Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a-KhaRco9ArtuZUZlsSjiNzBMbU.roa
File: a-KhaRco9ArtuZUZlsSjiNzBMbU.roa (raw, json)
Hash identifier: kYzm+22xUx2SZuAwr1sN9eq2m5W/5Ux0kMQMZ/p2iBQ=
Subject key identifier: 6B:E2:A1:69:17:28:F4:0A:ED:B9:95:19:96:C4:A3:88:DC:C1:31:B5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AB3B37536920A3CF8A0410FE7AABB0C59
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a-KhaRco9ArtuZUZlsSjiNzBMbU.roa
Signing time: Wed 20 Sep 2023 17:46:37 +0000
ROA not before: Wed 20 Sep 2023 17:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Thu 21 Sep 2023 09:05:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:b3:75:36:92:0a:3c:f8:a0:41:0f:e7:aa:bb:0c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 20 17:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6be2a1691728f40aedb9951996c4a388dcc131b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:47:37:4e:a1:80:fb:14:09:ee:d1:e8:15:
39:59:be:38:19:e1:95:ba:f1:7b:a3:95:d7:6a:05:
33:c3:51:44:d5:da:23:23:67:ee:07:b4:a5:6c:68:
03:59:5f:e6:59:1a:3d:34:9c:17:ae:4b:f9:75:32:
14:8a:1e:bc:d6:33:ea:55:df:ec:e4:e8:dc:7d:84:
1b:6b:a2:67:2c:29:84:4b:a9:15:7c:d6:3d:48:26:
ed:1e:f8:c5:d9:51:c9:c3:a8:e2:0a:33:91:fd:33:
1e:7f:f8:5b:2c:7e:1a:5d:93:cc:c7:bc:f6:b6:a6:
56:11:ac:18:0b:34:db:e4:c7:d9:a5:29:d4:08:13:
81:fe:3c:30:ac:73:e1:90:78:6e:36:a0:61:48:48:
80:10:45:36:92:f9:d7:da:4f:bc:6a:37:af:dd:f9:
d8:61:31:66:69:f0:00:a9:7c:ec:e2:b1:68:1a:70:
12:bc:ce:22:aa:06:1d:a5:b6:f6:e4:63:99:28:80:
30:d4:95:41:9d:fa:91:46:1d:ad:c6:11:eb:6a:97:
7f:e9:90:ba:0e:0a:2e:af:b4:ef:33:5c:8f:80:78:
72:5f:3e:bd:d4:85:d1:29:e1:46:27:a7:e8:6b:e6:
8c:6b:e6:b9:61:62:a0:82:d6:b7:23:fa:56:95:61:
83:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E2:A1:69:17:28:F4:0A:ED:B9:95:19:96:C4:A3:88:DC:C1:31:B5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/a-KhaRco9ArtuZUZlsSjiNzBMbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4c:97:a8:12:ea:6d:9a:91:93:20:9f:87:01:f6:05:2f:78:64:
17:1a:82:8c:ea:51:65:de:1c:4f:0b:0e:0c:53:f4:9c:97:6d:
2b:d5:18:88:73:17:be:91:dd:7c:a4:74:63:8e:62:b5:99:f0:
e9:68:20:fc:0d:a9:82:81:a4:3f:e1:d1:05:8f:68:57:2b:a4:
a3:2c:1f:f8:b1:42:b9:8d:5d:46:bb:88:78:30:e6:e7:94:ac:
b3:eb:65:65:43:65:1b:b0:52:08:c9:34:6b:7d:bc:7f:6c:68:
f8:77:39:7b:d8:6f:f2:7d:c9:4c:e2:ba:ff:22:7f:8b:f0:86:
24:7b:bf:05:24:79:13:6f:cb:e0:c3:5d:d1:2b:8b:63:64:9b:
94:16:49:4b:81:2f:5b:0d:19:03:42:82:d0:a9:62:21:c4:24:
70:03:2b:56:8e:ad:54:7d:30:2f:dc:ea:59:4e:75:68:5d:e1:
58:00:eb:0b:40:36:ee:78:07:73:77:65:8f:60:0a:28:6e:b0:
31:2d:63:c1:34:9b:dc:85:e9:58:50:27:68:a9:16:a1:14:93:
0d:98:35:2b:86:91:f4:a9:68:99:e6:db:1d:ff:3c:d5:ab:86:
99:b7:2a:af:80:87:6b:28:f1:63:b1:e1:5e:ab:8c:f6:ce:5e:
c0:b2:c1:37
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYqzs3U2kgo8+KBBD+equwxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTIwMTc0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmUyYTE2OTE3MjhmNDBhZWRiOTk1MTk5NmM0YTM4OGRjYzEzMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX9HN06hgPsUCe7R6BU5Wb44GeGV
uvF7o5XXagUzw1FE1dojI2fuB7SlbGgDWV/mWRo9NJwXrkv5dTIUih681jPqVd/s
5OjcfYQba6JnLCmES6kVfNY9SCbtHvjF2VHJw6jiCjOR/TMef/hbLH4aXZPMx7z2
tqZWEawYCzTb5MfZpSnUCBOB/jwwrHPhkHhuNqBhSEiAEEU2kvnX2k+8ajev3fnY
YTFmafAAqXzs4rFoGnASvM4iqgYdpbb25GOZKIAw1JVBnfqRRh2txhHrapd/6ZC6
Dgour7TvM1yPgHhyXz691IXRKeFGJ6foa+aMa+a5YWKggta3I/pWlWGDBQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFGvioWkXKPQK7bmVGZbEo4jcwTG1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvYS1LaGFSY285QXJ0dVpVWmxzU2ppTnpCTWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRigMEANXRjwMEANXRkgME
ANXRlgMEANXRnQMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAEyXqBLqbZqRkyCfhwH2BS94ZBcagozqUWXeHE8LDgxT9JyXbSvV
GIhzF76R3XykdGOOYrWZ8OloIPwNqYKBpD/h0QWPaFcrpKMsH/ixQrmNXUa7iHgw
5ueUrLPrZWVDZRuwUgjJNGt9vH9saPh3OXvYb/J9yUziuv8if4vwhiR7vwUkeRNv
y+DDXdEri2Nkm5QWSUuBL1sNGQNCgtCpYiHEJHADK1aOrVR9MC/c6llOdWhd4VgA
6wtANu54B3N3ZY9gCihusDEtY8E0m9yF6VhQJ2ipFqEUkw2YNSuGkfSpaJnm2x3/
PNWrhpm3Kq+Ah2so8WOx4V6rjPbOXsCywTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org