Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/h8ezVp74jVcOIRGbN44GEye2A5Y.roa
File: h8ezVp74jVcOIRGbN44GEye2A5Y.roa (raw, json)
Hash identifier: tDP+a9xKt5JAbyLf9QOM5RhUhqhcTEvMV/6eJI+ZPyQ=
Subject key identifier: 87:C7:B3:56:9E:F8:8D:57:0E:21:11:9B:37:8E:06:13:27:B6:03:96
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019263BD144FFD9E13AEC72F4E12BECFEE97
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/h8ezVp74jVcOIRGbN44GEye2A5Y.roa
Signing time: Sun 06 Oct 2024 21:29:48 +0000
ROA not before: Sun 06 Oct 2024 21:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:24:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:63:bd:14:4f:fd:9e:13:ae:c7:2f:4e:12:be:cf:ee:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 6 21:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87c7b3569ef88d570e21119b378e061327b60396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:a0:3a:92:0c:0e:ec:04:83:8c:3b:0c:42:
36:81:da:83:7b:60:0a:3c:98:66:7d:41:d3:fe:28:
34:0a:06:7f:fe:ec:0a:97:c1:8d:a6:cf:d4:08:0e:
d1:e6:93:c3:96:da:3f:75:37:b6:77:da:0b:bf:45:
a4:90:72:9b:57:ea:f8:68:08:41:41:3d:bf:b2:e3:
f3:18:03:47:f1:da:2e:76:eb:57:97:c6:a3:55:1f:
63:16:79:33:91:6f:04:6b:d8:43:16:84:d7:c6:28:
49:b6:09:67:23:dc:02:21:a3:9d:a0:4e:22:62:2a:
d6:84:eb:88:88:bf:fe:d4:82:5a:d2:a5:58:72:7f:
93:7a:0c:89:65:f8:fe:1b:a6:36:63:a5:d3:95:12:
6f:b5:f2:ce:8e:3c:20:0f:95:1e:99:40:3d:0b:e8:
c2:f3:e4:99:eb:68:71:98:57:b1:af:a0:dc:0e:2b:
fa:75:e8:e2:3c:e2:a5:12:8a:46:8d:dd:ce:19:69:
e4:56:0e:17:b7:d7:6d:05:72:48:2f:14:5e:d7:62:
06:fb:76:0d:22:90:49:42:0d:e6:69:b6:61:89:01:
de:a7:cd:f0:09:35:b0:80:a7:2c:62:0a:ca:2e:75:
22:3e:25:ea:9f:25:41:97:17:0b:4f:6a:e7:cb:b7:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C7:B3:56:9E:F8:8D:57:0E:21:11:9B:37:8E:06:13:27:B6:03:96
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/h8ezVp74jVcOIRGbN44GEye2A5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
213.209.129.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
10:29:88:f4:e6:50:1e:5e:88:64:f5:f9:6f:3a:46:30:1b:cf:
23:16:2e:b7:7f:9e:59:e6:95:04:cc:38:4e:41:90:2b:5d:6c:
23:66:ca:7a:52:4f:61:0d:0b:cc:db:95:dd:44:da:3d:ab:02:
3e:04:b3:b3:36:a0:72:97:c6:19:cb:df:ba:00:0f:e6:39:33:
02:e1:1a:b8:95:1f:a6:4d:53:2d:a8:b3:71:90:5c:84:63:56:
a7:77:a8:5e:4a:3e:42:21:83:17:51:c6:8e:b9:09:a3:8b:22:
f4:61:37:ac:6b:29:9c:ed:51:c9:85:20:45:16:87:3f:63:5c:
fa:a8:5e:41:05:9f:81:85:d6:e1:9e:5a:96:67:ca:dc:64:01:
04:aa:f3:0e:37:f1:35:93:f9:2f:27:98:fc:09:8e:f4:74:0b:
6d:ad:83:18:31:22:b0:c0:8c:dc:7f:fe:f4:fd:cb:e8:eb:94:
64:02:c2:cd:c7:80:fb:a4:18:e0:27:a5:1e:52:32:b7:e9:0c:
f3:31:bf:3c:5e:6b:b8:bd:45:de:55:00:13:0f:77:b1:1e:f1:
02:89:c7:d9:f0:d1:88:2a:52:b7:5a:49:4f:dd:e5:cf:7f:fa:
50:f0:de:94:10:06:97:d7:df:3f:46:8e:2a:cb:0a:5b:48:6f:
68:5e:f3:fe
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZJjvRRP/Z4TrscvThK+z+6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDA2MjEyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M3YjM1NjllZjg4ZDU3MGUyMTExOWIzNzhlMDYxMzI3YjYwMzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9GgOpIMDuwEg4w7DEI2gdqDe2AK
PJhmfUHT/ig0CgZ//uwKl8GNps/UCA7R5pPDlto/dTe2d9oLv0WkkHKbV+r4aAhB
QT2/suPzGANH8doudutXl8ajVR9jFnkzkW8Ea9hDFoTXxihJtglnI9wCIaOdoE4i
YirWhOuIiL/+1IJa0qVYcn+TegyJZfj+G6Y2Y6XTlRJvtfLOjjwgD5UemUA9C+jC
8+SZ62hxmFexr6DcDiv6dejiPOKlEopGjd3OGWnkVg4Xt9dtBXJILxRe12IG+3YN
IpBJQg3mabZhiQHep83wCTWwgKcsYgrKLnUiPiXqnyVBlxcLT2rny7d4ywIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFIfHs1ae+I1XDiERmzeOBhMntgOWMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaDhlelZwNzRqVmNPSVJHYk40NEdFeWUyQTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBADV0YEDBADV0YoDBADV0ZYwFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQAQKYj05lAeXohk9flvOkYw
G88jFi63f55Z5pUEzDhOQZArXWwjZsp6Uk9hDQvM25XdRNo9qwI+BLOzNqByl8YZ
y9+6AA/mOTMC4Rq4lR+mTVMtqLNxkFyEY1and6heSj5CIYMXUcaOuQmjiyL0YTes
aymc7VHJhSBFFoc/Y1z6qF5BBZ+BhdbhnlqWZ8rcZAEEqvMON/E1k/kvJ5j8CY70
dAttrYMYMSKwwIzcf/70/cvo65RkAsLNx4D7pBjgJ6UeUjK36QzzMb88Xmu4vUXe
VQATD3exHvECicfZ8NGIKlK3WklP3eXPf/pQ8N6UEAaX198/Ro4qywpbSG9oXvP+
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:43:45 2024 by rpki-client on console-ams.rpki-client.org