Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hba9zsaK-VPNX2ZSzmd29BdKiMI.roa
File: Hba9zsaK-VPNX2ZSzmd29BdKiMI.roa (raw, json)
Hash identifier: 5M0BWwfeyWex4oL4ZkY+8if0/F/CTQKz1Yf0Donvrwg=
Subject key identifier: 1D:B6:BD:CE:C6:8A:F9:53:CD:5F:66:52:CE:67:76:F4:17:4A:88:C2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B7C9F4BB4FA60E97090A2D967E3108114
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hba9zsaK-VPNX2ZSzmd29BdKiMI.roa
Signing time: Sun 29 Oct 2023 18:08:16 +0000
ROA not before: Sun 29 Oct 2023 18:08:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:9f:4b:b4:fa:60:e9:70:90:a2:d9:67:e3:10:81:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 29 18:08:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1db6bdcec68af953cd5f6652ce6776f4174a88c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5a:54:6a:f0:7b:f2:b6:8a:fa:c2:9d:18:8e:
36:c3:5c:e5:01:70:a3:81:42:b7:c7:f4:f1:3f:4f:
79:c3:7d:7b:b3:a1:a9:b9:d1:ad:cf:41:ad:77:39:
26:58:e4:e8:0e:20:16:d9:87:5f:f7:a3:38:a9:ac:
a4:a6:ce:fc:bb:12:82:d9:d0:72:22:64:63:8c:97:
51:87:c1:52:da:2e:62:9b:b9:81:14:67:76:98:73:
ee:48:ab:41:bd:e8:3b:9e:1a:e9:a0:8b:4b:3b:74:
40:40:dd:9f:fe:81:96:78:1e:12:78:4b:34:2b:f0:
40:b4:49:84:43:61:9f:34:6a:ee:62:1d:15:b9:a8:
7c:d4:05:d4:42:4d:c7:54:83:e9:a0:06:8c:23:6b:
10:c6:c6:4a:c2:f0:c9:e3:ad:30:ba:6a:71:65:c7:
23:0c:f5:04:3d:bb:7d:94:03:0b:28:80:97:59:98:
01:ca:01:51:c0:fa:02:98:c6:82:fb:5e:62:21:2a:
89:5c:31:67:18:01:a5:61:69:78:ae:e1:ec:c2:98:
93:f7:0e:1a:1d:96:5a:a7:53:1e:d6:e8:24:32:e8:
3a:5b:63:08:96:c9:eb:72:bb:ab:7f:4c:80:b6:e6:
38:dc:11:1e:50:1a:cc:28:1e:28:f4:a5:ad:d7:53:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B6:BD:CE:C6:8A:F9:53:CD:5F:66:52:CE:67:76:F4:17:4A:88:C2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Hba9zsaK-VPNX2ZSzmd29BdKiMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.188.0/24
185.230.14.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
25:53:34:fd:43:5a:cf:9f:c1:c4:5e:88:2f:de:e2:8f:f5:49:
c5:6d:ab:2d:05:06:6d:42:ea:9a:32:4b:16:e8:bf:ba:f8:cf:
0a:2d:ea:56:e7:41:b7:b2:a3:36:58:92:d3:d3:85:89:4b:86:
78:40:f5:fb:a6:d5:c1:f0:a4:98:98:75:25:cc:b2:52:6a:94:
d8:52:6c:3b:57:52:27:54:77:75:89:c7:10:3d:b7:01:3f:67:
13:f7:c6:7f:30:58:5c:02:18:59:4b:55:96:0e:7f:8f:90:69:
11:46:8d:b7:cc:3e:c8:33:82:5d:9b:27:93:1f:cb:e0:ce:e9:
81:ef:56:c4:d2:3e:c5:00:8a:b5:8a:fe:8a:7d:51:07:09:2c:
04:0b:3f:95:fc:d0:9d:81:0c:11:a6:49:64:3b:e9:82:cd:ba:
55:97:f9:f9:e2:a8:b9:18:23:dd:47:00:fc:bf:86:84:0c:b2:
9a:f8:ee:dd:e6:c7:80:46:19:8b:4f:fd:13:e9:28:07:95:7f:
42:0e:24:34:b5:e1:64:a7:9d:e0:69:26:d4:8e:ef:02:a3:f9:
9d:b8:ce:80:76:a4:d8:6f:f8:4d:0a:ef:c5:ad:42:b6:6d:65:
5a:80:88:98:96:4a:5a:92:91:d4:ba:88:cd:6b:fd:57:31:4c:
ac:0a:31:f5
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYt8n0u0+mDpcJCi2WfjEIEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI5MTgwODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI2YmRjZWM2OGFmOTUzY2Q1ZjY2NTJjZTY3NzZmNDE3NGE4OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1pUavB78raK+sKdGI42w1zlAXCj
gUK3x/TxP095w317s6GpudGtz0GtdzkmWOToDiAW2Ydf96M4qaykps78uxKC2dBy
ImRjjJdRh8FS2i5im7mBFGd2mHPuSKtBveg7nhrpoItLO3RAQN2f/oGWeB4SeEs0
K/BAtEmEQ2GfNGruYh0Vuah81AXUQk3HVIPpoAaMI2sQxsZKwvDJ460wumpxZccj
DPUEPbt9lAMLKICXWZgBygFRwPoCmMaC+15iISqJXDFnGAGlYWl4ruHswpiT9w4a
HZZap1Me1ugkMug6W2MIlsnrcrurf0yAtuY43BEeUBrMKB4o9KWt11PKxQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFB22vc7GivlTzV9mUs5ndvQXSojCMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSGJhOXpzYUstVlBOWDJaU3ptZDI5QmRLaU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1alAME
AE1avAMEALnmDgMEANXRigMEANXRkQMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQp
wgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBACVTNP1DWs+fwcReiC/e4o/1ScVt
qy0FBm1C6poySxbov7r4zwot6lbnQbeyozZYktPThYlLhnhA9fum1cHwpJiYdSXM
slJqlNhSbDtXUidUd3WJxxA9twE/ZxP3xn8wWFwCGFlLVZYOf4+QaRFGjbfMPsgz
gl2bJ5Mfy+DO6YHvVsTSPsUAirWK/op9UQcJLAQLP5X80J2BDBGmSWQ76YLNulWX
+fniqLkYI91HAPy/hoQMspr47t3mx4BGGYtP/RPpKAeVf0IOJDS14WSnneBpJtSO
7wKj+Z24zoB2pNhv+E0K78WtQrZtZVqAiJiWSlqSkdS6iM1r/VcxTKwKMfU=
-----END CERTIFICATE-----
Generated at Tue Nov 7 10:14:36 2023 by rpki-client on console-fra.rpki-client.org