Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U27pE4kFNy2JdF_o_IUYXLTNSqM.roa
File: U27pE4kFNy2JdF_o_IUYXLTNSqM.roa (raw, json)
Hash identifier: VIFr9yRtw5J0xAs8m9YQ8b79OQTe1UWIGWzkqaOof40=
Subject key identifier: 53:6E:E9:13:89:05:37:2D:89:74:5F:E8:FC:85:18:5C:B4:CD:4A:A3
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018597B2D9DFA7E4A587A1C444A056C27C3D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U27pE4kFNy2JdF_o_IUYXLTNSqM.roa
Signing time: Mon 09 Jan 2023 18:02:38 +0000
ROA not before: Mon 09 Jan 2023 18:02:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 10 Jan 2023 15:51:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:b2:d9:df:a7:e4:a5:87:a1:c4:44:a0:56:c2:7c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 9 18:02:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=536ee9138905372d89745fe8fc85185cb4cd4aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:f5:ac:61:58:e7:fd:0e:37:80:1d:84:72:
b2:d1:a0:f8:ac:54:87:cd:bc:2b:ab:7c:9b:ff:f8:
bf:b7:b3:4b:8a:99:a4:79:24:cb:c9:af:2b:4e:28:
b6:5c:9f:22:6b:07:18:43:32:8f:d3:82:71:c2:96:
bc:5a:f8:7c:35:7f:06:d9:7b:c3:5b:36:5e:12:96:
9b:5d:e2:65:42:79:56:96:50:9a:f5:77:34:00:c4:
44:c6:0b:b7:9d:1e:72:6e:bf:c3:3a:f6:81:d4:30:
6f:85:57:39:56:97:21:86:23:0f:28:de:5a:00:5c:
ae:80:ad:ae:3a:ed:58:11:e3:10:1a:0b:8c:37:4d:
3e:31:0a:c9:94:f4:d2:1a:d8:d2:0a:5b:08:ce:3b:
5c:1b:18:77:a7:b8:60:64:56:ba:47:2b:31:25:75:
a8:21:30:c9:be:b9:64:76:5d:50:23:ab:f4:99:db:
0f:67:20:d6:6a:0c:47:ea:fb:22:43:8c:7b:bb:a4:
92:d0:ee:3f:5f:cc:27:c5:ee:eb:88:6d:85:d2:81:
91:1d:e2:35:de:27:27:e4:cd:bd:ea:c7:8d:4c:dc:
32:78:6d:96:b8:15:4b:40:91:ed:1a:b6:0e:eb:a0:
5e:ab:c4:61:e0:55:09:a5:26:39:17:40:e0:f1:95:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6E:E9:13:89:05:37:2D:89:74:5F:E8:FC:85:18:5C:B4:CD:4A:A3
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U27pE4kFNy2JdF_o_IUYXLTNSqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.156.0/24
77.90.184.0/24
77.90.188.0/24
185.230.14.0/23
213.209.129.0/24
213.209.136.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.149.0-213.209.151.255
213.209.156.0/23
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8a:f4:2f:4e:85:3a:7a:a4:cf:86:f9:04:d1:dd:95:17:c1:47:
c5:f8:4b:45:49:6e:c1:e3:e4:fd:6d:ff:71:d4:b0:34:d2:d0:
ee:9c:ed:a8:71:d6:8e:eb:41:42:da:ee:aa:d0:40:cc:b6:29:
83:4d:b6:75:0d:fc:01:fb:bf:91:a7:f7:3e:51:18:ef:66:ef:
13:09:67:b3:18:ea:a4:72:81:c4:fa:fe:ab:60:14:46:5c:8b:
0a:d9:ef:0e:56:a1:94:63:25:65:52:71:e7:85:fa:e4:27:62:
d3:77:06:ef:ba:c1:44:c6:76:ce:6c:da:21:ad:cb:23:4d:a8:
bb:bd:3a:ae:f9:15:ee:3e:e1:a5:42:54:75:de:30:7e:0e:be:
6b:6c:fe:d7:32:68:29:dc:64:bb:51:cd:6a:db:5b:e2:61:23:
61:0e:3c:29:8f:28:05:43:3c:8d:aa:ba:c8:dd:53:ee:7c:1f:
fc:fa:8b:76:00:ec:91:a5:ff:70:77:28:59:6d:ec:49:9f:74:
15:f6:24:87:49:5b:73:e8:83:18:32:d4:87:3d:9c:72:f0:ef:
d3:72:bb:f8:90:f3:08:ab:5b:e0:64:32:af:43:f6:95:ca:c5:
fa:35:78:e5:76:ca:ea:59:dc:4e:94:3b:7e:d5:c2:d8:30:ce:
ac:9a:33:6f
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYWXstnfp+Slh6HERKBWwnw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTA5MTgwMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZlZTkxMzg5MDUzNzJkODk3NDVmZThmYzg1MTg1Y2I0Y2Q0YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjn1rGFY5/0ON4AdhHKy0aD4rFSH
zbwrq3yb//i/t7NLipmkeSTLya8rTii2XJ8iawcYQzKP04Jxwpa8Wvh8NX8G2XvD
WzZeEpabXeJlQnlWllCa9Xc0AMRExgu3nR5ybr/DOvaB1DBvhVc5VpchhiMPKN5a
AFyugK2uOu1YEeMQGguMN00+MQrJlPTSGtjSClsIzjtcGxh3p7hgZFa6RysxJXWo
ITDJvrlkdl1QI6v0mdsPZyDWagxH6vsiQ4x7u6SS0O4/X8wnxe7riG2F0oGRHeI1
3icn5M296seNTNwyeG2WuBVLQJHtGrYO66Beq8Rh4FUJpSY5F0Dg8ZXnywIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFFNu6ROJBTctiXRf6PyFGFy0zUqjMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVTI3cEU0a0ZOeTJKZEZfb19JVVlYTFROU3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1alAMEAE1amQMEAE1anAMEAE1auAMEAE1avAMEAbnmDgMEANXRgQME
ANXRiAMEANXRigMEANXRjwMEANXRkTAMAwQA1dGVAwQD1dGQAwQB1dGcAwQA1dGf
MBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAivQvToU6
eqTPhvkE0d2VF8FHxfhLRUluwePk/W3/cdSwNNLQ7pztqHHWjutBQtruqtBAzLYp
g022dQ38Afu/kaf3PlEY72bvEwlnsxjqpHKBxPr+q2AURlyLCtnvDlahlGMlZVJx
54X65Cdi03cG77rBRMZ2zmzaIa3LI02ou706rvkV7j7hpUJUdd4wfg6+a2z+1zJo
Kdxku1HNattb4mEjYQ48KY8oBUM8jaq6yN1T7nwf/PqLdgDskaX/cHcoWW3sSZ90
FfYkh0lbc+iDGDLUhz2ccvDv03K7+JDzCKtb4GQyr0P2lcrF+jV45XbK6lncTpQ7
ftXC2DDOrJozbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org