Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UG2er6cuy4mU4RImRzLGI_wy6pc.roa
File: UG2er6cuy4mU4RImRzLGI_wy6pc.roa (raw, json)
Hash identifier: 2uXNmWCSHXFz0AIg0LD17Nsu91eSEEvjWndjU/QX/G4=
Subject key identifier: 50:6D:9E:AF:A7:2E:CB:89:94:E1:12:26:47:32:C6:23:FC:32:EA:97
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AD73593621138D13D1BF7E97C0FC98FBF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UG2er6cuy4mU4RImRzLGI_wy6pc.roa
Signing time: Wed 27 Sep 2023 15:15:27 +0000
ROA not before: Wed 27 Sep 2023 15:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:35:93:62:11:38:d1:3d:1b:f7:e9:7c:0f:c9:8f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 27 15:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=506d9eafa72ecb8994e112264732c623fc32ea97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f7:9d:7b:ac:62:09:d9:2f:11:3a:84:43:6b:
5f:56:ea:0f:dc:10:1b:e4:21:4d:fe:11:ea:83:c0:
50:0e:24:44:b3:4a:3d:20:06:47:62:17:78:bd:ad:
0b:e7:03:e7:07:d2:9a:60:4d:98:1d:0b:ff:23:b5:
c7:8e:7c:61:29:cc:f6:6c:a1:25:9b:a7:cd:bb:e9:
71:c7:5e:b6:27:68:c4:21:1a:f8:12:fd:c7:57:8d:
3c:e4:74:53:1a:2b:f0:41:11:53:0b:08:e4:c8:e3:
45:49:2e:e2:98:77:d7:7d:74:2f:dd:16:a0:64:2a:
ef:3b:eb:51:9e:92:ce:64:4b:ef:a8:56:b1:76:df:
bb:d4:25:35:3a:35:a4:d9:bf:55:f6:d9:d0:fd:aa:
27:be:c3:49:78:78:7d:bd:1e:8c:4a:c4:5e:21:55:
1e:81:30:69:f7:32:1e:07:c1:f6:55:e5:c1:33:78:
7c:20:0e:83:f7:f3:01:5f:ea:52:d4:f9:6c:06:16:
2e:a7:f8:76:70:e1:4a:10:81:b2:69:26:18:05:98:
56:be:10:23:a3:9c:a6:1c:60:f8:d9:90:d0:4d:c7:
a9:91:a0:3a:3d:67:f4:c7:8e:54:3c:bd:47:94:a7:
51:4e:2c:e9:f3:77:53:18:00:41:a1:35:f4:3e:a6:
f5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6D:9E:AF:A7:2E:CB:89:94:E1:12:26:47:32:C6:23:FC:32:EA:97
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UG2er6cuy4mU4RImRzLGI_wy6pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.146.0/24
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
8a:fe:3f:99:51:07:5a:ad:8d:c0:8b:d0:58:02:f5:5b:dc:05:
8c:e1:0e:6b:53:ab:45:da:3a:70:38:4e:97:c4:31:34:73:c7:
c3:d3:83:ee:35:44:0e:27:11:66:63:80:97:9b:be:55:15:0d:
d9:50:d3:f4:37:f1:3d:e1:6c:6f:17:fc:80:e9:af:29:94:9e:
05:e3:2d:cd:f6:59:b7:c9:d9:1e:33:c5:17:36:4e:1b:7f:0d:
51:07:c3:e6:15:85:15:c5:df:6c:db:91:eb:30:65:6d:54:57:
ce:a7:bb:ef:1b:56:31:af:98:40:43:a9:03:37:1b:d2:81:4c:
d8:c6:cf:19:2c:ab:8d:eb:87:ae:4b:ec:20:ab:8c:45:8f:dd:
93:85:91:29:2e:c2:80:cf:83:bc:00:7f:c9:06:7e:b2:d1:26:
81:07:71:3a:7b:56:ba:ea:7c:ee:ea:bb:41:9f:ea:7f:ad:05:
33:e3:77:b0:a6:8b:be:0c:ae:03:c9:8f:2e:0d:15:27:1f:4f:
cf:a3:99:49:14:0c:02:62:57:44:31:ae:80:07:06:b3:c2:86:
f8:87:0e:a2:ed:74:de:9e:9d:8c:52:28:90:06:24:73:8d:f0:
fe:48:28:06:c0:f4:ba:b3:a1:00:d9:72:2f:88:78:50:29:9d:
ed:f1:51:8a
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYrXNZNiETjRPRv36XwPyY+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTI3MTUxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZkOWVhZmE3MmVjYjg5OTRlMTEyMjY0NzMyYzYyM2ZjMzJlYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPede6xiCdkvETqEQ2tfVuoP3BAb
5CFN/hHqg8BQDiREs0o9IAZHYhd4va0L5wPnB9KaYE2YHQv/I7XHjnxhKcz2bKEl
m6fNu+lxx162J2jEIRr4Ev3HV4085HRTGivwQRFTCwjkyONFSS7imHfXfXQv3Rag
ZCrvO+tRnpLOZEvvqFaxdt+71CU1OjWk2b9V9tnQ/aonvsNJeHh9vR6MSsReIVUe
gTBp9zIeB8H2VeXBM3h8IA6D9/MBX+pS1PlsBhYup/h2cOFKEIGyaSYYBZhWvhAj
o5ymHGD42ZDQTcepkaA6PWf0x45UPL1HlKdRTizp83dTGABBoTX0Pqb17wIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFFBtnq+nLsuJlOESJkcyxiP8MuqXMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVUcyZXI2Y3V5NG1VNFJJbVJ6TEdJX3d5NnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEBLnmAAMEANXRigMEANXRkgMEANXRlgME
ANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAIr+
P5lRB1qtjcCL0FgC9VvcBYzhDmtTq0XaOnA4TpfEMTRzx8PTg+41RA4nEWZjgJeb
vlUVDdlQ0/Q38T3hbG8X/IDprymUngXjLc32WbfJ2R4zxRc2Tht/DVEHw+YVhRXF
32zbkeswZW1UV86nu+8bVjGvmEBDqQM3G9KBTNjGzxksq43rh65L7CCrjEWP3ZOF
kSkuwoDPg7wAf8kGfrLRJoEHcTp7VrrqfO7qu0Gf6n+tBTPjd7Cmi74MrgPJjy4N
FScfT8+jmUkUDAJiV0QxroAHBrPChviHDqLtdN6enYxSKJAGJHON8P5IKAbA9Lqz
oQDZci+IeFApne3xUYo=
-----END CERTIFICATE-----
Generated at Thu Sep 28 10:19:55 2023 by rpki-client on console-fra.rpki-client.org