Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZSevz01IDSpoKpYX_LyprjwfBzM.roa
File: ZSevz01IDSpoKpYX_LyprjwfBzM.roa (raw, json)
Hash identifier: kt/KLNh9gaUZQRj/hsWQmBOKfxE0LboKh6E0p8GunD4=
Subject key identifier: 65:27:AF:CF:4D:48:0D:2A:68:2A:96:17:FC:BC:A9:AE:3C:1F:07:33
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B475FDCA27450375E2D33B123FB339E1A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZSevz01IDSpoKpYX_LyprjwfBzM.roa
Signing time: Thu 19 Oct 2023 09:59:06 +0000
ROA not before: Thu 19 Oct 2023 09:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:5f:dc:a2:74:50:37:5e:2d:33:b1:23:fb:33:9e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 19 09:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6527afcf4d480d2a682a9617fcbca9ae3c1f0733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:af:12:34:40:7c:39:b6:8d:5b:51:00:02:0d:
16:bd:b7:80:4d:0c:d0:c2:e4:2a:ff:a7:d7:dd:a5:
3d:a2:84:11:3f:73:2d:ec:99:e8:af:2a:2b:30:5f:
57:75:a1:02:04:8d:1c:a9:ea:af:ab:61:e7:eb:a6:
78:b9:16:73:8b:73:c2:2f:50:a6:4d:7f:ea:99:07:
bc:e0:e6:79:74:55:ed:69:14:d3:26:7e:fb:65:3d:
11:05:cd:99:69:03:e3:8c:78:91:61:9b:db:76:7a:
9f:cc:ac:1b:92:df:c9:44:ee:1a:a8:a5:ad:b8:0e:
38:7d:04:60:e5:79:8d:85:6f:cf:69:4f:2a:c1:a1:
a5:f0:19:aa:d0:70:43:7b:c0:6e:f4:f1:e2:57:aa:
03:f5:51:56:29:5b:4b:54:e7:70:74:5e:2d:b8:73:
e7:c9:06:65:ea:ae:41:35:99:3c:77:11:af:24:79:
bd:78:7b:91:d4:3c:dc:0f:7b:f3:16:c8:0b:59:ec:
d6:2c:e1:0a:2b:93:33:6c:a1:fa:a9:c7:c4:73:94:
a8:39:99:20:18:4a:13:92:bd:54:43:11:93:49:e7:
e0:9e:9a:bc:a7:bb:ab:07:56:19:c2:aa:17:68:af:
7a:51:07:e0:96:ab:93:8d:62:92:26:22:79:5a:4d:
cd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:27:AF:CF:4D:48:0D:2A:68:2A:96:17:FC:BC:A9:AE:3C:1F:07:33
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ZSevz01IDSpoKpYX_LyprjwfBzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.14.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
24:79:6c:31:c7:63:5d:aa:67:d8:ef:89:98:4c:34:c8:fc:53:
f0:5b:28:b1:5b:f5:3f:6f:c7:6e:e9:b9:cd:5e:72:98:fc:b1:
a8:42:8b:89:f7:4c:64:06:d4:ec:c1:dd:0e:b7:f6:e9:6f:68:
1c:87:10:f4:a9:64:83:91:8d:63:a4:60:8e:0e:a5:87:13:41:
32:ed:87:96:36:f5:3a:ef:4d:21:33:85:d9:59:6e:ff:ef:5b:
ea:f9:a4:81:37:3c:aa:95:30:c7:5f:1d:bb:be:53:d3:2a:7f:
d8:38:bc:5a:7c:db:fb:41:40:02:41:28:5a:79:07:a4:7b:be:
e9:37:48:ac:44:b9:05:7b:55:89:57:20:30:de:81:fb:72:3a:
99:9a:0b:02:23:3a:bf:a5:86:0d:e2:1d:4f:97:74:18:64:83:
ae:4d:ef:5e:bc:ed:83:29:dc:a3:b2:c6:63:f2:32:b3:de:be:
c3:72:0c:10:ac:43:a7:b0:91:dc:34:4c:d0:3d:c8:a5:7d:62:
47:01:25:ff:d4:ef:42:1a:38:9c:1d:9b:4e:4b:f7:ce:99:c6:
97:1f:d4:45:60:f9:ff:25:09:cc:23:5a:6a:ba:33:be:a7:33:
04:01:78:93:bb:f9:3e:2d:52:cb:39:d2:80:0d:1e:c5:8b:65:
60:e4:ac:28
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYtHX9yidFA3Xi0zsSP7M54aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDE5MDk1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI3YWZjZjRkNDgwZDJhNjgyYTk2MTdmY2JjYTlhZTNjMWYwNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK8SNEB8ObaNW1EAAg0WvbeATQzQ
wuQq/6fX3aU9ooQRP3Mt7JnoryorMF9XdaECBI0cqeqvq2Hn66Z4uRZzi3PCL1Cm
TX/qmQe84OZ5dFXtaRTTJn77ZT0RBc2ZaQPjjHiRYZvbdnqfzKwbkt/JRO4aqKWt
uA44fQRg5XmNhW/PaU8qwaGl8Bmq0HBDe8Bu9PHiV6oD9VFWKVtLVOdwdF4tuHPn
yQZl6q5BNZk8dxGvJHm9eHuR1DzcD3vzFsgLWezWLOEKK5MzbKH6qcfEc5SoOZkg
GEoTkr1UQxGTSefgnpq8p7urB1YZwqoXaK96UQfglquTjWKSJiJ5Wk3NfQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFGUnr89NSA0qaCqWF/y8qa48HwczMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWlNldnowMUlEU3BvS3BZWF9MeXByandmQnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBAC55g4DBADV0YowDAMEANXRkQMEANXRkgMEANXRljAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBACR5bDHHY12q
Z9jviZhMNMj8U/BbKLFb9T9vx27puc1ecpj8sahCi4n3TGQG1OzB3Q639ulvaByH
EPSpZIORjWOkYI4OpYcTQTLth5Y29TrvTSEzhdlZbv/vW+r5pIE3PKqVMMdfHbu+
U9Mqf9g4vFp82/tBQAJBKFp5B6R7vuk3SKxEuQV7VYlXIDDegftyOpmaCwIjOr+l
hg3iHU+XdBhkg65N71687YMp3KOyxmPyMrPevsNyDBCsQ6ewkdw0TNA9yKV9YkcB
Jf/U70IaOJwdm05L986Zxpcf1EVg+f8lCcwjWmq6M76nMwQBeJO7+T4tUss50oAN
HsWLZWDkrCg=
-----END CERTIFICATE-----
Generated at Mon Oct 23 15:55:31 2023 by rpki-client on console-fra.rpki-client.org