Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MCx7haMdX4k58jvcrSdUVanJ4rI.roa
File: MCx7haMdX4k58jvcrSdUVanJ4rI.roa (raw, json)
Hash identifier: rc9alp0Qlg497mCedmIhrN4PyA9QbFBdKIn7ocdNCsE=
Subject key identifier: 30:2C:7B:85:A3:1D:5F:89:39:F2:3B:DC:AD:27:54:55:A9:C9:E2:B2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018EF15643050D72E3F6F79EAA13A0E35115
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MCx7haMdX4k58jvcrSdUVanJ4rI.roa
Signing time: Thu 18 Apr 2024 13:12:26 +0000
ROA not before: Thu 18 Apr 2024 13:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Apr 2024 18:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f1:56:43:05:0d:72:e3:f6:f7:9e:aa:13:a0:e3:51:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 18 13:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=302c7b85a31d5f8939f23bdcad275455a9c9e2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:53:1a:16:86:f0:b7:f3:fa:e4:a0:c2:63:7d:
a2:2c:3b:69:82:ec:38:ed:18:a0:8f:55:51:16:65:
dd:ef:62:a8:7f:2b:f6:66:50:fa:c6:06:93:19:2b:
7b:5b:91:f8:a4:90:d1:10:60:59:85:0b:5f:dd:92:
e6:75:4b:d5:09:66:7c:06:95:9b:5a:1f:d6:f5:81:
96:69:06:2d:02:16:57:44:ce:a8:60:ac:89:d3:c5:
01:16:bb:dd:3a:dc:20:26:96:1d:78:29:df:64:88:
c5:7a:09:1c:0c:c6:f3:7b:cf:33:9d:bb:c5:8b:8a:
d5:ac:6f:ad:5a:33:8d:e7:fb:23:a1:c3:b7:bf:fb:
7e:d7:8b:ed:e1:9f:c2:64:10:80:b2:e0:52:c0:87:
2c:5c:56:f3:8a:d4:d1:50:c9:69:a6:ab:17:75:25:
e4:a3:0f:80:80:78:75:f4:42:33:ad:8f:49:96:26:
7d:1f:41:eb:4b:93:66:38:5c:1b:94:59:12:62:75:
87:ed:c8:b2:2f:8a:c3:37:37:21:28:83:01:88:62:
10:1c:a8:69:8b:11:9a:54:38:66:84:d4:b8:03:0f:
c6:6a:7e:41:4f:ac:9f:d6:8a:c0:fe:51:8d:0e:c5:
f7:34:9d:68:76:24:74:de:3d:e2:22:ac:b8:97:c4:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2C:7B:85:A3:1D:5F:89:39:F2:3B:DC:AD:27:54:55:A9:C9:E2:B2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/MCx7haMdX4k58jvcrSdUVanJ4rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
32:c3:72:a1:a4:a8:7b:ec:f3:8e:52:42:18:bf:43:ac:5b:9b:
ca:3f:b9:9d:c4:34:d6:e4:0a:ee:7e:04:c8:a5:66:e4:5c:89:
fe:59:8d:a4:1e:db:d5:cf:10:84:a5:eb:04:8d:80:2d:bf:ae:
a6:75:e8:ae:a7:da:0c:e0:98:0a:b0:3f:e3:d3:6c:98:3a:ab:
da:77:50:5f:0d:36:56:49:11:8f:4b:51:4d:18:27:a0:a6:8a:
48:a0:35:b2:66:e7:39:85:2f:f0:77:7d:8a:ab:fa:b0:e8:5c:
10:3f:82:5f:66:96:bd:8a:cc:f5:5c:43:31:84:4b:df:61:71:
6a:98:33:bd:e8:6a:1d:00:b9:af:7b:dc:96:c9:79:8d:ae:10:
4d:d3:e2:e2:da:ce:0c:16:8a:9b:62:b7:58:ba:4b:c3:cc:b8:
98:00:de:30:00:52:14:b0:cf:de:e6:95:09:8f:7e:a8:15:65:
2d:6c:ce:5b:21:0e:aa:6c:87:1e:9f:42:a3:a2:fb:a5:65:fa:
92:07:57:e4:45:05:c6:79:9a:72:75:de:1a:84:e2:fb:3a:dc:
47:df:28:cf:dc:57:e7:f9:f6:3e:80:c7:b8:10:e3:a0:df:ba:
f7:06:19:b9:cd:5a:8d:27:4e:78:84:fd:a2:2f:b9:cf:5c:26:
a0:ce:cb:20
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY7xVkMFDXLj9veeqhOg41EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNDE4MTMxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJjN2I4NWEzMWQ1Zjg5MzlmMjNiZGNhZDI3NTQ1NWE5YzllMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlMaFobwt/P65KDCY32iLDtpguw4
7Rigj1VRFmXd72Kofyv2ZlD6xgaTGSt7W5H4pJDREGBZhQtf3ZLmdUvVCWZ8BpWb
Wh/W9YGWaQYtAhZXRM6oYKyJ08UBFrvdOtwgJpYdeCnfZIjFegkcDMbze88znbvF
i4rVrG+tWjON5/sjocO3v/t+14vt4Z/CZBCAsuBSwIcsXFbzitTRUMlppqsXdSXk
ow+AgHh19EIzrY9JliZ9H0HrS5NmOFwblFkSYnWH7ciyL4rDNzchKIMBiGIQHKhp
ixGaVDhmhNS4Aw/Gan5BT6yf1orA/lGNDsX3NJ1odiR03j3iIqy4l8S5CwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFDAse4WjHV+JOfI73K0nVFWpyeKyMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTUN4N2hhTWRYNGs1OGp2Y3JTZFVWYW5KNHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRgQMEANXRigMEANXRjwME
ANXRkQMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBADLDcqGkqHvs845SQhi/Q6xbm8o/uZ3ENNbkCu5+BMilZuRcif5ZjaQe29XP
EISl6wSNgC2/rqZ16K6n2gzgmAqwP+PTbJg6q9p3UF8NNlZJEY9LUU0YJ6Cmikig
NbJm5zmFL/B3fYqr+rDoXBA/gl9mlr2KzPVcQzGES99hcWqYM73oah0Aua973JbJ
eY2uEE3T4uLazgwWiptit1i6S8PMuJgA3jAAUhSwz97mlQmPfqgVZS1szlshDqps
hx6fQqOi+6Vl+pIHV+RFBcZ5mnJ13hqE4vs63EffKM/cV+f59j6Ax7gQ46DfuvcG
GbnNWo0nTniE/aIvuc9cJqDOyyA=
-----END CERTIFICATE-----
Generated at Fri Apr 19 21:32:48 2024 by rpki-client on console-ams.rpki-client.org