Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OXgLE3StWHpyy6kqXCgi7utZeHU.roa
File: OXgLE3StWHpyy6kqXCgi7utZeHU.roa (raw, json)
Hash identifier: P4jfM5g9x25x3m9iYhadoCOBTkRZnSFZLEnrE+ayqM8=
Subject key identifier: 39:78:0B:13:74:AD:58:7A:72:CB:A9:2A:5C:28:22:EE:EB:59:78:75
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01928F70DF1BABB84E511E932F1A819D62F4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OXgLE3StWHpyy6kqXCgi7utZeHU.roa
Signing time: Tue 15 Oct 2024 09:09:51 +0000
ROA not before: Tue 15 Oct 2024 09:09:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 15:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:70:df:1b:ab:b8:4e:51:1e:93:2f:1a:81:9d:62:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 15 09:09:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39780b1374ad587a72cba92a5c2822eeeb597875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:11:6b:53:7b:2b:0a:72:94:af:f7:14:7f:14:
44:86:c6:94:8c:87:14:46:ef:f9:1e:0d:53:e0:97:
f1:f1:a9:d0:03:f0:51:ed:4a:e9:2c:09:ae:8d:b5:
8e:23:a2:38:70:92:c1:9f:22:04:a8:a2:82:26:64:
da:0f:48:15:27:b3:11:81:61:aa:9d:7a:29:cd:c5:
c4:2e:c5:e3:a9:07:c4:63:b7:99:de:70:59:f2:1b:
47:0c:6a:f9:fd:bd:06:e2:04:0f:bd:0a:28:0b:1d:
6c:3d:dc:e1:40:76:08:f3:d2:0e:48:c3:d4:ba:83:
6b:5d:0e:ca:ea:ca:76:54:90:77:be:1c:db:29:0b:
3a:da:0b:a9:43:c0:a0:5f:fa:d8:9e:ec:42:4f:1f:
25:be:9c:09:c6:00:cd:36:5f:72:4b:25:03:73:ff:
f0:3e:9f:f4:0b:c0:30:12:3a:12:bd:d0:22:d8:2f:
e7:b9:00:5d:e2:b3:d8:5a:a0:0f:59:02:72:1c:ec:
89:98:9c:3e:8a:1b:04:2b:83:e7:76:72:63:8d:d7:
ed:52:0d:29:b4:b7:bb:a8:f8:99:c2:74:3f:02:f2:
6a:7b:b6:1a:e9:bf:4d:77:d4:c5:9b:f5:80:50:ca:
66:1b:a6:fa:48:e8:fe:b3:15:87:ef:28:38:00:88:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:78:0B:13:74:AD:58:7A:72:CB:A9:2A:5C:28:22:EE:EB:59:78:75
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OXgLE3StWHpyy6kqXCgi7utZeHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.164.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b3:61:69:b5:d8:df:36:f4:67:9f:c0:73:fc:3e:f4:08:90:eb:
d6:20:b9:f7:46:d9:df:22:e6:d1:8d:62:96:ba:5d:85:fd:7f:
4b:f6:01:d4:fe:6f:04:48:97:6e:20:3f:fe:d6:41:93:97:54:
05:36:77:f2:00:87:53:f4:16:07:b8:c0:94:8e:2c:b8:7e:5d:
b8:64:75:77:d3:8e:3a:fc:eb:f5:af:e4:48:6d:2f:81:ad:01:
9a:ca:f7:35:26:ae:a6:99:b6:6b:16:49:f8:04:67:a9:2d:bd:
a7:e3:66:46:84:d1:01:6b:33:73:22:73:3e:04:70:fe:9d:97:
5d:fc:1c:13:64:d1:45:07:77:c7:2c:5d:12:53:8c:21:44:bf:
33:20:0b:ad:27:a1:82:4c:3e:0e:0c:b4:73:2a:52:a8:5e:17:
01:61:cd:ea:b7:26:e6:f0:59:f2:16:6b:10:02:41:7e:a3:ab:
4d:13:49:04:6d:f9:f1:aa:6b:b6:28:ef:16:2f:be:56:9e:91:
8f:99:fa:8c:7c:18:a1:92:5f:f0:fd:48:67:45:d1:37:16:ca:
01:cb:c3:bb:33:33:9a:d4:62:ed:3c:d5:cb:fc:89:d2:76:1d:
4d:20:e9:ff:a2:98:08:49:6f:0f:86:b0:de:57:d0:6c:bb:f3:
07:08:50:ea
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZKPcN8bq7hOUR6TLxqBnWL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDE1MDkwOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc4MGIxMzc0YWQ1ODdhNzJjYmE5MmE1YzI4MjJlZWViNTk3ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxFrU3srCnKUr/cUfxREhsaUjIcU
Ru/5Hg1T4Jfx8anQA/BR7UrpLAmujbWOI6I4cJLBnyIEqKKCJmTaD0gVJ7MRgWGq
nXopzcXELsXjqQfEY7eZ3nBZ8htHDGr5/b0G4gQPvQooCx1sPdzhQHYI89IOSMPU
uoNrXQ7K6sp2VJB3vhzbKQs62gupQ8CgX/rYnuxCTx8lvpwJxgDNNl9ySyUDc//w
Pp/0C8AwEjoSvdAi2C/nuQBd4rPYWqAPWQJyHOyJmJw+ihsEK4PndnJjjdftUg0p
tLe7qPiZwnQ/AvJqe7Ya6b9Nd9TFm/WAUMpmG6b6SOj+sxWH7yg4AIhM+QIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFDl4CxN0rVh6csupKlwoIu7rWXh1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvT1hnTEUzU3RXSHB5eTZrcVhDZ2k3dXRaZUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQMEAE1apAMEANXRigMEANXRljAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBALNhabXY3zb0
Z5/Ac/w+9AiQ69YgufdG2d8i5tGNYpa6XYX9f0v2AdT+bwRIl24gP/7WQZOXVAU2
d/IAh1P0Fge4wJSOLLh+XbhkdXfTjjr86/Wv5EhtL4GtAZrK9zUmrqaZtmsWSfgE
Z6ktvafjZkaE0QFrM3Micz4EcP6dl138HBNk0UUHd8csXRJTjCFEvzMgC60noYJM
Pg4MtHMqUqheFwFhzeq3JubwWfIWaxACQX6jq00TSQRt+fGqa7Yo7xYvvlaekY+Z
+ox8GKGSX/D9SGdF0TcWygHLw7szM5rUYu081cv8idJ2HU0g6f+imAhJbw+GsN5X
0Gy78wcIUOo=
-----END CERTIFICATE-----
Generated at Mon Oct 21 18:01:05 2024 by rpki-client on console-fra.rpki-client.org