Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U5-n-3oBCxuq97k0G9eMxJ_9YPU.roa
File: U5-n-3oBCxuq97k0G9eMxJ_9YPU.roa (raw, json)
Hash identifier: TAlCMGN2dqFsFZFgyuTZXjByTX1h0iIdS/X6qXuZDvI=
Subject key identifier: 53:9F:A7:FB:7A:01:0B:1B:AA:F7:B9:34:1B:D7:8C:C4:9F:FD:60:F5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01909C216BAF7A3AFE05B3770E208A996D33
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U5-n-3oBCxuq97k0G9eMxJ_9YPU.roa
Signing time: Wed 10 Jul 2024 10:12:34 +0000
ROA not before: Wed 10 Jul 2024 10:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 17:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:21:6b:af:7a:3a:fe:05:b3:77:0e:20:8a:99:6d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 10 10:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=539fa7fb7a010b1baaf7b9341bd78cc49ffd60f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bc:aa:47:f0:f2:05:a7:00:9b:96:a9:8f:57:
cd:66:66:a0:aa:19:ca:21:d3:dc:45:f4:b9:59:32:
f9:f4:3c:b7:00:69:d5:7a:80:d6:b0:04:68:9d:8d:
06:17:45:66:a1:f6:76:e4:ab:7f:be:2f:f9:76:10:
1f:e6:24:44:d7:dc:9c:6c:cd:4b:b3:aa:50:c7:88:
15:e3:21:9d:ef:13:99:63:df:60:49:6f:f4:92:69:
5e:c4:e3:d4:c3:ba:cf:06:64:8d:ee:de:21:65:b7:
b4:31:8b:87:cd:9b:21:bc:c7:b9:e0:a6:58:9c:eb:
19:b5:e1:20:a9:d0:b9:11:39:6f:fe:79:76:41:df:
01:e9:aa:40:0f:55:b1:5e:8c:11:80:46:90:47:c7:
80:fd:7e:38:99:c3:15:c2:33:ba:e4:d3:9d:9b:ab:
20:b5:f3:ee:59:38:c3:b8:de:a9:ee:62:3c:0e:1c:
42:40:19:12:28:ac:ed:fe:ef:41:6d:c0:5b:fb:90:
70:16:0a:7a:e7:14:88:f3:32:89:ae:2d:ce:1a:c9:
bc:b3:6c:a6:c0:48:51:cb:8d:3b:aa:da:3f:75:b3:
f7:e1:e0:15:a7:12:ca:c2:0b:2c:fd:46:d2:f4:b1:
17:f2:b4:e6:5a:cd:46:1d:05:88:a8:9d:1b:84:42:
d2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9F:A7:FB:7A:01:0B:1B:AA:F7:B9:34:1B:D7:8C:C4:9F:FD:60:F5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/U5-n-3oBCxuq97k0G9eMxJ_9YPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
12:02:5d:fa:48:ce:51:7f:83:82:42:f2:9d:1c:9d:63:14:1f:
92:81:6a:7b:0b:40:3c:30:a4:d7:b6:34:c7:08:27:90:61:d5:
e5:47:e5:5d:da:e5:6b:57:19:2f:09:28:a7:11:b9:14:ad:5a:
6f:12:be:6d:6b:be:00:25:11:5f:0b:34:ff:eb:fc:83:2a:2a:
ec:31:99:cd:31:ac:f4:4c:80:66:fc:d1:9c:23:f5:1a:b2:c3:
59:15:45:90:6a:65:10:4e:1e:8c:f9:f8:45:76:f9:38:ab:3d:
46:db:ce:58:e4:64:29:44:52:e9:a7:30:5a:80:9e:a4:50:f7:
af:04:89:01:09:a7:1b:99:b9:71:c7:da:8a:ab:13:94:53:c8:
88:45:5e:b6:be:05:c3:06:b3:8b:01:fd:c1:1d:59:f9:95:9b:
3f:47:11:c7:11:a3:f3:6f:33:c4:a6:b6:9a:79:ea:03:b3:da:
e3:fd:2e:07:6e:0a:7b:6a:d4:86:a1:e7:06:be:b2:c2:12:04:
61:81:c6:68:9d:1a:65:a7:6b:48:6e:01:4d:14:d6:15:0c:85:
1c:f9:23:4d:ca:65:b5:c4:5b:11:d2:5e:b3:e4:2f:84:de:34:
b7:22:ca:10:5d:26:cb:45:e2:cb:00:aa:5b:d1:90:40:a0:4a:
c1:5a:21:f1
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZCcIWuvejr+BbN3DiCKmW0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNzEwMTAxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzlmYTdmYjdhMDEwYjFiYWFmN2I5MzQxYmQ3OGNjNDlmZmQ2MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07yqR/DyBacAm5apj1fNZmagqhnK
IdPcRfS5WTL59Dy3AGnVeoDWsARonY0GF0VmofZ25Kt/vi/5dhAf5iRE19ycbM1L
s6pQx4gV4yGd7xOZY99gSW/0kmlexOPUw7rPBmSN7t4hZbe0MYuHzZshvMe54KZY
nOsZteEgqdC5ETlv/nl2Qd8B6apAD1WxXowRgEaQR8eA/X44mcMVwjO65NOdm6sg
tfPuWTjDuN6p7mI8DhxCQBkSKKzt/u9BbcBb+5BwFgp65xSI8zKJri3OGsm8s2ym
wEhRy407qto/dbP34eAVpxLKwgss/UbS9LEX8rTmWs1GHQWIqJ0bhELSUwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFFOfp/t6AQsbqve5NBvXjMSf/WD1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVTUtbi0zb0JDeHVxOTdrMEc5ZU14Sl85WVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFN
WpIDBABNWpQwDAMEAE1amQMEAE1amgMEALnmDgMEANXRigMEANXRjwMEANXRljAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBABICXfpIzlF/
g4JC8p0cnWMUH5KBansLQDwwpNe2NMcIJ5Bh1eVH5V3a5WtXGS8JKKcRuRStWm8S
vm1rvgAlEV8LNP/r/IMqKuwxmc0xrPRMgGb80Zwj9Rqyw1kVRZBqZRBOHoz5+EV2
+TirPUbbzljkZClEUumnMFqAnqRQ968EiQEJpxuZuXHH2oqrE5RTyIhFXra+BcMG
s4sB/cEdWfmVmz9HEccRo/NvM8Smtpp56gOz2uP9LgduCntq1Iah5wa+ssISBGGB
xmidGmWna0huAU0U1hUMhRz5I03KZbXEWxHSXrPkL4TeNLciyhBdJstF4ssAqlvR
kECgSsFaIfE=
-----END CERTIFICATE-----
Generated at Thu Aug 1 20:34:01 2024 by rpki-client on console-ams.rpki-client.org