Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gmUAm2OPNfSulZchWXBzZLyA9jw.roa
File: gmUAm2OPNfSulZchWXBzZLyA9jw.roa (raw, json)
Hash identifier: k7fjIIA1auAGzOFVSam4hmpNPzp9lNC/ZI1miZh1+qU=
Subject key identifier: 82:65:00:9B:63:8F:35:F4:AE:95:97:21:59:70:73:64:BC:80:F6:3C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01924CB0AFAD36F4DAF58EA3173AD67F4CA9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gmUAm2OPNfSulZchWXBzZLyA9jw.roa
Signing time: Wed 02 Oct 2024 10:05:00 +0000
ROA not before: Wed 02 Oct 2024 10:05:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 06 Oct 2024 21:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:b0:af:ad:36:f4:da:f5:8e:a3:17:3a:d6:7f:4c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 2 10:05:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8265009b638f35f4ae95972159707364bc80f63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:88:46:d8:cb:93:7c:f9:51:c7:2a:59:93:b7:
c2:8b:ae:9c:c3:e6:1e:3e:8c:fe:f5:9f:2b:50:9c:
46:99:8d:13:60:1b:07:cb:c0:d2:4a:d0:49:93:c0:
25:6a:93:d7:cf:86:54:6b:a5:5b:75:b7:db:e2:22:
ef:9d:10:54:db:2a:16:75:05:47:06:6c:fa:7a:5e:
f5:b7:8d:ee:a1:58:bf:e6:34:42:55:32:ad:21:e5:
39:e1:0a:52:bf:c4:4a:74:81:9c:d2:dc:45:16:64:
5c:4d:c4:27:fc:f3:1a:71:a0:74:e9:80:ae:dd:28:
36:5f:f4:b8:1c:9a:97:e8:c2:a0:96:b6:f4:77:64:
8f:8e:48:90:af:f9:d1:13:84:c0:b8:a9:21:98:89:
a3:b2:15:af:bf:72:bb:1e:97:6b:0c:db:28:bd:8d:
9d:ae:05:ab:2b:88:32:1b:57:50:1a:81:42:3f:3b:
cf:b1:4a:94:e9:80:e2:81:98:e3:1d:6c:04:ef:90:
13:04:75:ad:aa:3b:b1:45:15:9e:f5:0d:14:3b:28:
50:2d:42:bc:17:cd:b1:5c:48:d8:2b:03:f5:fa:61:
42:73:33:b4:51:96:fd:42:22:a9:ee:eb:e8:cf:56:
a9:96:93:e2:66:7d:a2:2f:16:76:d3:66:19:48:05:
16:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:65:00:9B:63:8F:35:F4:AE:95:97:21:59:70:73:64:BC:80:F6:3C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gmUAm2OPNfSulZchWXBzZLyA9jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a9:76:be:ce:36:27:a9:ef:2a:ab:eb:56:92:a5:b6:55:e8:08:
c3:5e:cf:1c:7f:f4:ab:46:0c:93:b0:07:44:ab:21:89:ca:b9:
9f:df:d2:a5:3e:9e:c7:24:89:4f:59:69:72:aa:35:fb:68:42:
42:53:07:e7:9a:86:48:90:dd:a4:b4:c2:2b:10:32:89:24:05:
de:cc:f6:7c:a3:f1:3a:d1:3e:fa:63:54:d2:2b:a3:57:e5:86:
ec:67:86:2d:0e:56:14:66:bc:77:38:60:c5:b7:1e:a7:dd:3c:
30:6f:81:4c:05:91:19:05:52:cc:8c:43:4d:26:63:34:5a:a0:
35:06:85:56:3f:7c:b7:0d:19:b5:7c:d4:67:0c:5a:dc:ec:c6:
1c:42:03:80:84:be:18:42:8c:30:60:07:2d:21:20:dc:20:a5:
e4:bc:a4:60:4c:22:0e:87:2e:9c:07:2e:3c:e4:f4:18:ee:78:
07:11:ee:65:04:6d:ef:b6:1a:8f:9e:b2:f6:7e:e5:bf:9b:5a:
d4:79:ba:d7:24:e5:f6:a8:4f:d6:aa:7f:e9:63:a7:c8:42:e1:
3e:5b:d9:fe:95:b2:b5:17:30:da:83:c1:5c:96:21:7f:ed:16:
0e:aa:89:2e:de:59:60:64:2a:ce:f9:86:30:27:f7:a2:5b:94:
0d:09:72:85
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZJMsK+tNvTa9Y6jFzrWf0ypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDAyMTAwNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjY1MDA5YjYzOGYzNWY0YWU5NTk3MjE1OTcwNzM2NGJjODBmNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IhG2MuTfPlRxypZk7fCi66cw+Ye
Poz+9Z8rUJxGmY0TYBsHy8DSStBJk8AlapPXz4ZUa6Vbdbfb4iLvnRBU2yoWdQVH
Bmz6el71t43uoVi/5jRCVTKtIeU54QpSv8RKdIGc0txFFmRcTcQn/PMacaB06YCu
3Sg2X/S4HJqX6MKglrb0d2SPjkiQr/nRE4TAuKkhmImjshWvv3K7HpdrDNsovY2d
rgWrK4gyG1dQGoFCPzvPsUqU6YDigZjjHWwE75ATBHWtqjuxRRWe9Q0UOyhQLUK8
F82xXEjYKwP1+mFCczO0UZb9QiKp7uvoz1aplpPiZn2iLxZ202YZSAUWSwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFIJlAJtjjzX0rpWXIVlwc2S8gPY8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZ21VQW0yT1BOZlN1bFpjaFdYQnpaTHlBOWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBADV0YoDBADV0ZYwFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCpdr7ONiep7yqr61aSpbZV6AjDXs8c
f/SrRgyTsAdEqyGJyrmf39KlPp7HJIlPWWlyqjX7aEJCUwfnmoZIkN2ktMIrEDKJ
JAXezPZ8o/E60T76Y1TSK6NX5YbsZ4YtDlYUZrx3OGDFtx6n3Twwb4FMBZEZBVLM
jENNJmM0WqA1BoVWP3y3DRm1fNRnDFrc7MYcQgOAhL4YQowwYActISDcIKXkvKRg
TCIOhy6cBy485PQY7ngHEe5lBG3vthqPnrL2fuW/m1rUebrXJOX2qE/Wqn/pY6fI
QuE+W9n+lbK1FzDag8FcliF/7RYOqoku3llgZCrO+YYwJ/eiW5QNCXKF
-----END CERTIFICATE-----
Generated at Sun Oct 6 23:11:07 2024 by rpki-client on console-fra.rpki-client.org