Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/W-bYITibS9Vg8uQOq6QrD9k_SmY.roa
File: W-bYITibS9Vg8uQOq6QrD9k_SmY.roa (raw, json)
Hash identifier: zZIvJdne87ShQiOLbVmrlGXy0zewI1nagGBRDf065V0=
Subject key identifier: 5B:E6:D8:21:38:9B:4B:D5:60:F2:E4:0E:AB:A4:2B:0F:D9:3F:4A:66
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018C1B3BEDDB3035858F1850CE130F8E89C8
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/W-bYITibS9Vg8uQOq6QrD9k_SmY.roa
Signing time: Wed 29 Nov 2023 13:19:21 +0000
ROA not before: Wed 29 Nov 2023 13:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 13 Dec 2023 17:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:3b:ed:db:30:35:85:8f:18:50:ce:13:0f:8e:89:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 29 13:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5be6d821389b4bd560f2e40eaba42b0fd93f4a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c6:24:5c:8f:5b:d0:6c:61:80:61:f5:1f:f3:
a3:cd:51:89:9b:9b:0a:f1:86:4d:56:0a:2a:a6:57:
23:b1:d1:a3:ac:4a:92:87:e2:e2:ec:7d:13:c9:2f:
95:19:76:75:08:93:8c:22:e0:3c:4f:20:e0:a3:b3:
73:81:88:d7:ed:74:0c:f1:35:c7:b6:68:3b:0b:72:
49:57:8a:40:7a:f3:25:0e:9f:a8:44:a3:e4:0a:72:
bf:03:80:7f:39:b4:80:e5:93:63:eb:01:44:18:80:
af:30:73:d8:3a:e8:77:26:3c:de:e4:4a:51:75:b5:
3d:72:0e:10:4b:52:eb:68:5a:63:12:d3:35:4a:b4:
80:aa:69:ed:11:c7:c3:f4:b8:6a:c4:91:b0:60:9f:
63:4e:ca:b0:3d:61:3e:11:f2:de:b2:92:6d:51:6f:
b9:1c:b6:07:63:e9:9b:b6:9d:26:7e:e4:e6:d4:f2:
75:a5:2e:d7:40:23:4a:ba:35:81:83:8a:42:59:ff:
69:bf:a1:96:56:fe:be:d1:f2:2e:73:a5:f9:98:05:
99:ae:4e:2b:a4:e3:94:92:3c:ba:a2:22:cc:8f:55:
c9:78:8b:00:a4:b5:47:c2:64:da:67:58:06:0f:18:
6c:1c:69:a4:08:53:26:5a:58:1c:91:82:c9:16:f2:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E6:D8:21:38:9B:4B:D5:60:F2:E4:0E:AB:A4:2B:0F:D9:3F:4A:66
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/W-bYITibS9Vg8uQOq6QrD9k_SmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
2b:cc:1e:47:01:3c:ce:1b:54:21:0a:5e:62:66:cd:27:94:40:
c1:6f:0b:71:bb:41:a6:38:96:3f:17:24:97:7a:fd:b5:f1:a1:
b4:19:33:85:d2:af:7d:02:c4:3e:c4:e1:23:4b:d1:45:72:cf:
70:61:0b:87:3b:61:63:7c:2c:19:7d:60:29:cb:3d:14:85:85:
90:0e:d6:5b:d6:26:c7:a3:e5:7b:c4:c6:ac:41:7a:bc:45:7b:
12:b5:c2:63:94:45:67:80:7b:e9:2c:67:10:91:57:41:d4:3b:
b7:25:6b:25:80:0a:bc:e6:4a:30:46:d7:39:58:05:bc:da:60:
41:3b:42:58:ef:fe:39:7c:c3:22:05:e1:d3:a0:ae:7e:fa:3c:
08:d7:80:3d:fc:21:30:39:ba:6c:18:24:a8:a5:ff:f4:9e:54:
c7:b4:75:41:70:01:be:e6:d0:c8:36:2c:d6:05:16:08:bd:ee:
96:aa:08:d4:6a:d3:03:ae:bb:d4:6b:4a:97:a4:c9:dc:48:8c:
01:95:a0:4e:6e:6c:df:61:89:1b:e2:88:f2:11:c9:83:12:0d:
a4:95:2b:dc:8c:47:0a:0b:08:bb:b8:94:42:2c:f4:33:ba:51:
d6:74:27:e8:de:a9:b0:89:19:56:b8:c5:43:c2:2a:9b:9d:c2:
63:fa:24:78
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYwbO+3bMDWFjxhQzhMPjonIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMTI5MTMxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU2ZDgyMTM4OWI0YmQ1NjBmMmU0MGVhYmE0MmIwZmQ5M2Y0YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8YkXI9b0GxhgGH1H/OjzVGJm5sK
8YZNVgoqplcjsdGjrEqSh+Li7H0TyS+VGXZ1CJOMIuA8TyDgo7NzgYjX7XQM8TXH
tmg7C3JJV4pAevMlDp+oRKPkCnK/A4B/ObSA5ZNj6wFEGICvMHPYOuh3Jjze5EpR
dbU9cg4QS1LraFpjEtM1SrSAqmntEcfD9LhqxJGwYJ9jTsqwPWE+EfLespJtUW+5
HLYHY+mbtp0mfuTm1PJ1pS7XQCNKujWBg4pCWf9pv6GWVv6+0fIuc6X5mAWZrk4r
pOOUkjy6oiLMj1XJeIsApLVHwmTaZ1gGDxhsHGmkCFMmWlgckYLJFvI9OQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFFvm2CE4m0vVYPLkDqukKw/ZP0pmMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVy1iWUlUaWJTOVZnOHVRT3E2UXJEOWtfU21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
MAwDBABNWpkDBABNWpoDBABNWrwwDAMEALnmDQMEALnmDgMEANXRgQMEANXRigME
ANXRjwMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBACvMHkcBPM4bVCEKXmJmzSeUQMFvC3G7QaY4lj8XJJd6/bXxobQZ
M4XSr30CxD7E4SNL0UVyz3BhC4c7YWN8LBl9YCnLPRSFhZAO1lvWJsej5XvExqxB
erxFexK1wmOURWeAe+ksZxCRV0HUO7clayWACrzmSjBG1zlYBbzaYEE7Qljv/jl8
wyIF4dOgrn76PAjXgD38ITA5umwYJKil//SeVMe0dUFwAb7m0Mg2LNYFFgi97paq
CNRq0wOuu9RrSpekydxIjAGVoE5ubN9hiRviiPIRyYMSDaSVK9yMRwoLCLu4lEIs
9DO6UdZ0J+jeqbCJGVa4xUPCKpudwmP6JHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org