Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Rc-TVNTB4Y_vJLuQuXjNq__kQ-Y.roa
File: Rc-TVNTB4Y_vJLuQuXjNq__kQ-Y.roa (raw, json)
Hash identifier: DRHEmR3wGzAbrTPcq3Z0DbHVm0aKvFzpt3B6LXM7vAA=
Subject key identifier: 45:CF:93:54:D4:C1:E1:8F:EF:24:BB:90:B9:78:CD:AB:FF:E4:43:E6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018581343B671D956DE07727C84CEBE185C3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Rc-TVNTB4Y_vJLuQuXjNq__kQ-Y.roa
Signing time: Thu 05 Jan 2023 09:12:42 +0000
ROA not before: Thu 05 Jan 2023 09:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:34:3b:67:1d:95:6d:e0:77:27:c8:4c:eb:e1:85:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 5 09:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45cf9354d4c1e18fef24bb90b978cdabffe443e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:ed:69:25:e2:e1:f4:25:da:4f:40:4d:ca:
66:95:62:07:c0:c1:7b:84:18:da:f9:33:60:5b:f8:
b9:c2:3e:f4:71:c1:a0:5c:36:82:df:86:7a:f6:36:
31:a6:f9:13:9a:6b:7a:02:38:08:c6:60:c0:4a:76:
f6:46:61:df:1e:ce:b5:eb:d0:71:1e:a0:36:ea:3e:
2b:17:d7:aa:68:a3:9f:c7:8a:3e:e1:03:bd:8f:3e:
7e:ae:9c:69:45:7d:e1:36:c1:70:af:6f:45:76:4b:
64:ea:75:4a:35:52:32:66:12:42:49:65:15:38:dc:
e0:45:14:f1:26:42:cb:d0:5b:f0:17:16:86:98:24:
23:13:da:b7:96:cb:de:1a:d0:84:59:79:35:d1:40:
9a:f3:98:eb:10:d4:b2:84:16:3c:a3:42:0a:a5:f2:
35:1d:8c:dd:ca:70:17:53:09:0c:1a:e1:de:43:30:
bd:7e:eb:eb:64:eb:9a:68:b5:3c:15:fb:f7:23:5c:
d0:26:08:a0:a9:34:1c:b2:7c:a3:71:be:3a:b3:e4:
62:15:f1:17:6d:fb:19:ff:14:5b:75:8d:cc:ac:86:
f7:ff:c5:aa:d1:6b:b2:05:85:e2:8f:85:41:6e:07:
c1:a4:2f:8e:99:9f:1a:1b:0d:8a:5b:25:f3:0f:fb:
eb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CF:93:54:D4:C1:E1:8F:EF:24:BB:90:B9:78:CD:AB:FF:E4:43:E6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Rc-TVNTB4Y_vJLuQuXjNq__kQ-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.156.0/24
77.90.184.0/24
77.90.188.0/24
185.230.14.0/23
213.209.129.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0-213.209.146.255
213.209.149.0-213.209.151.255
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
56:70:45:a1:ea:16:3e:cc:71:d8:75:b2:81:3e:e3:6d:5f:59:
fe:d8:fa:da:05:06:0e:44:ef:13:23:17:f2:87:5f:6e:48:81:
4b:6f:db:e4:59:c4:78:52:f0:84:23:47:e3:f8:fb:8e:f9:3f:
5a:b6:aa:c1:2b:5c:03:ed:0d:b3:7a:50:16:61:1b:f7:f1:00:
9c:a2:bd:da:f6:f0:b7:2e:55:c0:33:f3:f3:d8:0b:ee:e6:41:
93:bf:da:80:2e:9d:ba:e1:0a:0c:78:c9:73:7a:90:c0:d9:4b:
4d:d5:fa:51:e3:bd:a6:21:d4:2f:5e:ff:0d:9e:ae:55:5a:bb:
f7:f3:cb:9c:14:06:11:ea:c2:d5:18:d8:71:ef:9c:f1:13:bc:
bc:e8:ef:8f:3b:90:46:1d:ca:a4:1a:23:6a:26:57:5a:4b:00:
92:7c:3d:65:ee:9b:3b:13:da:76:6a:65:74:9f:2d:91:3e:70:
82:46:69:47:71:e8:bb:29:e1:94:12:38:19:fa:b1:b9:3b:e1:
06:d5:06:f4:17:b9:ee:b6:03:8c:a1:8f:0c:09:52:c5:ef:74:
9f:5c:5a:db:f8:c3:da:ed:8e:62:f9:65:30:3e:21:a3:35:9d:
32:48:26:2a:87:97:2f:a7:8b:fd:95:2f:33:16:2f:b8:5e:b0:
2c:e4:a4:7a
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYWBNDtnHZVt4HcnyEzr4YXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTA1MDkxMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNmOTM1NGQ0YzFlMThmZWYyNGJiOTBiOTc4Y2RhYmZmZTQ0M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrLtaSXi4fQl2k9ATcpmlWIHwMF7
hBja+TNgW/i5wj70ccGgXDaC34Z69jYxpvkTmmt6AjgIxmDASnb2RmHfHs6169Bx
HqA26j4rF9eqaKOfx4o+4QO9jz5+rpxpRX3hNsFwr29Fdktk6nVKNVIyZhJCSWUV
ONzgRRTxJkLL0FvwFxaGmCQjE9q3lsveGtCEWXk10UCa85jrENSyhBY8o0IKpfI1
HYzdynAXUwkMGuHeQzC9fuvrZOuaaLU8Ffv3I1zQJgigqTQcsnyjcb46s+RiFfEX
bfsZ/xRbdY3MrIb3/8Wq0WuyBYXij4VBbgfBpC+OmZ8aGw2KWyXzD/vrVwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFEXPk1TUweGP7yS7kLl4zav/5EPmMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUmMtVFZOVEI0WV92Skx1UXVYak5xX19rUS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBowQCAAEwgZwwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1alAMEAE1amQMEAE1anAMEAE1auAMEAE1avAMEAbnmDgMEANXRgQME
ANXRiAMEANXRigMEANXRjzAMAwQA1dGRAwQA1dGSMAwDBADV0ZUDBAPV0ZADBAHV
0ZwDBADV0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IB
AQBWcEWh6hY+zHHYdbKBPuNtX1n+2PraBQYORO8TIxfyh19uSIFLb9vkWcR4UvCE
I0fj+PuO+T9atqrBK1wD7Q2zelAWYRv38QCcor3a9vC3LlXAM/Pz2Avu5kGTv9qA
Lp264QoMeMlzepDA2UtN1fpR472mIdQvXv8Nnq5VWrv388ucFAYR6sLVGNhx75zx
E7y86O+PO5BGHcqkGiNqJldaSwCSfD1l7ps7E9p2amV0ny2RPnCCRmlHcei7KeGU
EjgZ+rG5O+EG1Qb0F7nutgOMoY8MCVLF73SfXFrb+MPa7Y5i+WUwPiGjNZ0ySCYq
h5cvp4v9lS8zFi+4XrAs5KR6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org