Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dahEIxkiR7ElcqDDUGydW-I7Hks.roa
File: dahEIxkiR7ElcqDDUGydW-I7Hks.roa (raw, json)
Hash identifier: cG5wtdxGBPQdNdmozb+wMBmFUe8Ojqc4Mkm6ehg+Ez4=
Subject key identifier: 75:A8:44:23:19:22:47:B1:25:72:A0:C3:50:6C:9D:5B:E2:3B:1E:4B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01859C61472047CB8D38B3B3D5C8E5E65B7B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dahEIxkiR7ElcqDDUGydW-I7Hks.roa
Signing time: Tue 10 Jan 2023 15:51:38 +0000
ROA not before: Tue 10 Jan 2023 15:51:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 11 Jan 2023 14:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:61:47:20:47:cb:8d:38:b3:b3:d5:c8:e5:e6:5b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 10 15:51:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a84423192247b12572a0c3506c9d5be23b1e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:24:98:92:4d:c8:81:ff:5a:3a:28:d9:05:
d3:c4:35:2e:ee:f6:01:fd:dd:bb:fa:9a:d5:58:38:
70:d2:e1:9f:26:b7:2b:5c:4d:99:15:35:9f:60:f6:
50:51:1c:84:31:75:93:e5:ba:f0:51:53:82:79:8e:
1f:e6:e5:39:3d:5d:2a:8d:47:42:76:a1:ab:ff:40:
f0:4a:9f:c5:2f:8b:86:48:fe:de:ae:64:a6:3b:66:
97:79:5f:9b:df:08:f9:7f:a9:0e:f4:3c:dc:33:27:
f4:14:9f:e6:63:dd:9c:03:f2:fb:ad:fb:f8:96:bc:
23:da:18:8c:ab:df:2c:94:42:a2:11:6b:53:29:09:
a6:62:8a:c5:2f:2a:75:f8:94:cb:54:95:16:14:72:
ea:dc:fb:4f:5e:42:9c:f5:d5:37:67:39:7f:e8:b9:
40:28:dc:00:b2:6b:8b:47:92:76:d5:54:aa:cc:41:
7a:52:42:62:97:90:a3:4b:26:b4:44:e1:9c:1c:5e:
53:bd:8e:67:e8:4f:f3:7a:29:cf:18:dc:02:ef:c1:
94:0e:4c:73:df:a0:88:9a:f2:64:3d:46:e0:52:68:
b3:f0:7f:ff:9f:88:e5:79:50:c2:e7:92:6e:5e:ea:
ee:b8:42:34:f7:e7:cb:46:db:d1:6f:a9:1d:95:b9:
f7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A8:44:23:19:22:47:B1:25:72:A0:C3:50:6C:9D:5B:E2:3B:1E:4B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dahEIxkiR7ElcqDDUGydW-I7Hks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.15.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
ae:50:37:da:4b:41:c5:f7:da:dc:49:7b:82:43:1f:df:d4:3c:
fa:8b:8d:a0:ac:e1:af:a9:e9:8a:a5:65:77:6d:c0:dc:21:7e:
e7:cc:b8:35:00:f4:f2:e0:4d:65:90:5b:26:bc:8b:12:80:55:
5d:10:d3:96:34:98:6a:08:8c:0a:71:2b:76:c1:1c:5e:d0:18:
ee:01:9b:7b:83:6b:5f:34:43:6e:4b:5e:8a:65:50:69:a8:fd:
69:af:d9:22:34:cf:e8:0f:65:b8:5b:43:63:40:31:7d:80:2c:
a6:03:73:21:21:b3:14:7d:3f:b6:29:76:de:32:c6:27:73:a9:
36:2f:d4:1a:98:73:0f:12:0a:21:ee:c0:f6:86:b7:4b:08:7c:
4c:02:94:b3:a1:1f:c4:5c:d2:93:89:1c:05:e1:d3:bd:c7:26:
49:ef:28:8c:7b:d7:86:ba:36:db:f9:62:44:ec:f6:52:4c:76:
4f:9c:f5:c9:a4:10:79:ef:c6:a7:f5:8d:73:45:98:5f:a3:c9:
9b:18:09:fe:d5:8c:0e:71:85:ae:45:a2:4c:50:d6:e7:a2:06:
31:46:92:f6:6e:83:35:aa:89:8e:b2:43:2d:d3:3d:d9:89:ee:
1a:6a:d7:aa:b6:26:fd:6f:17:f9:83:71:47:c2:21:9b:18:2d:
59:a9:94:02
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYWcYUcgR8uNOLOz1cjl5lt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTEwMTU1MTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE4NDQyMzE5MjI0N2IxMjU3MmEwYzM1MDZjOWQ1YmUyM2IxZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnUkmJJNyIH/Wjoo2QXTxDUu7vYB
/d27+prVWDhw0uGfJrcrXE2ZFTWfYPZQURyEMXWT5brwUVOCeY4f5uU5PV0qjUdC
dqGr/0DwSp/FL4uGSP7ermSmO2aXeV+b3wj5f6kO9DzcMyf0FJ/mY92cA/L7rfv4
lrwj2hiMq98slEKiEWtTKQmmYorFLyp1+JTLVJUWFHLq3PtPXkKc9dU3Zzl/6LlA
KNwAsmuLR5J21VSqzEF6UkJil5CjSya0ROGcHF5TvY5n6E/zeinPGNwC78GUDkxz
36CImvJkPUbgUmiz8H//n4jleVDC55JuXuruuEI09+fLRtvRb6kdlbn3FQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFHWoRCMZIkexJXKgw1BsnVviOx5LMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZGFoRUl4a2lSN0VsY3FERFVHeWRXLUk3SGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqS
AwQATVqUAwQAueYPAwQA1dGKAwQA1dGRAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEArlA32ktBxffa3El7gkMf39Q8+ouNoKzh
r6npiqVld23A3CF+58y4NQD08uBNZZBbJryLEoBVXRDTljSYagiMCnErdsEcXtAY
7gGbe4NrXzRDbkteimVQaaj9aa/ZIjTP6A9luFtDY0AxfYAspgNzISGzFH0/til2
3jLGJ3OpNi/UGphzDxIKIe7A9oa3Swh8TAKUs6EfxFzSk4kcBeHTvccmSe8ojHvX
hro22/liROz2Ukx2T5z1yaQQee/Gp/WNc0WYX6PJmxgJ/tWMDnGFrkWiTFDW56IG
MUaS9m6DNaqJjrJDLdM92YnuGmrXqrYm/W8X+YNxR8IhmxgtWamUAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org