Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XAoa_4bl-3dIhFHafyJLhKHrV74.roa
File: XAoa_4bl-3dIhFHafyJLhKHrV74.roa (raw, json)
Hash identifier: eEcnjoh6OMVAWN6ElyUak0xc2BXBWupZoAKXBQr7Qus=
Subject key identifier: 5C:0A:1A:FF:86:E5:FB:77:48:84:51:DA:7F:22:4B:84:A1:EB:57:BE
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018ADB2B1042F8967C98AB9D250457B20CBC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XAoa_4bl-3dIhFHafyJLhKHrV74.roa
Signing time: Thu 28 Sep 2023 09:42:27 +0000
ROA not before: Thu 28 Sep 2023 09:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:2b:10:42:f8:96:7c:98:ab:9d:25:04:57:b2:0c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 28 09:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c0a1aff86e5fb77488451da7f224b84a1eb57be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f0:40:fd:81:1b:5b:b2:d2:86:df:bb:33:fc:
9c:f9:99:a0:cc:88:a8:f9:d4:70:9a:57:8a:d7:de:
bd:c6:2c:10:17:07:fe:c6:b5:28:d2:85:af:47:c3:
6a:b1:6f:f8:26:00:25:23:e1:a8:1b:53:64:e0:f4:
02:80:26:b4:63:07:38:fa:ee:c7:eb:b8:68:80:62:
52:28:9e:41:4a:e2:f4:42:57:b6:e8:a4:4e:a4:22:
c6:b9:40:a6:cb:51:b0:29:d9:39:4c:53:bd:be:34:
6e:34:9c:77:4e:be:e4:a0:1c:96:13:c6:e5:f8:9d:
27:0b:96:96:fd:0f:05:04:6d:ea:6c:02:0e:7b:10:
8b:db:e4:11:e0:a1:d9:31:fc:80:8a:77:af:27:9b:
4f:e9:8b:90:0c:be:5e:f8:53:49:0a:3f:76:92:67:
86:70:5c:dc:37:7a:51:3e:40:43:d8:b4:e6:a2:d1:
27:d8:73:ca:2e:be:24:5f:2f:89:e0:74:41:8e:9e:
20:df:c8:46:97:6b:39:77:b6:c0:0e:11:c2:28:94:
d7:59:b6:ab:c5:49:08:10:ce:47:09:85:56:6d:6b:
30:35:09:37:1d:bc:5e:5b:06:f4:ea:0c:7c:f5:8f:
e4:af:0d:55:e1:7d:cb:76:c9:d9:e5:9e:34:c9:c8:
f2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0A:1A:FF:86:E5:FB:77:48:84:51:DA:7F:22:4B:84:A1:EB:57:BE
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XAoa_4bl-3dIhFHafyJLhKHrV74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
6b:6a:3d:f2:6b:02:ed:bb:85:4c:bc:96:ca:72:46:57:07:9f:
79:2c:91:79:89:67:fe:47:89:66:c3:38:35:ae:42:f1:ef:3a:
ab:c8:73:bc:86:ca:f0:af:c8:57:97:98:00:6e:cf:03:22:88:
d8:a3:f2:e4:e5:23:73:93:ce:88:52:d5:07:5d:ff:c0:0e:0d:
c1:58:09:33:a6:30:27:a7:b7:e1:4a:3c:1a:06:4f:e2:bc:ad:
de:2a:40:59:72:af:7b:44:7d:51:89:1d:77:c7:03:5e:06:9d:
05:82:cb:c6:22:00:45:5f:a9:32:ec:b5:b5:6e:ae:2b:86:23:
79:b4:1a:39:46:07:bc:eb:d1:9e:6f:ab:17:bf:f5:43:30:50:
2d:8f:d2:3d:c5:6d:cf:95:3f:08:fb:ee:9a:92:21:c9:c4:2a:
f2:dc:8f:95:ef:0c:c9:99:66:48:56:b2:80:7d:6f:bc:7a:6b:
71:82:66:1e:88:45:6a:20:4b:58:37:ac:0a:ab:86:93:87:6b:
4d:f7:15:b7:14:46:37:b6:08:46:ab:c4:8b:f4:c5:a1:58:66:
9e:ab:7f:22:c0:a6:dd:64:4a:ab:92:76:14:8e:63:3e:7f:cc:
25:4d:77:77:63:cc:a6:81:f4:39:4e:bf:5c:74:63:da:a2:8d:
b7:21:c5:29
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYrbKxBC+JZ8mKudJQRXsgy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTI4MDk0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBhMWFmZjg2ZTVmYjc3NDg4NDUxZGE3ZjIyNGI4NGExZWI1N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfBA/YEbW7LSht+7M/yc+ZmgzIio
+dRwmleK1969xiwQFwf+xrUo0oWvR8NqsW/4JgAlI+GoG1Nk4PQCgCa0Ywc4+u7H
67hogGJSKJ5BSuL0Qle26KROpCLGuUCmy1GwKdk5TFO9vjRuNJx3Tr7koByWE8bl
+J0nC5aW/Q8FBG3qbAIOexCL2+QR4KHZMfyAinevJ5tP6YuQDL5e+FNJCj92kmeG
cFzcN3pRPkBD2LTmotEn2HPKLr4kXy+J4HRBjp4g38hGl2s5d7bADhHCKJTXWbar
xUkIEM5HCYVWbWswNQk3HbxeWwb06gx89Y/krw1V4X3LdsnZ5Z40ycjy+wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFFwKGv+G5ft3SIRR2n8iS4Sh61e+MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWEFvYV80YmwtM2RJaEZIYWZ5SkxoS0hyVjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkwDAMEALnmDQMEBLnmAAMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWAwQA1dGfMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAa2o98msC7buFTLyWynJGVwefeSyReYln/keJZsM4Na5C8e86
q8hzvIbK8K/IV5eYAG7PAyKI2KPy5OUjc5POiFLVB13/wA4NwVgJM6YwJ6e34Uo8
GgZP4ryt3ipAWXKve0R9UYkdd8cDXgadBYLLxiIARV+pMuy1tW6uK4YjebQaOUYH
vOvRnm+rF7/1QzBQLY/SPcVtz5U/CPvumpIhycQq8tyPle8MyZlmSFaygH1vvHpr
cYJmHohFaiBLWDesCquGk4drTfcVtxRGN7YIRqvEi/TFoVhmnqt/IsCm3WRKq5J2
FI5jPn/MJU13d2PMpoH0OU6/XHRj2qKNtyHFKQ==
-----END CERTIFICATE-----
Generated at Sat Sep 30 08:58:12 2023 by rpki-client on console-fra.rpki-client.org