlFr37QR9Ts2pzjSP2qwBck5mVw
sJF9u6tRhEm3mbVqkjr1iZETxvn72rbSLv5mWQ4G4K0JPPtmF9ICAqWFBU3l7aFM
qSKY9o1M9lFhMw5jMD4coT8trHXSOn7po7qVJ5Mwp6pJnX00wFG5O3bnQH/h0mNn
XG7cA7lna6D77uVMz106eFNIEj3tmnF3vQh+roIl7zendh54zY+zMwq6mc62EkD2
XhVoLtIbnZWBHfUp2fN8ihshtbU1Q1guu3k5uL0cHPbKia9VW5PI2NfWcrw8To7x
9dmlsBxsKtqD0gLEGegPjC+Gs/fSrHeh8rIa3Rbi0hgkNUf3eMJZNoAAoQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFBwx5CQN+DVlYO2ujDHS1pIMYGPIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSERIa0pBMzROV1ZnN2E2TU1kTFdrZ3hnWThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEAE1amQMEAE1amgMEAE1avAMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWAwQA1dGdMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAATC53TQFYrfFCWAH0+UKlGfYlSXPYm0jeJgdxeFRacZyJFy4
maGuo/PkPjFsu0l9qjGoRxA+CScAzGKOVtDQLN1K/80/1M1ryGzmP58E+hdGhTN4
xnkeHD9Q0yPg68sjpfFdId1xnoPQK0ALBPDy21tvqGFODq5uasif3xpghL9E6B65
G9bIpd7UznZW8kF9tvcsvEQCTRR2c0HaP3domGcN94vsjfJaxAp56owj8opA3w5c
tftY+m8Cr5G6XdJfpmtKBJqfYngsTxdjTPEYMCllaymkkf198iswV1+hOUDEgvZT
eKTLuRLWsDMS7ZFZ/1AT9LIaVxzAMmhJIlqMlg==
-----END CERTIFICATE-----
Generated at Thu Jan 18 20:55:02 2024 by rpki-client on console-ams.rpki-client.org