Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/f_dAOfB7gRjjdoHLrMZCN1SWoM0.roa
File: f_dAOfB7gRjjdoHLrMZCN1SWoM0.roa (raw, json)
Hash identifier: //GWuTDZqufv5JJaFQ8dvB3KzP7tXnNtdcRPOBAM4f4=
Subject key identifier: 7F:F7:40:39:F0:7B:81:18:E3:76:81:CB:AC:C6:42:37:54:96:A0:CD
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC74070F666382A8F7B9B953E4D757C88
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/f_dAOfB7gRjjdoHLrMZCN1SWoM0.roa
Signing time: Mon 01 Jan 2024 22:58:58 +0000
ROA not before: Mon 01 Jan 2024 22:58:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:40:70:f6:66:38:2a:8f:7b:9b:95:3e:4d:75:7c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:58:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ff74039f07b8118e37681cbacc642375496a0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:ca:76:d6:af:97:f9:e6:89:0f:90:35:2f:
22:bd:ea:ad:34:3e:91:ab:73:ef:fd:91:af:f3:75:
10:c4:9d:95:98:ed:2f:1b:8b:6b:8f:57:94:38:03:
04:02:63:f4:09:3c:7e:98:c1:07:49:a7:ca:46:24:
7e:56:23:2f:7f:09:39:e2:18:df:79:b0:d5:d5:f7:
0a:da:a2:01:c5:2e:0f:49:42:b0:d2:f4:24:61:43:
46:72:2b:11:a5:82:82:68:95:31:27:a1:4f:7b:3c:
df:82:cf:3e:0c:5e:2a:6b:03:99:92:c2:61:e4:bf:
ce:eb:1d:54:89:8e:4b:a6:21:4f:7a:95:52:42:96:
8a:d4:35:1c:d0:d3:7b:c0:80:fd:8a:77:3f:87:0e:
70:62:29:1f:49:c7:e3:ff:99:16:9d:b2:01:b0:08:
e4:b3:2f:e7:a1:72:b6:50:8c:a6:85:70:36:a7:31:
f9:15:80:37:5d:29:4a:30:8f:4c:e1:a3:05:d4:99:
37:11:d5:e2:0f:d8:91:1b:3d:47:d2:96:ad:f2:33:
e5:58:23:5c:e8:55:72:17:98:3e:c5:14:3a:8d:19:
53:d7:ca:25:1a:f8:81:6f:7a:1e:d6:cf:35:83:c9:
e6:f2:4c:1d:1b:19:5d:e4:21:86:51:b1:f4:c4:2e:
0d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F7:40:39:F0:7B:81:18:E3:76:81:CB:AC:C6:42:37:54:96:A0:CD
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/f_dAOfB7gRjjdoHLrMZCN1SWoM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.15.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
65:f2:3f:aa:d2:44:35:52:b5:85:1f:93:ce:f3:5d:a2:5a:22:
f3:2e:7c:91:47:72:87:d2:04:0e:7a:67:d3:61:91:35:2d:03:
10:73:57:5a:40:19:71:4c:c2:4e:a4:2f:02:1d:45:45:81:61:
32:08:2d:69:8a:29:d1:07:6f:ff:49:65:59:f5:ab:50:b8:a5:
83:a9:81:89:52:e9:eb:a4:86:59:43:49:18:cf:2c:7b:18:ed:
dd:2d:03:5a:42:f2:92:2d:07:69:3d:77:df:72:11:51:40:36:
cb:77:4b:7f:93:c2:27:87:4b:6e:e0:14:e2:ad:77:d2:23:21:
30:23:50:5a:f6:b8:3a:55:25:f4:d2:55:28:4a:9f:9f:22:af:
b0:bd:2d:48:66:75:18:72:83:00:4c:39:2c:84:e7:32:91:ed:
e5:1e:33:2d:f0:e3:12:8e:0f:37:02:2b:0a:02:5d:e2:13:2f:
03:e7:d4:76:dd:43:f0:f2:7e:01:a3:b7:ea:fc:16:96:d6:5d:
64:70:16:52:06:30:97:64:8e:f2:fc:a0:f4:a3:dd:1e:17:7c:
55:d1:19:17:26:1e:70:7d:84:34:8b:9b:44:ec:d6:c6:83:69:
46:9a:93:36:eb:76:31:c3:23:19:19:34:b8:cc:0a:b0:46:21:
1f:42:63:d7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYzHQHD2Zjgqj3ublT5NdXyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAxMjI1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmY3NDAzOWYwN2I4MTE4ZTM3NjgxY2JhY2M2NDIzNzU0OTZhMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVLKdtavl/nmiQ+QNS8iveqtND6R
q3Pv/ZGv83UQxJ2VmO0vG4trj1eUOAMEAmP0CTx+mMEHSafKRiR+ViMvfwk54hjf
ebDV1fcK2qIBxS4PSUKw0vQkYUNGcisRpYKCaJUxJ6FPezzfgs8+DF4qawOZksJh
5L/O6x1UiY5LpiFPepVSQpaK1DUc0NN7wID9inc/hw5wYikfScfj/5kWnbIBsAjk
sy/noXK2UIymhXA2pzH5FYA3XSlKMI9M4aMF1Jk3EdXiD9iRGz1H0pat8jPlWCNc
6FVyF5g+xRQ6jRlT18olGviBb3oe1s81g8nm8kwdGxld5CGGUbH0xC4NOwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFH/3QDnwe4EY43aBy6zGQjdUlqDNMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZl9kQU9mQjdnUmpqZG9ITHJNWkNOMVNXb00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUMAwDBABN
WpkDBABNWpoDBABNWrwwDAMEALnmDQMEBLnmAAMEANXRgQMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWAwQA1dGdMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAZfI/qtJENVK1hR+TzvNdoloi8y58kUdyh9IEDnpn02GRNS0D
EHNXWkAZcUzCTqQvAh1FRYFhMggtaYop0Qdv/0llWfWrULilg6mBiVLp66SGWUNJ
GM8sexjt3S0DWkLyki0HaT1333IRUUA2y3dLf5PCJ4dLbuAU4q130iMhMCNQWva4
OlUl9NJVKEqfnyKvsL0tSGZ1GHKDAEw5LITnMpHt5R4zLfDjEo4PNwIrCgJd4hMv
A+fUdt1D8PJ+AaO36vwWltZdZHAWUgYwl2SO8vyg9KPdHhd8VdEZFyYecH2ENIub
ROzWxoNpRpqTNut2McMjGRk0uMwKsEYhH0Jj1w==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:10 2024 by rpki-client on console-fra.rpki-client.org