Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IiL8h6SWXL7PdkPiWv7JVuRADuM.roa
File: IiL8h6SWXL7PdkPiWv7JVuRADuM.roa (raw, json)
Hash identifier: mVVVzkYGek8gYYagO1khtWcbS4LlkT1iatS1VRmPHT0=
Subject key identifier: 22:22:FC:87:A4:96:5C:BE:CF:76:43:E2:5A:FE:C9:56:E4:40:0E:E3
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01918DF9C868B6AA879EBE2A93B4BB48E5C2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IiL8h6SWXL7PdkPiWv7JVuRADuM.roa
Signing time: Mon 26 Aug 2024 09:17:22 +0000
ROA not before: Mon 26 Aug 2024 09:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 31 Aug 2024 19:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:f9:c8:68:b6:aa:87:9e:be:2a:93:b4:bb:48:e5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 26 09:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2222fc87a4965cbecf7643e25afec956e4400ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f2:0c:2a:e6:ee:88:64:14:e6:2d:95:36:3d:
14:41:ae:9b:b0:23:2f:ac:4e:3f:c1:59:f7:65:51:
ce:6c:cd:7f:b1:e6:5b:81:75:70:9b:20:22:da:dc:
0d:e5:ad:7a:9f:ae:3d:d9:c3:6c:1f:54:ff:6e:1a:
47:83:c4:97:ec:22:e3:2a:9a:4b:7a:5b:fa:99:da:
d3:ad:59:22:6e:80:ec:9c:94:79:9e:c0:3d:ab:be:
a7:7c:af:94:b9:43:dd:e7:eb:40:6b:9b:cd:ec:94:
5b:11:2a:38:b7:e9:85:2b:f0:69:ba:00:b7:d1:46:
c0:72:0c:a2:3a:42:7d:f1:0e:fa:c3:65:9e:34:e9:
a3:12:b7:8e:ab:07:64:e9:4b:a6:1c:d4:13:79:3e:
44:91:d9:48:fb:9b:c7:b0:9a:2c:5c:90:ea:96:fc:
71:36:a7:29:66:79:5e:3c:a8:d6:53:b4:1b:91:27:
74:1e:a9:68:8c:ba:57:09:cb:3e:83:b9:46:92:f7:
61:e0:19:2a:5c:79:bf:65:19:8a:7b:ca:6d:b1:85:
0e:87:28:0c:df:54:11:64:f9:6e:81:f2:a6:ac:d2:
f6:17:26:22:8b:5a:e9:cc:df:b9:c8:df:94:d2:1c:
05:17:7f:58:d5:60:72:52:7f:08:9c:2b:76:35:73:
b2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:22:FC:87:A4:96:5C:BE:CF:76:43:E2:5A:FE:C9:56:E4:40:0E:E3
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IiL8h6SWXL7PdkPiWv7JVuRADuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
82:93:cb:5f:c2:0b:4a:b9:a6:02:48:df:6d:9c:d5:a6:fd:55:
cf:d5:97:a7:fe:9c:ca:3d:21:3d:d3:5e:45:fd:46:d6:81:60:
96:a5:63:70:61:cd:65:99:c8:bc:59:2c:2f:d8:2d:74:b2:0e:
07:d6:d4:f5:52:11:1e:de:ed:c9:fc:86:a8:03:8c:47:32:89:
4d:4f:7f:64:87:92:68:fb:7c:db:02:fe:b1:cc:47:82:44:d6:
e9:d3:23:7d:8e:96:fe:c8:25:33:cc:f0:27:60:be:39:6c:15:
d8:7b:cc:c9:e4:33:df:d9:be:27:11:4e:2b:f0:cb:ae:42:d5:
9f:ef:4e:9e:66:87:38:37:91:f5:98:07:39:6e:a5:bd:18:f6:
ad:95:01:74:51:6c:8d:62:36:af:fb:1e:e4:a1:dc:79:69:13:
99:ef:cb:3d:95:96:f2:8b:af:58:2f:ee:2a:d7:bd:fd:b3:64:
fa:f7:5c:72:f9:8f:ba:b0:0b:f1:9f:ab:fd:e4:55:ac:97:5f:
5d:ad:f6:ed:7c:9b:91:6b:a3:7e:0f:b3:6e:69:b4:7c:16:ba:
57:5c:0c:ed:e5:3b:d1:9f:16:2f:c8:ee:9d:44:4e:02:fe:7b:
4b:e0:e0:6f:12:13:2a:d0:c8:48:24:40:48:68:b0:0a:9e:ed:
3e:30:ba:49
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZGN+chotqqHnr4qk7S7SOXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODI2MDkxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIyZmM4N2E0OTY1Y2JlY2Y3NjQzZTI1YWZlYzk1NmU0NDAwZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vIMKubuiGQU5i2VNj0UQa6bsCMv
rE4/wVn3ZVHObM1/seZbgXVwmyAi2twN5a16n6492cNsH1T/bhpHg8SX7CLjKppL
elv6mdrTrVkiboDsnJR5nsA9q76nfK+UuUPd5+tAa5vN7JRbESo4t+mFK/BpugC3
0UbAcgyiOkJ98Q76w2WeNOmjEreOqwdk6UumHNQTeT5EkdlI+5vHsJosXJDqlvxx
NqcpZnlePKjWU7QbkSd0HqlojLpXCcs+g7lGkvdh4BkqXHm/ZRmKe8ptsYUOhygM
31QRZPlugfKmrNL2FyYii1rpzN+5yN+U0hwFF39Y1WByUn8InCt2NXOylwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFCIi/Ieklly+z3ZD4lr+yVbkQA7jMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSWlMOGg2U1dYTDdQZGtQaVd2N0pWdVJBRHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEAE1amQMEAE1amgMEALnmDgMEANXRgQMEANXRijAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAIKTy1/CC0q5
pgJI322c1ab9Vc/Vl6f+nMo9IT3TXkX9RtaBYJalY3BhzWWZyLxZLC/YLXSyDgfW
1PVSER7e7cn8hqgDjEcyiU1Pf2SHkmj7fNsC/rHMR4JE1unTI32Olv7IJTPM8Cdg
vjlsFdh7zMnkM9/ZvicRTivwy65C1Z/vTp5mhzg3kfWYBzlupb0Y9q2VAXRRbI1i
Nq/7HuSh3HlpE5nvyz2VlvKLr1gv7irXvf2zZPr3XHL5j7qwC/Gfq/3kVayXX12t
9u18m5Fro34Ps25ptHwWuldcDO3lO9GfFi/I7p1ETgL+e0vg4G8SEyrQyEgkQEho
sAqe7T4wukk=
-----END CERTIFICATE-----
Generated at Sat Aug 31 22:17:47 2024 by rpki-client on console-ams.rpki-client.org