Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/l6xoh_GUI208YnpgVLkSQ-dmfM8.roa
File: l6xoh_GUI208YnpgVLkSQ-dmfM8.roa (raw, json)
Hash identifier: wCdolhberG6mYab4XCBd3xlfxz4GYZ7W5xz3BBASo6E=
Subject key identifier: 97:AC:68:87:F1:94:23:6D:3C:62:7A:60:54:B9:12:43:E7:66:7C:CF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AFC16F6CC65C9841AB56DB129A6650733
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/l6xoh_GUI208YnpgVLkSQ-dmfM8.roa
Signing time: Wed 04 Oct 2023 19:07:57 +0000
ROA not before: Wed 04 Oct 2023 19:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:16:f6:cc:65:c9:84:1a:b5:6d:b1:29:a6:65:07:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 4 19:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ac6887f194236d3c627a6054b91243e7667ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fb:ac:39:1a:a2:9e:6e:7f:8d:f6:ad:58:f7:
3d:3d:68:7c:42:6d:aa:c9:3d:90:16:cc:ba:3c:fb:
67:ef:e4:16:f5:e0:c2:8e:a8:ed:82:4c:08:d0:79:
ab:8e:31:60:47:72:6e:bb:f0:27:99:25:27:dc:8b:
42:e5:04:77:c0:a3:cb:8a:bb:46:50:91:49:05:54:
05:6a:55:ee:9d:7b:79:d1:d8:38:04:59:0f:09:2d:
25:cc:51:fe:ee:67:85:d1:e3:a3:9a:34:db:fc:4e:
90:e7:9a:c3:ac:63:e8:cd:07:44:ee:ac:b4:23:a4:
65:14:5d:b1:2c:f6:a6:7f:5c:1a:39:d2:2a:38:e6:
22:ea:18:14:9d:d1:48:5d:3b:48:8f:d5:37:aa:84:
fb:1d:55:1b:62:61:f5:ae:f9:58:eb:90:68:d8:03:
29:f9:2e:b6:f4:96:48:2b:1b:81:3d:a6:53:aa:70:
19:1d:37:6a:da:7b:87:70:ec:cf:12:84:39:04:a9:
87:b6:c7:45:00:b2:c8:88:f2:d2:d4:9a:26:ba:c8:
ad:05:5f:b2:26:eb:dd:1f:4a:09:7f:85:f1:60:12:
55:68:69:86:5f:81:75:e5:bf:f7:04:58:93:fb:f0:
43:a4:b5:5a:ce:e8:5f:1f:fa:82:8f:a9:fb:a8:54:
45:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AC:68:87:F1:94:23:6D:3C:62:7A:60:54:B9:12:43:E7:66:7C:CF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/l6xoh_GUI208YnpgVLkSQ-dmfM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
9a:31:19:0f:76:81:07:bc:9f:83:1b:fa:43:84:30:b3:74:86:
3d:eb:b7:a1:67:3b:3c:25:34:a8:0e:f2:76:8b:9e:3c:bd:63:
c5:9b:5b:2b:3a:65:e0:0e:62:08:e1:7c:e3:31:1e:9b:a8:62:
08:58:72:e2:c2:7b:09:40:68:c4:08:60:36:c8:69:c1:40:fd:
1b:c4:bb:6a:0a:cd:4c:5c:6c:1f:d4:f2:09:41:e2:7d:50:92:
1c:71:f7:a1:f2:07:39:c4:9d:b0:9f:b1:fa:ae:d6:d8:3e:92:
84:91:b9:85:14:fb:52:d2:12:d7:0f:72:d3:6f:52:c8:a0:d6:
78:1c:34:73:78:c0:f5:eb:8f:b8:f2:13:00:1b:d3:58:38:2a:
2e:b7:90:ab:c4:c8:08:83:3b:ec:12:b0:35:df:e8:51:a6:7a:
d0:5f:b5:b6:3c:46:5a:c6:3b:ec:de:1c:7e:ea:12:88:e6:a1:
ce:81:b1:b5:ba:03:e6:39:a0:2f:9a:18:45:de:e4:25:29:aa:
df:89:f7:e2:c6:8a:4f:f9:d8:c1:e0:4b:f0:d3:05:1c:a4:ce:
cf:59:00:b9:b0:bd:cd:29:33:bb:05:1c:ad:2b:7e:48:3e:02:
37:65:4d:ca:4c:88:73:2b:fb:21:41:fb:ea:4e:86:64:e8:02:
2c:20:56:e6
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYr8FvbMZcmEGrVtsSmmZQczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDA0MTkwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FjNjg4N2YxOTQyMzZkM2M2MjdhNjA1NGI5MTI0M2U3NjY3Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofusORqinm5/jfatWPc9PWh8Qm2q
yT2QFsy6PPtn7+QW9eDCjqjtgkwI0HmrjjFgR3Juu/AnmSUn3ItC5QR3wKPLirtG
UJFJBVQFalXunXt50dg4BFkPCS0lzFH+7meF0eOjmjTb/E6Q55rDrGPozQdE7qy0
I6RlFF2xLPamf1waOdIqOOYi6hgUndFIXTtIj9U3qoT7HVUbYmH1rvlY65Bo2AMp
+S629JZIKxuBPaZTqnAZHTdq2nuHcOzPEoQ5BKmHtsdFALLIiPLS1JomusitBV+y
JuvdH0oJf4XxYBJVaGmGX4F15b/3BFiT+/BDpLVazuhfH/qCj6n7qFRFDwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFJesaIfxlCNtPGJ6YFS5EkPnZnzPMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbDZ4b2hfR1VJMjA4WW5wZ1ZMa1NRLWRtZk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEBLnmAAMEANXRijAMAwQA1dGRAwQA1dGS
AwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEA
mjEZD3aBB7yfgxv6Q4Qws3SGPeu3oWc7PCU0qA7ydouePL1jxZtbKzpl4A5iCOF8
4zEem6hiCFhy4sJ7CUBoxAhgNshpwUD9G8S7agrNTFxsH9TyCUHifVCSHHH3ofIH
OcSdsJ+x+q7W2D6ShJG5hRT7UtIS1w9y029SyKDWeBw0c3jA9euPuPITABvTWDgq
LreQq8TICIM77BKwNd/oUaZ60F+1tjxGWsY77N4cfuoSiOahzoGxtboD5jmgL5oY
Rd7kJSmq34n34saKT/nYweBL8NMFHKTOz1kAubC9zSkzuwUcrSt+SD4CN2VNykyI
cyv7IUH76k6GZOgCLCBW5g==
-----END CERTIFICATE-----
Generated at Tue Oct 10 10:20:32 2023 by rpki-client on console-ams.rpki-client.org