Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S0QBvhFz-K6GUMcAQBMmRy1-nAw.roa
File: S0QBvhFz-K6GUMcAQBMmRy1-nAw.roa (raw, json)
Hash identifier: SbDBf9NnUtWET4wzKqrm4a2z1SerKzRMlDagx3kYSrM=
Subject key identifier: 4B:44:01:BE:11:73:F8:AE:86:50:C7:00:40:13:26:47:2D:7E:9C:0C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CF516EF8FC8F2CBFEF5313248BE27535F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S0QBvhFz-K6GUMcAQBMmRy1-nAw.roa
Signing time: Wed 10 Jan 2024 20:36:10 +0000
ROA not before: Wed 10 Jan 2024 20:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:16:ef:8f:c8:f2:cb:fe:f5:31:32:48:be:27:53:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 10 20:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b4401be1173f8ae8650c700401326472d7e9c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:44:66:7e:94:47:38:29:14:99:a8:48:22:75:
5a:5b:c8:3b:06:df:76:69:35:4d:48:5c:4e:29:5e:
f7:60:c2:28:81:01:4e:64:55:1c:82:e3:49:0d:73:
3a:44:5f:c8:8a:c1:6c:5e:58:43:bd:04:ec:8d:4c:
2a:d2:7a:75:46:8d:54:6e:fd:a5:db:6e:da:c5:4b:
09:b5:93:f5:c4:32:71:21:e0:a6:9f:f5:54:f4:f7:
25:6d:0e:64:2c:33:e0:fa:f8:09:c8:55:18:92:c8:
cb:5a:81:0d:5a:a8:2e:3b:dc:ab:c5:67:b2:9f:77:
aa:97:f8:51:f9:a8:6c:a4:9a:a9:0e:52:49:17:53:
7d:06:09:aa:61:47:8e:76:07:b7:96:17:e3:5c:1a:
8c:38:19:a2:20:47:ff:30:34:5a:8b:e5:b1:60:d3:
c3:42:b8:d6:d6:51:cf:9b:61:68:2d:74:98:e0:a9:
f3:9d:c7:75:f4:bc:67:59:e4:ba:cc:79:e6:87:31:
de:56:17:26:69:8a:a0:46:76:ac:41:25:e2:52:80:
ff:e8:ee:35:85:01:f6:50:e5:0b:34:4b:0d:1e:fb:
07:95:a6:45:92:d1:ca:47:ee:f7:2e:1b:0b:f7:77:
65:c1:16:a5:81:f8:59:28:ae:ba:2e:bf:51:35:8c:
13:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:44:01:BE:11:73:F8:AE:86:50:C7:00:40:13:26:47:2D:7E:9C:0C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/S0QBvhFz-K6GUMcAQBMmRy1-nAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
27:52:72:b9:a1:97:ae:ac:e4:d2:95:99:b2:01:9a:fd:20:1d:
2b:b5:08:64:24:25:84:11:41:94:fc:60:be:d9:df:00:1c:d7:
57:5e:7f:ea:7a:54:ee:98:e7:b1:6c:78:02:ec:69:94:6d:83:
87:86:a9:21:85:67:20:1d:18:d0:2c:1e:8b:d9:48:16:db:d3:
ce:f6:b5:f1:c4:a2:70:e3:30:4a:e1:3b:8b:1c:37:fb:1d:d9:
eb:68:fe:a9:96:25:d3:2e:29:e0:c4:11:63:e0:cd:0c:e9:ee:
90:a6:da:61:65:3e:12:68:33:39:31:d5:55:a8:ba:d5:ac:c8:
6d:49:6b:63:c9:bd:b9:cc:49:21:62:ca:83:1f:ab:3a:dd:2b:
75:95:29:69:5a:63:19:9d:93:7c:f9:91:42:eb:7a:ed:a5:a9:
5c:e9:06:6f:ad:6a:4b:dd:f6:72:f2:84:74:e1:5e:93:9f:01:
29:a9:db:99:1b:67:5d:ce:05:41:63:98:85:aa:d7:dc:e9:86:
6a:25:5c:91:f1:53:ad:f5:66:95:44:30:02:49:a0:9d:d1:89:
9e:ad:ec:78:3a:cb:fc:20:6f:9f:13:bb:f7:fc:a0:eb:ae:ad:
0a:37:d6:30:b2:91:8c:9b:d4:27:59:1a:b2:35:a5:35:7e:28:
8f:78:ab:83
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYz1Fu+PyPLL/vUxMki+J1NfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTEwMjAzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQ0MDFiZTExNzNmOGFlODY1MGM3MDA0MDEzMjY0NzJkN2U5YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kRmfpRHOCkUmahIInVaW8g7Bt92
aTVNSFxOKV73YMIogQFOZFUcguNJDXM6RF/IisFsXlhDvQTsjUwq0np1Ro1Ubv2l
227axUsJtZP1xDJxIeCmn/VU9PclbQ5kLDPg+vgJyFUYksjLWoENWqguO9yrxWey
n3eql/hR+ahspJqpDlJJF1N9BgmqYUeOdge3lhfjXBqMOBmiIEf/MDRai+WxYNPD
QrjW1lHPm2FoLXSY4Knzncd19LxnWeS6zHnmhzHeVhcmaYqgRnasQSXiUoD/6O41
hQH2UOULNEsNHvsHlaZFktHKR+73LhsL93dlwRalgfhZKK66Lr9RNYwT2QIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFEtEAb4Rc/iuhlDHAEATJkctfpwMMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUzBRQnZoRnotSzZHVU1jQVFCTW1SeTEtbkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBkwQCAAEwgYwwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIAwQATVqMMAwDBAFNWo4DBABN
WpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQATVq8MAwDBAC55g0DBAC5
5g4DBADV0YEDBADV0YowDAMEANXRkQMEANXRkgMEANXRlgMEANXRnTAUBAIAAjAO
AwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBACdScrmhl66s5NKVmbIB
mv0gHSu1CGQkJYQRQZT8YL7Z3wAc11def+p6VO6Y57FseALsaZRtg4eGqSGFZyAd
GNAsHovZSBbb0872tfHEonDjMErhO4scN/sd2eto/qmWJdMuKeDEEWPgzQzp7pCm
2mFlPhJoMzkx1VWoutWsyG1Ja2PJvbnMSSFiyoMfqzrdK3WVKWlaYxmdk3z5kULr
eu2lqVzpBm+takvd9nLyhHThXpOfASmp25kbZ13OBUFjmIWq19zphmolXJHxU631
ZpVEMAJJoJ3RiZ6t7Hg6y/wgb58Tu/f8oOuurQo31jCykYyb1CdZGrI1pTV+KI94
q4M=
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:08:17 2024 by rpki-client on console-fra.rpki-client.org