Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jD12pGYaZWcQEUqYWZl2_DzPvlA.roa
File: jD12pGYaZWcQEUqYWZl2_DzPvlA.roa (raw, json)
Hash identifier: QYZI1m8ooluFtcpsB2dC5vkffV1vg+bgX/xTJvz0x38=
Subject key identifier: 8C:3D:76:A4:66:1A:65:67:10:11:4A:98:59:99:76:FC:3C:CF:BE:50
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018571F46C4F7E045EE8F3C71092E9C20AB4
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jD12pGYaZWcQEUqYWZl2_DzPvlA.roa
Signing time: Mon 02 Jan 2023 10:08:42 +0000
ROA not before: Mon 02 Jan 2023 10:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f4:6c:4f:7e:04:5e:e8:f3:c7:10:92:e9:c2:0a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 10:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c3d76a4661a656710114a98599976fc3ccfbe50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:9d:20:d9:89:1b:c1:a4:04:21:4b:a1:a2:
6a:bd:08:57:36:ca:97:95:0f:e5:c0:d2:7b:44:40:
bd:3c:5a:01:7f:9d:b0:49:c5:fa:12:47:dd:31:ef:
57:d4:d9:3f:fe:82:8b:d7:02:39:29:ce:ea:ce:90:
d9:ad:24:a3:34:2d:a0:c7:e8:09:84:81:30:1f:25:
e0:e8:fe:c4:1e:e7:79:4c:65:5d:73:0e:d7:05:b3:
62:77:2c:ea:10:98:39:bd:36:2b:f2:e9:78:2b:a9:
fb:f1:8c:04:e3:5d:c6:8f:a0:fe:11:dd:d9:f0:46:
e8:b2:08:43:bf:27:53:81:25:c3:d8:29:79:6f:80:
0a:f7:b8:0e:04:56:df:72:de:89:39:47:79:98:cc:
9f:69:e7:01:21:2e:29:f2:0e:09:05:76:a8:94:72:
0c:c0:63:16:38:32:15:da:78:4e:2e:70:d4:a0:d5:
af:7a:ce:06:d1:ca:3a:c2:b2:0c:af:18:79:b2:33:
bc:49:45:0d:39:b6:0b:59:b6:9f:ba:82:5b:6e:7c:
99:1c:3a:f9:90:4e:91:6f:ae:d3:8c:f5:90:cf:9e:
63:71:4b:a2:55:08:7f:f6:3b:6e:1a:ba:d5:3c:a8:
22:07:63:22:24:59:f8:5d:23:7a:d7:18:ba:6b:e0:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3D:76:A4:66:1A:65:67:10:11:4A:98:59:99:76:FC:3C:CF:BE:50
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jD12pGYaZWcQEUqYWZl2_DzPvlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.156.0/24
77.90.184.0/24
185.230.14.0/23
213.209.129.0/24
213.209.136.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/23
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4d:01:fc:a6:af:ae:eb:8f:1a:90:8b:86:f2:17:fc:d0:36:b2:
bd:da:19:66:01:43:41:a7:da:58:05:87:60:ee:70:7b:97:7f:
bf:4e:c2:b4:67:0f:3c:d5:c1:cb:9c:4a:36:9d:86:fd:e4:a5:
49:e6:75:1b:4d:ed:57:01:ee:aa:a7:61:d8:27:4e:5e:9c:ec:
0d:5f:3c:84:52:95:a7:ea:bd:cd:af:34:25:93:fb:e3:4c:f0:
90:e6:b6:68:b6:4f:1e:0e:ac:d6:ec:87:af:2b:79:62:4b:2e:
25:a2:9d:0d:b6:37:58:41:35:23:42:67:d8:26:33:46:85:b5:
71:74:44:9e:33:68:97:72:fb:e4:41:e7:28:6f:5a:7f:dc:0f:
1d:f4:94:7b:27:9a:f9:12:0f:9c:3a:af:68:e5:7e:d9:ef:51:
11:c6:ea:5c:52:80:2d:7e:91:72:a9:da:a2:ee:39:19:67:3f:
55:8e:d7:84:66:17:1f:11:db:d4:94:de:93:c6:35:fd:03:24:
ba:22:c6:51:1b:0f:47:c6:f9:51:db:80:21:1c:6b:b4:39:0e:
f2:57:75:99:c3:29:a7:91:ef:03:88:16:42:4f:f4:64:20:3d:
b9:77:3b:5c:de:f7:f5:a5:74:f1:23:39:68:1c:2c:43:96:d0:
f4:ba:0e:59
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYVx9GxPfgRe6PPHEJLpwgq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAyMTAwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNkNzZhNDY2MWE2NTY3MTAxMTRhOTg1OTk5NzZmYzNjY2ZiZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0+dINmJG8GkBCFLoaJqvQhXNsqX
lQ/lwNJ7REC9PFoBf52wScX6EkfdMe9X1Nk//oKL1wI5Kc7qzpDZrSSjNC2gx+gJ
hIEwHyXg6P7EHud5TGVdcw7XBbNidyzqEJg5vTYr8ul4K6n78YwE413Gj6D+Ed3Z
8EbosghDvydTgSXD2Cl5b4AK97gOBFbfct6JOUd5mMyfaecBIS4p8g4JBXaolHIM
wGMWODIV2nhOLnDUoNWves4G0co6wrIMrxh5sjO8SUUNObYLWbafuoJbbnyZHDr5
kE6Rb67TjPWQz55jcUuiVQh/9jtuGrrVPKgiB2MiJFn4XSN61xi6a+AySQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIw9dqRmGmVnEBFKmFmZdvw8z75QMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvakQxMnBHWWFaV2NRRVVxWVdabDJfRHpQdmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAE1alAMEAE1amQMEAE1anAMEAE1auAMEAbnmDgMEANXRgQMEANXRiAME
ANXRigMEANXRkQMEAdXRlgMEANXRnQMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAE0B/KavruuPGpCLhvIX/NA2sr3aGWYBQ0Gn
2lgFh2DucHuXf79OwrRnDzzVwcucSjadhv3kpUnmdRtN7VcB7qqnYdgnTl6c7A1f
PIRSlafqvc2vNCWT++NM8JDmtmi2Tx4OrNbsh68reWJLLiWinQ22N1hBNSNCZ9gm
M0aFtXF0RJ4zaJdy++RB5yhvWn/cDx30lHsnmvkSD5w6r2jlftnvURHG6lxSgC1+
kXKp2qLuORlnP1WO14RmFx8R29SU3pPGNf0DJLoixlEbD0fG+VHbgCEca7Q5DvJX
dZnDKaeR7wOIFkJP9GQgPbl3O1ze9/WldPEjOWgcLEOW0PS6Dlk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org