Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZCDPPsJvb_1nbU77goFQFY-6Yhg.roa
File: ZCDPPsJvb_1nbU77goFQFY-6Yhg.roa (raw, json)
Hash identifier: J6yey+Lh+v1N1q4Tr6z5DGM0VcxE5To56XADzV9s2Lg=
Subject key identifier: 64:20:CF:3E:C2:6F:6F:FD:67:6D:4E:FB:82:81:50:15:8F:BA:62:18
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018EF78AB3EA7583ECC55307F1ED80ED9BBF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZCDPPsJvb_1nbU77goFQFY-6Yhg.roa
Signing time: Fri 19 Apr 2024 18:07:26 +0000
ROA not before: Fri 19 Apr 2024 18:07:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 17:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f7:8a:b3:ea:75:83:ec:c5:53:07:f1:ed:80:ed:9b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 19 18:07:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6420cf3ec26f6ffd676d4efb828150158fba6218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:a4:9d:ac:4d:c7:e2:9e:2c:a8:0a:d8:d8:
33:65:46:87:9a:0a:76:00:94:0e:03:01:a0:98:f7:
87:24:2e:41:31:69:0b:9e:a0:d3:a3:3c:91:88:d5:
fe:18:33:62:dd:a7:0f:f7:c4:1d:01:52:2e:05:c7:
ce:20:83:39:7a:61:8e:b2:b2:cb:7d:1e:0c:11:07:
47:dc:26:1e:89:8c:c0:07:d8:7a:41:c0:e8:79:f1:
c4:f1:5b:80:12:42:40:b1:26:f2:25:a7:db:72:d6:
2e:6f:5f:b2:48:0a:94:a3:08:a3:f7:41:a9:af:8a:
11:c6:12:1b:73:bd:4c:24:69:10:8b:a2:7f:e0:db:
c5:23:82:03:57:f6:77:e6:fb:f2:d4:5f:35:e3:7b:
f6:3d:7e:88:b0:60:1d:c7:0a:94:7b:d3:82:32:34:
23:88:f8:1f:5b:18:9c:94:03:51:5d:2c:a0:82:af:
8a:3c:cb:05:a6:97:68:5f:cd:9a:9b:63:5f:f0:5b:
ad:9c:c7:26:39:31:f2:4f:cc:70:e9:11:20:73:2a:
89:7c:ba:8c:6c:0c:16:3e:cf:b0:b7:e0:65:70:c9:
2c:a7:ac:07:4e:d1:f1:42:6a:c7:11:ec:0a:5f:64:
6f:ab:15:16:67:1e:52:4e:fd:b2:b5:cf:97:3e:7a:
61:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:20:CF:3E:C2:6F:6F:FD:67:6D:4E:FB:82:81:50:15:8F:BA:62:18
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZCDPPsJvb_1nbU77goFQFY-6Yhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
2e:8e:73:3f:47:a4:03:03:7d:f3:67:17:5a:dc:52:cc:0b:0b:
48:46:bd:db:ba:c1:8e:e8:aa:58:41:73:07:99:a2:2e:8a:a4:
37:34:b3:10:8c:1e:e6:e6:f2:99:12:cb:00:d9:4e:c0:32:50:
e4:a2:6e:6f:9c:18:1d:fc:99:52:06:17:85:52:87:f7:10:48:
a9:19:f7:a1:83:83:ae:2c:bb:47:3f:5b:46:80:f0:87:3e:06:
86:fd:a8:dc:35:b4:19:cd:e7:61:ce:d1:98:5f:18:86:75:5e:
98:e0:11:68:0d:d9:5e:8c:f3:2b:ba:0e:f5:35:b9:60:01:e7:
99:41:3b:32:65:7d:65:0b:ce:92:22:10:d2:bc:42:b9:2d:d3:
a1:bf:d0:b6:72:28:13:50:c0:0b:6c:d8:48:43:f2:fc:c7:91:
77:20:a4:2c:8e:e3:bf:20:99:6d:55:7e:ce:30:85:9d:02:7c:
d0:e6:7f:30:b4:91:3e:e0:85:af:a5:d3:5c:a1:9e:c3:88:76:
d0:b9:b8:df:6a:9d:ab:c6:24:80:f8:f2:b2:3f:0f:ac:a0:9e:
34:a5:f2:eb:61:ea:2b:0d:bc:20:34:6a:69:f8:32:4a:ce:74:
1a:02:71:89:9e:f6:65:26:82:0d:98:9c:ed:8e:c7:bc:9e:42:
5c:2f:c7:74
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY73irPqdYPsxVMH8e2A7Zu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNDE5MTgwNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIwY2YzZWMyNmY2ZmZkNjc2ZDRlZmI4MjgxNTAxNThmYmE2MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdeknaxNx+KeLKgK2NgzZUaHmgp2
AJQOAwGgmPeHJC5BMWkLnqDTozyRiNX+GDNi3acP98QdAVIuBcfOIIM5emGOsrLL
fR4MEQdH3CYeiYzAB9h6QcDoefHE8VuAEkJAsSbyJafbctYub1+ySAqUowij90Gp
r4oRxhIbc71MJGkQi6J/4NvFI4IDV/Z35vvy1F8143v2PX6IsGAdxwqUe9OCMjQj
iPgfWxiclANRXSyggq+KPMsFppdoX82am2Nf8FutnMcmOTHyT8xw6REgcyqJfLqM
bAwWPs+wt+BlcMksp6wHTtHxQmrHEewKX2RvqxUWZx5STv2ytc+XPnph7QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGQgzz7Cb2/9Z21O+4KBUBWPumIYMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWkNEUFBzSnZiXzFuYlU3N2dvRlFGWS02WWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQA1dGBAwQA1dGKAwQA1dGPAwQA1dGRMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEALo5zP0ekAwN982cXWtxSzAsL
SEa927rBjuiqWEFzB5miLoqkNzSzEIwe5ubymRLLANlOwDJQ5KJub5wYHfyZUgYX
hVKH9xBIqRn3oYODriy7Rz9bRoDwhz4Ghv2o3DW0Gc3nYc7RmF8YhnVemOARaA3Z
XozzK7oO9TW5YAHnmUE7MmV9ZQvOkiIQ0rxCuS3Tob/QtnIoE1DAC2zYSEPy/MeR
dyCkLI7jvyCZbVV+zjCFnQJ80OZ/MLSRPuCFr6XTXKGew4h20Lm432qdq8YkgPjy
sj8PrKCeNKXy62HqKw28IDRqafgySs50GgJxiZ72ZSaCDZic7Y7HvJ5CXC/HdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org