Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jmApvU6dXnrBTWC6i9LtqQApqzU.roa
File: jmApvU6dXnrBTWC6i9LtqQApqzU.roa (raw, json)
Hash identifier: wkxPVx/e/3zKxR7AunMtFO5OyMzHffmtxKD+qGtfzYc=
Subject key identifier: 8E:60:29:BD:4E:9D:5E:7A:C1:4D:60:BA:8B:D2:ED:A9:00:29:AB:35
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189AC3C709AD593756B6820F431B1528F75
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jmApvU6dXnrBTWC6i9LtqQApqzU.roa
Signing time: Mon 31 Jul 2023 13:56:29 +0000
ROA not before: Mon 31 Jul 2023 13:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 01 Aug 2023 11:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:3c:70:9a:d5:93:75:6b:68:20:f4:31:b1:52:8f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jul 31 13:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e6029bd4e9d5e7ac14d60ba8bd2eda90029ab35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:66:da:f4:91:05:4e:23:93:b2:fe:d9:63:48:
1f:15:62:77:27:ab:e4:e7:4b:b6:65:ce:c5:8c:af:
40:12:f9:c5:e4:59:b5:d5:ef:39:c9:88:4b:6d:73:
39:86:f5:81:03:a1:e1:4c:ef:49:b0:00:7b:f4:68:
30:95:69:25:74:ab:de:03:2a:9a:3b:e9:97:15:29:
83:c6:e7:21:5b:fa:49:36:01:90:96:1e:1e:b4:0d:
c3:72:13:46:e6:b5:5a:c0:6c:bc:53:ab:65:b7:6a:
ea:f0:30:fc:f1:1c:ee:15:9b:ee:b3:81:94:8b:2a:
dd:d0:ad:f0:f1:c9:05:5d:ef:4e:47:47:68:9d:d1:
ec:d1:57:1b:8c:09:3a:de:78:a0:0d:81:25:d9:8c:
43:89:c6:ae:5d:74:f3:f1:05:54:b3:1f:2b:4a:dd:
96:79:2b:f5:b2:9d:fb:36:79:05:79:db:4b:d6:c1:
71:93:7c:0d:97:95:a5:37:f0:cb:31:af:4f:9d:ce:
de:30:ad:59:c8:8f:af:ba:93:3f:7f:12:18:77:75:
da:8d:fb:9a:d1:79:65:d4:51:34:ea:e0:aa:74:6c:
2e:da:4b:01:f6:b0:4e:6d:4e:4b:b0:45:32:90:97:
19:1f:70:8c:22:5b:1f:39:bd:8a:c4:4d:9c:7f:79:
76:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:60:29:BD:4E:9D:5E:7A:C1:4D:60:BA:8B:D2:ED:A9:00:29:AB:35
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jmApvU6dXnrBTWC6i9LtqQApqzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
213.209.138.0/24
213.209.151.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
88:29:4c:26:b8:cb:0f:5a:2f:2c:98:37:39:5e:4c:99:f4:37:
ff:89:23:e2:be:15:42:26:c8:de:95:56:82:ab:49:80:87:c9:
1e:bc:05:fc:57:f9:2c:a5:60:96:1e:63:b4:d3:25:48:cd:e8:
82:b4:0e:8b:9a:83:6e:ca:15:32:5e:eb:a6:af:fd:21:c3:e5:
1d:b7:1d:b7:98:8d:0e:57:47:d3:b8:f0:1b:68:a4:89:89:9a:
45:27:d3:52:96:ac:33:79:fe:2b:3c:56:41:19:79:ee:b9:c0:
f5:1c:93:fb:e5:20:f3:a6:7b:c5:55:81:e4:0f:6b:55:7f:15:
7b:59:9a:46:10:e0:38:dd:f9:d6:a1:ea:60:e7:bb:ab:9e:e4:
b3:38:ca:44:92:26:ed:58:ad:4e:4e:31:3c:68:9d:7d:7a:44:
21:27:22:42:f4:90:ef:7c:a6:f0:ae:fe:a6:bd:8e:15:28:c1:
e1:06:42:77:32:8f:eb:33:de:fb:5c:af:5f:15:cf:7c:ce:da:
b2:d6:bb:bb:45:86:ec:db:fb:cd:29:31:e7:a1:60:2f:dd:1b:
81:3e:58:29:ec:f2:8c:15:e2:24:b5:90:bd:fa:36:6d:98:4e:
a3:8d:79:eb:3c:4f:b8:34:29:a8:b2:58:b3:50:99:58:c4:99:
f8:62:79:2e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYmsPHCa1ZN1a2gg9DGxUo91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNzMxMTM1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTYwMjliZDRlOWQ1ZTdhYzE0ZDYwYmE4YmQyZWRhOTAwMjlhYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2ba9JEFTiOTsv7ZY0gfFWJ3J6vk
50u2Zc7FjK9AEvnF5Fm11e85yYhLbXM5hvWBA6HhTO9JsAB79GgwlWkldKveAyqa
O+mXFSmDxuchW/pJNgGQlh4etA3DchNG5rVawGy8U6tlt2rq8DD88RzuFZvus4GU
iyrd0K3w8ckFXe9OR0dondHs0VcbjAk63nigDYEl2YxDicauXXTz8QVUsx8rSt2W
eSv1sp37NnkFedtL1sFxk3wNl5WlN/DLMa9Pnc7eMK1ZyI+vupM/fxIYd3Xajfua
0Xll1FE06uCqdGwu2ksB9rBObU5LsEUykJcZH3CMIlsfOb2KxE2cf3l29QIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFI5gKb1OnV56wU1guovS7akAKas1MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvam1BcHZVNmRYbnJCVFdDNmk5THRxUUFwcXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBADV0YoDBADV0ZcDBADV0Z0DBADV0Z8wFAQC
AAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCIKUwmuMsPWi8s
mDc5XkyZ9Df/iSPivhVCJsjelVaCq0mAh8kevAX8V/kspWCWHmO00yVIzeiCtA6L
moNuyhUyXuumr/0hw+Udtx23mI0OV0fTuPAbaKSJiZpFJ9NSlqwzef4rPFZBGXnu
ucD1HJP75SDzpnvFVYHkD2tVfxV7WZpGEOA43fnWoepg57urnuSzOMpEkibtWK1O
TjE8aJ19ekQhJyJC9JDvfKbwrv6mvY4VKMHhBkJ3Mo/rM977XK9fFc98ztqy1ru7
RYbs2/vNKTHnoWAv3RuBPlgp7PKMFeIktZC9+jZtmE6jjXnrPE+4NCmoslizUJlY
xJn4Ynku
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org