Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kj8KLT4AEQ7YwdVszCbjrMWPmm4.roa
File: Kj8KLT4AEQ7YwdVszCbjrMWPmm4.roa (raw, json)
Hash identifier: ZjQnX4cwiuEUxhiF1JCFAVolMzZ2v5Y4Iljsv67JpYY=
Subject key identifier: 2A:3F:0A:2D:3E:00:11:0E:D8:C1:D5:6C:CC:26:E3:AC:C5:8F:9A:6E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F9FC29D58B6AE68AAA11325F230CEEA2F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kj8KLT4AEQ7YwdVszCbjrMWPmm4.roa
Signing time: Wed 22 May 2024 10:04:42 +0000
ROA not before: Wed 22 May 2024 10:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 17:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:c2:9d:58:b6:ae:68:aa:a1:13:25:f2:30:ce:ea:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 22 10:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a3f0a2d3e00110ed8c1d56ccc26e3acc58f9a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:98:2e:ac:62:5d:88:84:89:04:c4:24:fe:
42:e7:da:f9:cd:b1:7e:1b:4f:0c:cf:6d:5b:9f:59:
5b:7d:da:ec:03:1e:4b:65:f3:94:20:74:0d:e8:1c:
95:c9:14:9b:b2:f8:e8:42:77:51:04:7f:bd:e7:98:
e9:9e:52:08:d0:54:02:fc:9d:ce:d9:a6:d0:48:f3:
fd:9e:f0:72:c0:31:fa:8d:2c:08:4b:60:68:52:d1:
63:f6:23:5c:a4:21:eb:b2:9a:20:f8:5f:71:97:da:
52:d1:b6:00:f3:86:01:b4:31:54:1e:f3:9f:ac:b3:
49:da:d4:bf:88:d8:1d:9e:20:03:41:84:51:cb:29:
cd:90:2c:8e:c3:b3:49:82:96:65:a9:55:83:71:5f:
5a:fc:b9:cd:80:59:e6:10:79:0b:40:71:db:77:1a:
5f:88:34:c7:89:63:a2:b7:77:b6:02:47:7f:c0:f0:
fd:e1:d1:03:e8:3f:58:2d:4f:4c:89:31:33:8e:0a:
76:72:e6:4d:6e:97:26:98:44:35:b4:da:23:b6:b8:
3e:17:42:2c:b9:50:0f:02:26:20:9b:65:01:e3:dd:
12:a6:c2:cb:47:55:ef:33:f5:64:95:7f:a3:99:d7:
82:25:0a:60:85:fd:65:db:22:d5:1f:88:f1:e4:63:
81:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3F:0A:2D:3E:00:11:0E:D8:C1:D5:6C:CC:26:E3:AC:C5:8F:9A:6E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Kj8KLT4AEQ7YwdVszCbjrMWPmm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0/24
213.209.129.0/24
213.209.138.0/24
213.209.145.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
77:a9:ae:43:5c:0c:5b:0b:4f:b3:61:0d:3b:69:13:3c:2a:20:
de:d6:8f:48:49:ec:25:b5:c3:ca:e5:84:89:9d:44:d9:9b:c2:
71:89:c0:a9:ca:4a:23:37:e8:9c:f7:b8:db:70:cf:99:e6:ac:
11:70:e0:7d:7a:00:0c:33:87:d7:3e:c8:d0:26:94:66:92:4c:
35:35:0d:c2:9a:d7:dc:93:70:b9:78:92:99:17:eb:69:49:3a:
46:70:1e:9f:05:3d:23:8f:1e:21:cf:13:d2:e7:80:e6:2c:26:
02:ae:8a:a5:b4:f5:55:bf:4a:7e:d5:1f:fa:8f:57:af:7b:f3:
40:8a:ab:eb:0e:65:72:51:46:c8:ee:24:0b:43:1e:a5:ef:9b:
fd:2b:8f:d9:1a:ec:ab:f0:f5:a4:6b:bc:03:af:4d:b3:f1:bf:
23:e2:67:a0:6a:84:dc:65:b3:c7:3f:4e:f7:56:1a:32:dc:fd:
19:ca:bb:96:8d:32:8d:db:ca:60:c8:c9:38:f8:98:44:a2:54:
70:13:0b:b5:fa:9a:e4:4b:98:00:97:9d:84:11:40:d3:32:c9:
1f:cf:78:36:93:a1:04:b5:98:49:af:74:14:c5:61:cf:e5:3b:
d7:ee:e8:35:cb:fa:3f:0a:46:f0:4b:fe:f0:22:5b:d3:a8:d5:
48:f2:07:b3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY+fwp1Ytq5oqqETJfIwzuovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTIyMTAwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNmMGEyZDNlMDAxMTBlZDhjMWQ1NmNjYzI2ZTNhY2M1OGY5YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3WYLqxiXYiEiQTEJP5C59r5zbF+
G08Mz21bn1lbfdrsAx5LZfOUIHQN6ByVyRSbsvjoQndRBH+955jpnlII0FQC/J3O
2abQSPP9nvBywDH6jSwIS2BoUtFj9iNcpCHrspog+F9xl9pS0bYA84YBtDFUHvOf
rLNJ2tS/iNgdniADQYRRyynNkCyOw7NJgpZlqVWDcV9a/LnNgFnmEHkLQHHbdxpf
iDTHiWOit3e2Akd/wPD94dED6D9YLU9MiTEzjgp2cuZNbpcmmEQ1tNojtrg+F0Is
uVAPAiYgm2UB490SpsLLR1XvM/VklX+jmdeCJQpghf1l2yLVH4jx5GOB3wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCo/Ci0+ABEO2MHVbMwm46zFj5puMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS2o4S0xUNEFFUTdZd2RWc3pDYmpyTVdQbW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBAC55g0DBADV0YEDBADV0YoDBADV0ZEDBADV0Z0wFAQC
AAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQB3qa5DXAxbC0+z
YQ07aRM8KiDe1o9ISewltcPK5YSJnUTZm8JxicCpykojN+ic97jbcM+Z5qwRcOB9
egAMM4fXPsjQJpRmkkw1NQ3Cmtfck3C5eJKZF+tpSTpGcB6fBT0jjx4hzxPS54Dm
LCYCroqltPVVv0p+1R/6j1eve/NAiqvrDmVyUUbI7iQLQx6l75v9K4/ZGuyr8PWk
a7wDr02z8b8j4megaoTcZbPHP073Vhoy3P0ZyruWjTKN28pgyMk4+JhEolRwEwu1
+prkS5gAl52EEUDTMskfz3g2k6EEtZhJr3QUxWHP5TvX7ug1y/o/CkbwS/7wIlvT
qNVI8gez
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org