Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WqiL8AkXtVYj8MZq4ZXHXlan6k0.roa
File: WqiL8AkXtVYj8MZq4ZXHXlan6k0.roa (raw, json)
Hash identifier: rcppGC9I99rf0tl6SgzUYDlwp8uDmmA3fVbGpsu9kqU=
Subject key identifier: 5A:A8:8B:F0:09:17:B5:56:23:F0:C6:6A:E1:95:C7:5E:56:A7:EA:4D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018FA1440D48D3F48A7FE03361899A70CA27
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WqiL8AkXtVYj8MZq4ZXHXlan6k0.roa
Signing time: Wed 22 May 2024 17:05:42 +0000
ROA not before: Wed 22 May 2024 17:05:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 16:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:44:0d:48:d3:f4:8a:7f:e0:33:61:89:9a:70:ca:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 22 17:05:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aa88bf00917b55623f0c66ae195c75e56a7ea4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e9:ff:af:30:aa:83:1a:65:b2:29:22:ca:da:
cb:54:5a:cf:9b:b0:45:b8:af:5e:ab:05:2c:ea:73:
e3:3d:25:34:c3:ea:4b:37:cd:94:39:fd:a8:df:c2:
99:f6:b6:fb:bc:84:00:d0:62:ce:f0:00:2c:49:37:
52:3d:2a:56:8c:f0:34:9c:3b:ce:aa:e8:fc:e9:b8:
12:f3:3c:8a:2a:78:26:c4:d1:02:58:e2:4e:0a:ec:
f6:69:2c:b0:bb:8b:34:8a:64:11:1a:94:1a:9f:e0:
e6:93:26:e2:08:5c:03:ae:40:98:36:83:86:98:0e:
3d:96:0e:ca:3a:d6:6d:cd:12:e2:9c:37:90:7d:c1:
ce:b7:e9:df:ce:28:19:97:fd:20:6d:18:d1:92:b7:
b4:a8:28:66:01:4b:bf:9b:75:50:7d:83:7d:f3:2c:
07:7a:82:b5:ef:7f:8b:cb:91:42:1c:b2:05:e5:e2:
02:78:c0:89:d8:9e:4e:5f:d6:33:ab:39:92:a6:cb:
85:6a:bb:82:99:2a:d4:41:7d:ea:e8:0c:51:5e:4c:
72:ed:e5:5f:6c:df:11:4b:f7:17:99:72:33:a3:18:
11:df:9a:0e:74:34:85:99:cb:66:53:d5:ad:d1:c6:
d2:d6:ce:f2:1f:1c:a8:72:cc:2b:28:84:89:64:00:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A8:8B:F0:09:17:B5:56:23:F0:C6:6A:E1:95:C7:5E:56:A7:EA:4D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/WqiL8AkXtVYj8MZq4ZXHXlan6k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
35:4e:72:dd:b1:32:ed:98:0c:01:7f:ab:9a:a9:48:03:06:99:
22:01:9b:62:6d:26:f2:b3:4b:54:0e:26:d0:3e:e3:b9:53:42:
86:ed:ee:ba:5c:c0:01:cf:4e:e0:d3:0b:9d:46:bc:d8:4c:d3:
4a:29:ac:38:70:9a:d1:76:94:25:6b:a1:a7:0e:b4:7f:a8:2b:
32:fc:b0:fe:b8:51:30:dc:63:04:47:fb:3a:49:90:40:e1:4c:
94:a0:b0:f8:f3:b3:a5:4c:28:56:37:24:d1:d5:ba:de:d4:04:
9b:a9:73:93:1f:16:de:0b:35:79:a2:6a:2d:0a:d1:2e:94:8f:
00:04:62:8d:64:37:b7:5e:2c:69:68:0b:4a:be:6d:fd:9c:a3:
0a:12:e0:46:e2:3b:d4:ea:aa:f9:14:f9:d1:38:cf:96:a7:56:
3a:e1:09:7a:ad:a2:c8:0b:f5:bc:1d:25:25:ce:f9:3c:83:97:
2e:5d:b5:b4:8d:13:58:20:9e:c4:07:90:8d:7a:e8:1f:fa:fd:
8e:e4:44:fb:40:2e:9e:42:18:dc:96:f3:cf:d9:5e:51:f6:eb:
b5:92:95:07:be:af:0a:69:61:62:dd:a3:f1:a7:a4:94:b5:19:
c4:67:d5:49:10:95:dd:22:f8:55:6e:cc:a8:00:3e:ef:a3:a1:
fd:db:05:7a
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY+hRA1I0/SKf+AzYYmacMonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTIyMTcwNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE4OGJmMDA5MTdiNTU2MjNmMGM2NmFlMTk1Yzc1ZTU2YTdlYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2On/rzCqgxplsikiytrLVFrPm7BF
uK9eqwUs6nPjPSU0w+pLN82UOf2o38KZ9rb7vIQA0GLO8AAsSTdSPSpWjPA0nDvO
quj86bgS8zyKKngmxNECWOJOCuz2aSywu4s0imQRGpQan+DmkybiCFwDrkCYNoOG
mA49lg7KOtZtzRLinDeQfcHOt+nfzigZl/0gbRjRkre0qChmAUu/m3VQfYN98ywH
eoK173+Ly5FCHLIF5eICeMCJ2J5OX9YzqzmSpsuFaruCmSrUQX3q6AxRXkxy7eVf
bN8RS/cXmXIzoxgR35oOdDSFmctmU9Wt0cbS1s7yHxyocswrKISJZACkjQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFqoi/AJF7VWI/DGauGVx15Wp+pNMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvV3FpTDhBa1h0VllqOE1acTRaWEhYbGFuNmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQA1dGBAwQA1dGKAwQA1dGRAwQA1dGdMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEANU5y3bEy7ZgMAX+rmqlIAwaZ
IgGbYm0m8rNLVA4m0D7juVNChu3uulzAAc9O4NMLnUa82EzTSimsOHCa0XaUJWuh
pw60f6grMvyw/rhRMNxjBEf7OkmQQOFMlKCw+POzpUwoVjck0dW63tQEm6lzkx8W
3gs1eaJqLQrRLpSPAARijWQ3t14saWgLSr5t/ZyjChLgRuI71Oqq+RT50TjPlqdW
OuEJeq2iyAv1vB0lJc75PIOXLl21tI0TWCCexAeQjXroH/r9juRE+0AunkIY3Jbz
z9leUfbrtZKVB76vCmlhYt2j8aeklLUZxGfVSRCV3SL4VW7MqAA+76Oh/dsFeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org