Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKG4hFG5EWhLDm_jeoWAdulGMsU.roa
File: gKG4hFG5EWhLDm_jeoWAdulGMsU.roa (raw, json)
Hash identifier: Bkjo4XV6UNScc5pRiwNj67wlg7xuEadxB+K7aYSi9OA=
Subject key identifier: 80:A1:B8:84:51:B9:11:68:4B:0E:6F:E3:7A:85:80:76:E9:46:32:C5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A83CFD51F2035DD873F5EB4177EEC35E3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKG4hFG5EWhLDm_jeoWAdulGMsU.roa
Signing time: Mon 11 Sep 2023 10:35:50 +0000
ROA not before: Mon 11 Sep 2023 10:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:cf:d5:1f:20:35:dd:87:3f:5e:b4:17:7e:ec:35:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 11 10:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a1b88451b911684b0e6fe37a858076e94632c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:c5:e6:b1:ec:89:04:96:6c:e7:4e:99:68:
de:9b:dc:83:f0:1f:50:d5:f0:03:e2:e3:25:37:3e:
a3:0f:02:63:07:7f:ea:83:fb:22:be:2d:d9:e9:0c:
9f:b8:97:1c:9f:a5:8b:48:6d:d5:f2:8a:07:dd:d0:
15:31:da:fa:7e:15:a1:d3:de:87:8b:f3:2c:a9:13:
83:c1:e6:e8:d5:ea:e8:3c:8b:df:57:e4:e6:2c:85:
a0:cc:21:11:34:67:f3:26:63:05:8b:3a:59:07:67:
c2:30:fe:3b:68:42:37:de:9a:03:31:4e:de:86:41:
00:d1:0a:e6:48:e1:8b:ee:92:91:6a:27:d8:9e:09:
1c:05:c8:19:e8:65:35:e1:e5:16:fb:82:6e:43:6e:
0b:38:40:02:15:fa:26:1c:47:68:35:28:76:41:51:
8e:6a:97:8a:3e:90:50:c1:19:16:26:4c:eb:98:5a:
ee:5f:3f:94:b5:fd:78:19:74:04:8f:ba:e8:ca:5b:
d9:ea:aa:f8:44:85:3a:09:a2:3f:01:2e:35:93:4b:
b5:1d:00:58:b6:03:ac:24:0a:a4:65:40:2d:a7:1e:
4c:c4:f1:16:d7:ac:eb:72:29:5e:0d:e5:ef:6c:44:
a3:7d:a1:b6:7a:c0:c3:e9:cf:ed:9e:2e:84:c2:7b:
2f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A1:B8:84:51:B9:11:68:4B:0E:6F:E3:7A:85:80:76:E9:46:32:C5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKG4hFG5EWhLDm_jeoWAdulGMsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0/24
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
07:2d:17:0e:30:f1:1d:cd:b0:e0:3a:61:20:75:3f:4c:ca:1d:
3d:17:19:28:ab:a7:69:b5:6e:48:89:0a:7c:cc:3d:3e:af:c2:
48:99:94:e5:c7:f5:d2:3d:58:98:09:e5:a5:49:87:32:e8:f2:
50:f9:e5:c2:c2:13:94:dc:97:3f:22:c3:95:63:59:37:71:05:
c1:60:53:f9:80:04:7d:dd:8e:81:4d:a5:07:15:d6:f9:a5:1c:
54:a5:0b:a3:ed:7e:92:46:27:e5:26:80:32:4c:3d:9d:ce:db:
74:74:13:d1:1a:ed:98:b1:d4:5d:33:fe:5c:99:ce:94:b6:ff:
05:7e:18:2d:4b:92:73:21:7b:42:0d:d5:41:27:e0:d7:39:e3:
c5:88:01:19:88:6a:76:84:c3:ce:05:92:3a:d7:b7:a4:11:45:
54:33:09:f1:97:06:f8:dc:4a:ce:b0:f9:a6:9e:61:46:59:ed:
81:40:50:d4:81:a4:83:d6:17:48:e3:ee:44:c6:31:af:a4:fc:
85:e3:5e:f2:ee:6a:0c:ba:52:e5:54:7c:39:28:a9:6c:27:32:
5e:d1:26:1d:9d:a0:d8:44:c6:e8:70:21:23:41:bf:01:74:06:
17:49:11:44:f7:7b:ca:80:f4:66:98:6d:11:82:89:c2:fa:e4:
f6:91:23:c9
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYqDz9UfIDXdhz9etBd+7DXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTExMTAzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGExYjg4NDUxYjkxMTY4NGIwZTZmZTM3YTg1ODA3NmU5NDYzMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJrF5rHsiQSWbOdOmWjem9yD8B9Q
1fAD4uMlNz6jDwJjB3/qg/sivi3Z6QyfuJccn6WLSG3V8ooH3dAVMdr6fhWh096H
i/MsqRODwebo1eroPIvfV+TmLIWgzCERNGfzJmMFizpZB2fCMP47aEI33poDMU7e
hkEA0QrmSOGL7pKRaifYngkcBcgZ6GU14eUW+4JuQ24LOEACFfomHEdoNSh2QVGO
apeKPpBQwRkWJkzrmFruXz+Utf14GXQEj7roylvZ6qr4RIU6CaI/AS41k0u1HQBY
tgOsJAqkZUAtpx5MxPEW16zrcileDeXvbESjfaG2esDD6c/tni6EwnsvpwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIChuIRRuRFoSw5v43qFgHbpRjLFMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZ0tHNGhGRzVFV2hMRG1famVvV0FkdWxHTXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBAC55g0DBADV0YoDBADV0Y8DBADV0ZIDBADV0ZYDBADV
0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQAHLRcO
MPEdzbDgOmEgdT9Myh09Fxkoq6dptW5IiQp8zD0+r8JImZTlx/XSPViYCeWlSYcy
6PJQ+eXCwhOU3Jc/IsOVY1k3cQXBYFP5gAR93Y6BTaUHFdb5pRxUpQuj7X6SRifl
JoAyTD2dztt0dBPRGu2YsdRdM/5cmc6Utv8FfhgtS5JzIXtCDdVBJ+DXOePFiAEZ
iGp2hMPOBZI617ekEUVUMwnxlwb43ErOsPmmnmFGWe2BQFDUgaSD1hdI4+5ExjGv
pPyF417y7moMulLlVHw5KKlsJzJe0SYdnaDYRMbocCEjQb8BdAYXSRFE93vKgPRm
mG0RgonC+uT2kSPJ
-----END CERTIFICATE-----
Generated at Tue Sep 12 15:29:39 2023 by rpki-client on console-fra.rpki-client.org