Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SZI4iLg1UQAQ1VNGTDuU18exom8.roa
File: SZI4iLg1UQAQ1VNGTDuU18exom8.roa (raw, json)
Hash identifier: 4uLkPeZ0IbEVjI51PV9VnywX+aHfnO3mUm2b9EVhjao=
Subject key identifier: 49:92:38:88:B8:35:51:00:10:D5:53:46:4C:3B:94:D7:C7:B1:A2:6F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018BCA24E403031C7E6BD63AD52E9538FEBB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SZI4iLg1UQAQ1VNGTDuU18exom8.roa
Signing time: Mon 13 Nov 2023 19:24:57 +0000
ROA not before: Mon 13 Nov 2023 19:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:24:e4:03:03:1c:7e:6b:d6:3a:d5:2e:95:38:fe:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 13 19:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49923888b835510010d553464c3b94d7c7b1a26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:78:21:da:9f:13:12:ed:78:d9:93:54:33:b6:
49:b7:d1:bc:e6:d0:ca:ad:48:06:8c:9a:bb:97:ae:
79:d2:c8:bb:01:28:12:b3:c0:33:05:a9:9f:47:98:
30:4d:f8:e8:81:11:2a:0d:86:cf:77:04:00:1f:82:
6c:61:6c:2c:95:6e:62:f7:1c:e5:5d:14:5f:16:be:
74:90:30:2d:aa:40:8e:36:5d:1e:ee:e1:f0:e8:4a:
99:01:4e:a6:32:d5:a4:3b:c7:1e:51:54:5a:ab:00:
89:4b:8c:bb:c6:11:04:ad:c0:bb:28:c5:69:46:8a:
80:d9:ff:c7:e8:6d:52:00:a9:48:81:45:b2:42:1e:
fa:ea:db:81:9c:2c:38:6e:c7:97:3a:c3:9f:e9:36:
d6:b4:f4:18:68:ad:5a:79:36:fe:e7:e4:53:aa:d9:
e4:c9:d4:3a:4c:ff:46:59:d6:a9:9b:37:c0:0f:69:
d8:30:b9:bf:ee:21:ff:57:bc:e3:a5:e0:88:c8:f7:
f5:66:95:4f:f9:c3:8e:de:c1:31:41:bf:c7:86:78:
6f:36:9f:96:39:49:69:16:07:e6:8b:db:87:f6:72:
9b:c6:44:a8:a7:3f:cc:71:0f:fa:73:25:56:83:7b:
1e:2d:a1:7f:58:db:6f:26:24:4a:f0:45:a4:fa:f1:
e9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:92:38:88:B8:35:51:00:10:D5:53:46:4C:3B:94:D7:C7:B1:A2:6F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/SZI4iLg1UQAQ1VNGTDuU18exom8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0/24
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
90:5c:01:29:4c:e1:92:5b:bf:88:4f:ed:44:46:4d:4f:ab:b4:
a3:3a:c7:db:60:6e:35:b5:16:f8:ef:3b:21:17:51:38:c0:6a:
ec:cf:e9:8e:1d:7d:d4:e3:81:ab:26:35:3b:db:0e:5b:fc:9c:
e5:a4:f2:db:0b:df:df:9e:57:09:20:4c:e2:68:8b:dd:09:ea:
9a:8f:03:f6:9a:46:45:3e:98:98:48:ff:54:7d:88:a4:47:b4:
62:b6:e9:2c:21:d4:20:8e:da:12:9d:69:bc:5e:9c:91:0c:c2:
08:5d:ae:92:bf:58:06:e0:bd:04:ce:cc:0c:e3:1a:17:47:a2:
6c:d1:b4:33:2b:da:d7:14:4b:60:28:c6:91:39:2d:58:fd:3d:
83:15:76:b4:07:10:7d:52:b4:4e:26:0f:91:5f:f1:31:15:08:
4b:e4:e9:63:c8:52:db:c1:12:70:4b:fa:d0:fe:05:bc:02:cd:
a0:d1:bd:b2:68:3f:b6:26:11:5c:5d:a4:fe:74:a4:1e:89:c1:
4d:ed:cc:7d:a1:7d:ce:9f:54:44:f9:6a:fb:cc:93:f8:b1:d8:
14:ad:ec:2b:47:93:65:4e:c3:1a:cb:46:04:1a:04:5b:fe:b7:
bb:74:fb:4e:1b:2b:8a:77:e8:31:72:fb:8e:4f:3f:74:26:74:
40:63:68:ed
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYvKJOQDAxx+a9Y61S6VOP67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMTEzMTkyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTkyMzg4OGI4MzU1MTAwMTBkNTUzNDY0YzNiOTRkN2M3YjFhMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3gh2p8TEu142ZNUM7ZJt9G85tDK
rUgGjJq7l6550si7ASgSs8AzBamfR5gwTfjogREqDYbPdwQAH4JsYWwslW5i9xzl
XRRfFr50kDAtqkCONl0e7uHw6EqZAU6mMtWkO8ceUVRaqwCJS4y7xhEErcC7KMVp
RoqA2f/H6G1SAKlIgUWyQh766tuBnCw4bseXOsOf6TbWtPQYaK1aeTb+5+RTqtnk
ydQ6TP9GWdapmzfAD2nYMLm/7iH/V7zjpeCIyPf1ZpVP+cOO3sExQb/HhnhvNp+W
OUlpFgfmi9uH9nKbxkSopz/McQ/6cyVWg3seLaF/WNtvJiRK8EWk+vHpYQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEmSOIi4NVEAENVTRkw7lNfHsaJvMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvU1pJNGlMZzFVUUFRMVZOR1REdVUxOGV4b204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
AwQATVqZAwQATVq8MAwDBAC55g0DBAC55g4DBADV0YoDBADV0ZYDBADV0Z0wFAQC
AAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCQXAEpTOGSW7+I
T+1ERk1Pq7SjOsfbYG41tRb47zshF1E4wGrsz+mOHX3U44GrJjU72w5b/JzlpPLb
C9/fnlcJIEziaIvdCeqajwP2mkZFPpiYSP9UfYikR7RituksIdQgjtoSnWm8XpyR
DMIIXa6Sv1gG4L0EzswM4xoXR6Js0bQzK9rXFEtgKMaROS1Y/T2DFXa0BxB9UrRO
Jg+RX/ExFQhL5OljyFLbwRJwS/rQ/gW8As2g0b2yaD+2JhFcXaT+dKQeicFN7cx9
oX3On1RE+Wr7zJP4sdgUrewrR5NlTsMay0YEGgRb/re7dPtOGyuKd+gxcvuOTz90
JnRAY2jt
-----END CERTIFICATE-----
Generated at Mon Nov 27 15:57:20 2023 by rpki-client on console-fra.rpki-client.org