Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z2dArQ2SObcWRyehVL8WHuqCok8.roa
File: Z2dArQ2SObcWRyehVL8WHuqCok8.roa (raw, json)
Hash identifier: /riT3RWTn41U+jNuPzEH6tTcTx6JPNetU/tzxxKH+dI=
Subject key identifier: 67:67:40:AD:0D:92:39:B7:16:47:27:A1:54:BF:16:1E:EA:82:A2:4F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF39654A9482615B03361E07C23732
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z2dArQ2SObcWRyehVL8WHuqCok8.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:39:65:4a:94:82:61:5b:03:36:1e:07:c2:37:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676740ad0d9239b7164727a154bf161eea82a24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e1:f4:d7:e1:a7:49:0e:da:a2:a5:eb:34:f9:
88:f7:e7:65:ec:1b:ea:15:c8:f1:28:26:22:2f:b0:
24:ba:f3:07:50:62:7c:fa:c7:d5:6f:62:61:42:73:
4e:4a:3f:16:db:ce:64:d7:88:ec:06:fd:26:f9:ce:
7f:2b:5f:67:1a:85:98:e8:4a:3a:2b:95:2c:77:20:
66:d1:0f:6f:07:58:9a:4c:60:64:41:55:0a:db:d4:
95:1f:a9:2e:03:87:12:9a:f8:60:7b:71:b2:9b:77:
45:01:e9:0f:dd:fc:b1:3f:11:4b:8b:a1:07:51:4b:
14:32:ac:52:93:44:7a:c5:60:b3:15:df:78:f0:9f:
44:ea:9d:53:a0:b8:b0:a0:74:90:28:4a:c5:be:6b:
02:61:da:8a:b6:c1:99:58:d8:e8:82:f1:df:b1:04:
27:0c:2a:3d:12:30:35:43:9e:53:6b:3a:d4:79:f1:
ba:b8:b6:fa:82:10:37:c9:4e:70:e0:1b:47:36:e6:
41:55:5e:33:bf:02:e2:e6:ef:9f:35:d8:90:00:a6:
c9:da:7d:e3:07:64:d2:f4:5f:ee:d2:c5:5e:b1:11:
47:f0:6d:d8:20:20:0d:fe:9e:e9:f3:7d:04:b6:d0:
ce:64:7a:f0:8e:50:04:1f:bd:5c:79:21:70:da:6d:
d8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:67:40:AD:0D:92:39:B7:16:47:27:A1:54:BF:16:1E:EA:82:A2:4F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Z2dArQ2SObcWRyehVL8WHuqCok8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.15.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b4:8e:b6:6d:0d:5a:9f:91:52:3c:1b:37:97:bc:e2:0e:37:52:
f1:24:d8:fa:41:e7:3d:bf:56:1d:6a:f4:9f:4b:e6:a3:85:a9:
cc:92:d4:73:0d:1a:f3:5a:f6:ee:73:0f:f2:dd:f5:67:fb:f4:
27:da:3c:10:8c:9e:eb:9a:df:47:36:03:e7:1b:a2:7d:bf:bb:
35:0a:5d:f7:0f:68:4f:69:90:02:eb:5d:11:4e:9a:1a:33:3a:
4c:cb:45:1e:26:9b:b3:25:f8:96:8e:ec:b7:83:a6:33:28:3c:
f4:de:33:17:e3:18:dd:b5:bc:55:58:7d:ef:18:23:aa:e5:71:
0a:7b:a8:e3:53:f4:f1:26:d8:e9:94:f5:cb:0d:21:b4:7f:68:
3a:9a:73:22:91:b6:cb:a0:33:79:32:c2:d3:4d:aa:2e:81:fa:
14:a0:d0:46:8b:b6:63:63:f5:17:40:5c:89:96:13:11:2d:f1:
88:b0:ca:fd:1a:ba:12:7b:44:54:4e:01:78:0e:af:6c:16:76:
af:3e:21:d0:a3:53:eb:40:47:b1:7f:33:71:38:0e:82:88:5b:
03:3e:36:7a:6d:17:c7:f8:aa:c4:43:d7:60:dd:ec:04:3b:20:
6f:0a:d2:a7:36:3e:56:25:06:13:c6:77:60:d2:80:f7:d6:85:
65:6b:71:c7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYzI3zllSpSCYVsDNh4HwjcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY3NDBhZDBkOTIzOWI3MTY0NzI3YTE1NGJmMTYxZWVhODJhMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuH01+GnSQ7aoqXrNPmI9+dl7Bvq
FcjxKCYiL7AkuvMHUGJ8+sfVb2JhQnNOSj8W285k14jsBv0m+c5/K19nGoWY6Eo6
K5UsdyBm0Q9vB1iaTGBkQVUK29SVH6kuA4cSmvhge3Gym3dFAekP3fyxPxFLi6EH
UUsUMqxSk0R6xWCzFd948J9E6p1ToLiwoHSQKErFvmsCYdqKtsGZWNjogvHfsQQn
DCo9EjA1Q55TazrUefG6uLb6ghA3yU5w4BtHNuZBVV4zvwLi5u+fNdiQAKbJ2n3j
B2TS9F/u0sVesRFH8G3YICAN/p7p830EttDOZHrwjlAEH71ceSFw2m3Y4QIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFGdnQK0Nkjm3FkcnoVS/Fh7qgqJPMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWjJkQXJRMlNPYmNXUnllaFZMOFdIdXFDb2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUMAwDBABN
WpkDBABNWpoDBABNWrwwDAMEALnmDQMEBLnmAAMEANXRgQMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWAwQA1dGdMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAtI62bQ1an5FSPBs3l7ziDjdS8STY+kHnPb9WHWr0n0vmo4Wp
zJLUcw0a81r27nMP8t31Z/v0J9o8EIye65rfRzYD5xuifb+7NQpd9w9oT2mQAutd
EU6aGjM6TMtFHiabsyX4lo7st4OmMyg89N4zF+MY3bW8VVh97xgjquVxCnuo41P0
8SbY6ZT1yw0htH9oOppzIpG2y6AzeTLC002qLoH6FKDQRou2Y2P1F0BciZYTES3x
iLDK/Rq6EntEVE4BeA6vbBZ2rz4h0KNT60BHsX8zcTgOgohbAz42em0Xx/iqxEPX
YN3sBDsgbwrSpzY+ViUGE8Z3YNKA99aFZWtxxw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 20:23:38 2024 by rpki-client on console-fra.rpki-client.org