Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hJYgUaqY0b3kpAP22FFWwe9J6uM.roa
File: hJYgUaqY0b3kpAP22FFWwe9J6uM.roa (raw, json)
Hash identifier: +r2GY7/GfTXbrYb0oKv+3a2Z4EkGDbTZanTZcLJeSGQ=
Subject key identifier: 84:96:20:51:AA:98:D1:BD:E4:A4:03:F6:D8:51:56:C1:EF:49:EA:E3
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018DA35A04226450DBEF52B7723E4595EDCE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hJYgUaqY0b3kpAP22FFWwe9J6uM.roa
Signing time: Tue 13 Feb 2024 16:43:21 +0000
ROA not before: Tue 13 Feb 2024 16:43:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Feb 2024 17:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:5a:04:22:64:50:db:ef:52:b7:72:3e:45:95:ed:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 13 16:43:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84962051aa98d1bde4a403f6d85156c1ef49eae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:87:38:9e:4a:4c:98:48:4f:bf:09:45:14:43:
47:2b:68:6d:04:81:78:80:51:6f:36:b6:e0:f9:ec:
04:f0:bd:cb:8b:53:9d:67:67:45:1f:f4:39:9c:bf:
7c:2c:c9:b0:72:41:c7:ae:d3:23:78:8f:70:e7:24:
5f:ca:ee:27:36:d2:02:a6:f6:f2:2c:9a:70:61:5c:
9f:77:0b:32:9f:a7:6f:b5:26:f0:fe:d0:2b:eb:3c:
50:20:22:1b:1f:8e:90:dd:b5:af:9f:eb:c4:b0:6a:
12:04:40:25:f9:54:77:cc:07:b6:ee:59:33:e6:45:
aa:2a:71:85:f2:92:87:3e:73:7c:4a:4b:40:e7:cd:
49:2b:c9:30:ea:a8:98:83:43:a7:a6:35:fe:07:81:
06:97:99:b0:8a:62:75:86:28:95:5b:c4:35:c4:2c:
7c:c2:a5:4a:d9:70:f8:be:05:fb:e1:21:0b:6c:7d:
14:c9:82:3d:5f:5f:a5:08:54:9e:2f:72:0a:66:6c:
c1:97:ab:59:be:27:1e:f2:fa:7e:14:fd:ba:7b:c8:
ca:f6:9c:03:61:ab:e1:29:3b:65:74:df:01:bc:b3:
ff:3e:12:9d:80:44:ef:4d:72:77:0e:32:f2:72:07:
3d:23:cf:91:d6:07:7a:49:b8:26:14:a9:57:57:50:
15:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:96:20:51:AA:98:D1:BD:E4:A4:03:F6:D8:51:56:C1:EF:49:EA:E3
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hJYgUaqY0b3kpAP22FFWwe9J6uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
63:b5:83:3d:ee:2e:d8:53:39:0b:a4:c6:4b:ce:b6:f0:63:94:
45:9d:62:c7:59:19:20:bf:97:61:39:4b:2c:49:7a:98:84:bb:
17:d9:73:b0:25:e6:66:34:6b:10:26:19:73:32:f7:49:22:a4:
c3:83:d9:be:d7:17:7b:e6:06:03:4f:5b:35:96:47:0f:20:4e:
f7:67:a9:f8:8d:a9:ba:55:30:8d:c0:0b:4a:9a:e5:67:1f:77:
57:07:40:62:d0:45:cc:3c:c3:a6:20:25:b6:20:4a:3f:1c:99:
cd:55:2e:f4:53:62:18:a8:9b:1d:d9:96:eb:f2:6b:48:40:06:
b2:48:02:ba:34:4f:f2:85:19:ad:07:2a:5f:e4:c0:39:bd:3c:
35:28:ab:7a:05:1d:45:57:5e:46:eb:16:42:be:3a:07:52:29:
00:8c:76:71:43:8d:74:2f:62:5d:b4:18:75:20:a4:66:ea:27:
3e:f8:9e:83:ef:1d:64:23:d4:96:47:d5:67:87:6a:fa:5c:be:
28:1d:6e:c5:a6:97:24:3e:90:0c:fb:6e:d8:17:9a:5f:8c:52:
8a:af:d9:31:bc:2f:f9:e3:6f:2f:0a:78:9a:6f:36:8b:7b:86:
39:2c:62:91:b3:43:40:6f:b4:6e:82:4f:ae:27:09:4b:18:f4:
c0:3e:4f:f5
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAY2jWgQiZFDb71K3cj5Fle3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMjEzMTY0MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDk2MjA1MWFhOThkMWJkZTRhNDAzZjZkODUxNTZjMWVmNDllYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYc4nkpMmEhPvwlFFENHK2htBIF4
gFFvNrbg+ewE8L3Li1OdZ2dFH/Q5nL98LMmwckHHrtMjeI9w5yRfyu4nNtICpvby
LJpwYVyfdwsyn6dvtSbw/tAr6zxQICIbH46Q3bWvn+vEsGoSBEAl+VR3zAe27lkz
5kWqKnGF8pKHPnN8SktA581JK8kw6qiYg0OnpjX+B4EGl5mwimJ1hiiVW8Q1xCx8
wqVK2XD4vgX74SELbH0UyYI9X1+lCFSeL3IKZmzBl6tZvice8vp+FP26e8jK9pwD
YavhKTtldN8BvLP/PhKdgETvTXJ3DjLycgc9I8+R1gd6SbgmFKlXV1AVdQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFISWIFGqmNG95KQD9thRVsHvSerjMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaEpZZ1VhcVkwYjNrcEFQMjJGRld3ZTlKNnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRgQMEANXRigMEANXRjwME
ANXRkTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAGO1
gz3uLthTOQukxkvOtvBjlEWdYsdZGSC/l2E5SyxJepiEuxfZc7Al5mY0axAmGXMy
90kipMOD2b7XF3vmBgNPWzWWRw8gTvdnqfiNqbpVMI3AC0qa5Wcfd1cHQGLQRcw8
w6YgJbYgSj8cmc1VLvRTYhiomx3Zluvya0hABrJIAro0T/KFGa0HKl/kwDm9PDUo
q3oFHUVXXkbrFkK+OgdSKQCMdnFDjXQvYl20GHUgpGbqJz74noPvHWQj1JZH1WeH
avpcvigdbsWmlyQ+kAz7btgXml+MUoqv2TG8L/njby8KeJpvNot7hjksYpGzQ0Bv
tG6CT64nCUsY9MA+T/U=
-----END CERTIFICATE-----
Generated at Wed Feb 14 21:22:13 2024 by rpki-client on console-fra.rpki-client.org