Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/g4agiMbpAbtzfyIjF3dbubMwaDE.roa
File: g4agiMbpAbtzfyIjF3dbubMwaDE.roa (raw, json)
Hash identifier: ETOnM48trB1oj5DMyGskENOW81DRLReZr1WClJF3PPo=
Subject key identifier: 83:86:A0:88:C6:E9:01:BB:73:7F:22:23:17:77:5B:B9:B3:30:68:31
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CA5E8100173D787B7B7B07EECCA86184B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/g4agiMbpAbtzfyIjF3dbubMwaDE.roa
Signing time: Tue 26 Dec 2023 11:34:58 +0000
ROA not before: Tue 26 Dec 2023 11:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:e8:10:01:73:d7:87:b7:b7:b0:7e:ec:ca:86:18:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 26 11:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8386a088c6e901bb737f222317775bb9b3306831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:6d:45:31:f8:d4:8e:a7:7a:aa:75:f1:68:
d9:04:fd:a8:ee:e0:3a:7c:1e:85:86:70:71:5c:cc:
29:2b:bb:97:ac:c7:43:81:80:e5:75:45:c5:f6:81:
48:77:ab:97:04:97:bd:ad:f2:4a:3c:6f:99:b3:04:
9e:fa:58:34:2c:f3:a2:66:c2:16:49:bb:50:f5:03:
e6:a0:03:04:57:6f:6d:1d:e5:40:b8:57:f8:50:87:
c2:d9:6a:37:5f:3a:84:b4:ed:11:3b:e2:17:b0:28:
4a:d9:31:58:96:fc:25:1b:a3:1d:91:67:8a:52:ff:
60:f8:1b:d0:c3:77:32:95:f8:04:a3:63:73:17:bf:
ba:8d:b8:e7:05:39:79:f8:2b:e7:16:8c:67:f4:5c:
cf:c5:fa:ca:3f:b4:1f:a2:18:93:a6:b7:4e:07:e7:
2d:0e:71:05:68:d2:b1:70:a7:61:5f:72:55:c8:68:
ad:90:ba:f2:ff:a7:18:71:83:05:6c:fb:76:8c:ea:
80:28:bd:de:aa:9d:38:3a:82:71:6b:2d:e3:e3:3b:
15:c2:5e:c3:cf:f7:f9:5d:74:14:18:75:76:2f:ce:
f2:cf:09:53:11:26:f1:69:8e:79:3c:d3:44:36:7e:
8e:f4:f3:f6:6d:0a:57:53:29:71:c3:6a:cb:f0:13:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:86:A0:88:C6:E9:01:BB:73:7F:22:23:17:77:5B:B9:B3:30:68:31
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/g4agiMbpAbtzfyIjF3dbubMwaDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.15.255
213.209.129.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
ac:a5:4d:e3:57:f4:77:89:1b:3f:db:d2:1a:b3:d8:c4:b7:23:
a3:c1:38:0e:ba:32:20:57:6f:6a:5f:27:1e:81:35:df:7f:9b:
9a:90:89:55:65:5d:c0:80:67:36:0b:06:1e:86:4e:61:4b:ca:
8f:30:ef:12:c3:23:3a:3e:2f:a7:76:03:36:e5:3b:59:a1:ae:
03:73:53:74:4c:70:2d:c3:61:bf:2b:47:22:40:88:4c:a0:7c:
08:2a:46:2e:f7:54:97:97:a1:ae:2c:b5:2f:c0:56:fb:19:c6:
0f:e8:7d:f9:28:02:cc:c7:77:eb:57:6b:38:c8:a6:12:5c:0d:
b1:36:eb:98:9a:43:64:44:54:d2:f8:d3:a7:a9:9d:d7:52:7c:
d4:b9:d1:6f:56:2c:f2:a3:43:f1:f6:3f:c4:80:d2:13:b6:7d:
55:6b:29:1f:6c:58:30:51:0f:7c:27:58:3e:d0:35:b0:20:7e:
d4:27:d6:f8:de:bf:8e:5e:d4:86:0c:30:63:56:01:8c:61:5f:
af:97:b5:ab:0a:f3:ae:ad:ba:09:38:7e:66:a8:be:92:23:2d:
b9:62:6b:5a:f6:b1:6b:af:a1:16:38:06:ae:b0:a8:3e:70:00:
34:d0:65:fd:cb:55:4e:e9:e7:a1:44:29:25:a4:2e:d6:ac:c6:
03:9c:2c:05
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYyl6BABc9eHt7ewfuzKhhhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMjI2MTEzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzg2YTA4OGM2ZTkwMWJiNzM3ZjIyMjMxNzc3NWJiOWIzMzA2ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKFtRTH41I6neqp18WjZBP2o7uA6
fB6FhnBxXMwpK7uXrMdDgYDldUXF9oFId6uXBJe9rfJKPG+ZswSe+lg0LPOiZsIW
SbtQ9QPmoAMEV29tHeVAuFf4UIfC2Wo3XzqEtO0RO+IXsChK2TFYlvwlG6MdkWeK
Uv9g+BvQw3cylfgEo2NzF7+6jbjnBTl5+CvnFoxn9FzPxfrKP7QfohiTprdOB+ct
DnEFaNKxcKdhX3JVyGitkLry/6cYcYMFbPt2jOqAKL3eqp04OoJxay3j4zsVwl7D
z/f5XXQUGHV2L87yzwlTESbxaY55PNNENn6O9PP2bQpXUylxw2rL8BNALwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFIOGoIjG6QG7c38iIxd3W7mzMGgxMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZzRhZ2lNYnBBYnR6ZnlJakYzZGJ1Yk13YURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
MAwDBABNWpkDBABNWpoDBABNWrwwDAMEALnmDQMEBLnmAAMEANXRgQMEANXRigME
ANXRkQMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAKylTeNX9HeJGz/b0hqz2MS3I6PBOA66MiBXb2pfJx6BNd9/m5qQ
iVVlXcCAZzYLBh6GTmFLyo8w7xLDIzo+L6d2AzblO1mhrgNzU3RMcC3DYb8rRyJA
iEygfAgqRi73VJeXoa4stS/AVvsZxg/offkoAszHd+tXazjIphJcDbE265iaQ2RE
VNL406epnddSfNS50W9WLPKjQ/H2P8SA0hO2fVVrKR9sWDBRD3wnWD7QNbAgftQn
1vjev45e1IYMMGNWAYxhX6+XtasK866tugk4fmaovpIjLblia1r2sWuvoRY4Bq6w
qD5wADTQZf3LVU7p56FEKSWkLtasxgOcLAU=
-----END CERTIFICATE-----
Generated at Thu Dec 28 17:19:24 2023 by rpki-client on console-ams.rpki-client.org