Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dYMVETjA8X7ZE70AEKJAODN5scA.roa
File: dYMVETjA8X7ZE70AEKJAODN5scA.roa (raw, json)
Hash identifier: utG1+3CI9XGkOCbV1NJNYAdK/EpsMXk3Eo9bAP+Nadk=
Subject key identifier: 75:83:15:11:38:C0:F1:7E:D9:13:BD:00:10:A2:40:38:33:79:B1:C0
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018FD4BD03748930767DF309E542A2F31069
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dYMVETjA8X7ZE70AEKJAODN5scA.roa
Signing time: Sat 01 Jun 2024 16:58:27 +0000
ROA not before: Sat 01 Jun 2024 16:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 22:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:bd:03:74:89:30:76:7d:f3:09:e5:42:a2:f3:10:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 1 16:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7583151138c0f17ed913bd0010a240383379b1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:05:4d:1d:e8:86:74:8e:19:85:e5:1c:83:
57:94:b9:07:25:4c:94:e2:ef:fa:a2:9e:c8:bc:a1:
a0:0e:b1:64:9d:e5:49:d3:7e:36:1b:0e:9d:af:09:
2a:db:5b:0a:e8:4c:c7:f7:43:cd:7f:57:34:1f:71:
dc:00:82:48:ea:c2:34:c0:96:b8:7a:d0:ba:ed:75:
c2:07:10:9d:76:03:3c:63:d8:a6:b2:ed:de:c9:58:
6b:60:2f:d6:8d:c5:bb:18:2e:96:b9:71:ae:3d:d9:
4c:13:57:c5:c2:74:52:da:94:a0:9b:c2:f7:74:45:
cc:04:40:81:cb:8b:b4:d3:a4:4f:46:96:83:b4:9c:
62:eb:36:f2:ff:97:d4:e6:63:66:f9:67:ba:8e:ce:
64:05:38:48:30:dc:37:0a:44:b3:51:4c:d3:92:97:
b3:c3:1b:74:17:c6:09:e4:57:7b:c7:97:c8:89:b3:
34:35:5f:9c:7d:27:9d:fe:92:bc:e3:19:e6:12:bf:
b6:3e:5c:90:72:b3:05:14:0d:4d:97:d0:cc:a6:45:
3b:d6:ad:d2:da:fc:62:95:93:48:fc:2e:d2:5d:f4:
cb:fc:0c:e7:d4:c3:4c:8e:1c:47:c8:0b:86:e4:5f:
e0:de:1f:54:4f:08:1d:67:3b:c8:b4:fc:5f:16:f4:
af:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:83:15:11:38:C0:F1:7E:D9:13:BD:00:10:A2:40:38:33:79:B1:C0
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dYMVETjA8X7ZE70AEKJAODN5scA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
00:6f:86:c6:b5:d2:f2:74:60:f0:65:26:3d:42:8a:5c:80:2b:
58:96:2e:42:88:f7:82:d5:a4:35:1b:aa:75:d2:8f:1d:cc:47:
27:69:e3:35:b3:71:b7:a2:66:4b:c9:73:de:e8:90:5a:68:a6:
0a:5f:66:43:fe:b7:f7:89:e3:42:8d:67:90:24:e1:39:39:d5:
bb:36:c4:ea:1b:d4:05:d8:82:c3:33:ea:d4:c2:63:16:1a:0f:
fc:a7:ba:b4:3f:8e:f3:40:c7:5e:5b:bb:c2:5c:35:9d:5b:c8:
ab:d8:9d:17:3b:94:fc:b2:71:70:8c:42:2c:93:3e:d1:ce:47:
39:86:e6:af:0a:41:ef:b8:38:33:83:c6:3e:2e:47:ae:9d:ca:
ac:2c:65:4a:05:c1:7f:6d:14:65:b6:53:46:1c:48:98:f0:ba:
f8:13:84:0c:72:4b:71:61:81:9f:5d:8d:5b:b5:df:49:32:ea:
48:8b:38:1e:95:f7:43:62:18:93:05:89:76:3c:b9:0e:91:7c:
cc:ed:d6:1c:b6:98:06:4e:f1:df:df:15:eb:cf:37:2b:00:4b:
3a:62:d8:76:2f:a4:7e:65:33:a0:c5:12:f3:33:31:7e:4e:7b:
2f:e1:3b:68:1a:9e:c6:82:ec:c8:6f:e5:d5:7b:f4:14:49:8d:
05:78:87:b9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY/UvQN0iTB2ffMJ5UKi8xBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjAxMTY1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTgzMTUxMTM4YzBmMTdlZDkxM2JkMDAxMGEyNDAzODMzNzliMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEwFTR3ohnSOGYXlHINXlLkHJUyU
4u/6op7IvKGgDrFkneVJ0342Gw6drwkq21sK6EzH90PNf1c0H3HcAIJI6sI0wJa4
etC67XXCBxCddgM8Y9imsu3eyVhrYC/WjcW7GC6WuXGuPdlME1fFwnRS2pSgm8L3
dEXMBECBy4u006RPRpaDtJxi6zby/5fU5mNm+We6js5kBThIMNw3CkSzUUzTkpez
wxt0F8YJ5Fd7x5fIibM0NV+cfSed/pK84xnmEr+2PlyQcrMFFA1Nl9DMpkU71q3S
2vxilZNI/C7SXfTL/Azn1MNMjhxHyAuG5F/g3h9UTwgdZzvItPxfFvSvvQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFHWDFRE4wPF+2RO9ABCiQDgzebHAMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZFlNVkVUakE4WDdaRTcwQUVLSkFPRE41c2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEAE1amQMEAE1amgMEANXRgQMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWAwQA1dGdMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAAG+GxrXS8nRg8GUmPUKKXIArWJYuQoj3gtWkNRuqddKPHcxH
J2njNbNxt6JmS8lz3uiQWmimCl9mQ/6394njQo1nkCThOTnVuzbE6hvUBdiCwzPq
1MJjFhoP/Ke6tD+O80DHXlu7wlw1nVvIq9idFzuU/LJxcIxCLJM+0c5HOYbmrwpB
77g4M4PGPi5Hrp3KrCxlSgXBf20UZbZTRhxImPC6+BOEDHJLcWGBn12NW7XfSTLq
SIs4HpX3Q2IYkwWJdjy5DpF8zO3WHLaYBk7x398V6883KwBLOmLYdi+kfmUzoMUS
8zMxfk57L+E7aBqexoLsyG/l1Xv0FEmNBXiHuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 00:57:34 2024 by rpki-client on console-fra.rpki-client.org