Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lA4bmYD9qHfi76FJBJrr0l8fDH8.roa
File: lA4bmYD9qHfi76FJBJrr0l8fDH8.roa (raw, json)
Hash identifier: Ofdl6D+WBP5YKpOeOGISS06WGNkaQv9rVCT6WlkG6+E=
Subject key identifier: 94:0E:1B:99:80:FD:A8:77:E2:EF:A1:49:04:9A:EB:D2:5F:1F:0C:7F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0192B995D390D838C37319A5795027F357A0
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lA4bmYD9qHfi76FJBJrr0l8fDH8.roa
Signing time: Wed 23 Oct 2024 13:34:16 +0000
ROA not before: Wed 23 Oct 2024 13:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Nov 2024 11:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:95:d3:90:d8:38:c3:73:19:a5:79:50:27:f3:57:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 23 13:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=940e1b9980fda877e2efa149049aebd25f1f0c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:df:3b:58:a5:a8:b8:41:ce:39:5a:0c:48:
bc:f9:e8:12:26:25:5c:82:b9:e6:a1:2c:76:02:a0:
cc:0a:db:00:e0:ac:dc:d4:ca:94:76:7e:74:ce:9a:
d3:a6:84:d4:a3:5b:89:b3:2b:69:50:f6:b6:b3:bd:
33:91:4e:cb:fd:2e:17:b5:63:e5:5d:e6:1e:8f:34:
f4:54:c1:39:9c:3d:b4:d6:b3:04:52:04:8d:74:48:
90:9b:93:0b:7a:62:7c:eb:82:21:9f:ec:d9:f2:0c:
02:a7:f9:f1:d0:5f:93:db:e1:4b:0e:92:e1:01:a9:
7a:9d:e0:e5:0a:2d:33:c8:42:66:8d:cf:a8:c1:97:
cf:3f:24:b7:be:8a:1e:67:61:5a:2d:93:88:9e:1a:
c5:db:18:08:ad:ed:d2:93:5a:6c:ab:b5:70:46:38:
e3:37:93:12:8e:c3:10:45:cd:fe:3c:40:75:42:97:
b5:a0:9f:99:28:3b:73:66:4c:b6:78:f2:1c:0f:96:
27:37:aa:92:3e:60:85:89:94:4d:56:23:bf:1c:41:
cf:5e:88:ac:22:3d:50:ba:e0:ae:69:33:ec:e7:f0:
9c:3b:12:d3:ac:6f:54:7b:6f:85:a5:62:55:3c:64:
8a:5e:a8:60:9e:59:2c:69:f3:f1:52:00:3f:2b:ce:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0E:1B:99:80:FD:A8:77:E2:EF:A1:49:04:9A:EB:D2:5F:1F:0C:7F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lA4bmYD9qHfi76FJBJrr0l8fDH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.138.0/24
213.209.143.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
ac:06:f9:ed:56:ec:76:7d:f8:ca:fb:f1:45:b8:32:c9:6f:00:
f5:88:c5:ca:04:98:59:70:99:4c:b7:c5:50:0c:e4:7a:0e:24:
8d:4a:b0:73:e9:df:27:26:9d:63:ae:b6:55:2e:d0:60:2a:98:
13:5e:cb:a9:43:1a:31:6b:4d:a0:d4:53:2a:59:c7:ec:1d:23:
92:42:47:63:6e:52:ef:60:d5:47:46:5d:14:cd:65:d6:5c:5a:
92:64:ee:a9:be:ec:65:d9:e7:bb:cb:71:02:2e:f4:c7:bb:cc:
b7:19:46:f7:ee:18:e3:5e:a3:60:5e:ef:26:a1:d3:bd:ab:8d:
d2:03:c7:b4:00:a6:bd:b2:1e:91:17:b7:86:9c:fb:ad:fd:e7:
a8:3c:14:0d:0a:4c:55:71:86:80:87:00:ed:18:a8:02:ad:e2:
7a:cd:4f:8d:e3:5f:7d:fc:58:6f:30:7b:98:6a:b7:a3:84:51:
e4:a1:2f:d8:eb:c9:91:6b:45:8e:c6:5b:d5:82:c2:8c:1c:fd:
4c:19:2f:cc:2f:67:46:78:29:75:a9:06:a4:0e:f7:f6:31:f2:
3f:4a:c5:7b:0b:bf:fc:d1:a4:f0:ea:39:1c:ab:1b:dd:8d:8b:
71:ae:60:ad:e0:00:99:e1:69:e9:08:c8:76:9d:52:fe:54:68:
f8:8e:38:c1
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZK5ldOQ2DjDcxmleVAn81egMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMDIzMTMzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBlMWI5OTgwZmRhODc3ZTJlZmExNDkwNDlhZWJkMjVmMWYwYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvATfO1ilqLhBzjlaDEi8+egSJiVc
grnmoSx2AqDMCtsA4Kzc1MqUdn50zprTpoTUo1uJsytpUPa2s70zkU7L/S4XtWPl
XeYejzT0VME5nD201rMEUgSNdEiQm5MLemJ864Ihn+zZ8gwCp/nx0F+T2+FLDpLh
Aal6neDlCi0zyEJmjc+owZfPPyS3vooeZ2FaLZOInhrF2xgIre3Sk1psq7VwRjjj
N5MSjsMQRc3+PEB1Qpe1oJ+ZKDtzZky2ePIcD5YnN6qSPmCFiZRNViO/HEHPXois
Ij1QuuCuaTPs5/CcOxLTrG9Ue2+FpWJVPGSKXqhgnlksafPxUgA/K87upwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFJQOG5mA/ah34u+hSQSa69JfHwx/MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbEE0Ym1ZRDlxSGZpNzZGSkJKcnIwbDhmREg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqO
AwQATVqQMAwDBAFNWpIDBABNWpQDBADV0YoDBADV0Y8wFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCsBvntVux2ffjK+/FFuDLJbwD1iMXK
BJhZcJlMt8VQDOR6DiSNSrBz6d8nJp1jrrZVLtBgKpgTXsupQxoxa02g1FMqWcfs
HSOSQkdjblLvYNVHRl0UzWXWXFqSZO6pvuxl2ee7y3ECLvTHu8y3GUb37hjjXqNg
Xu8modO9q43SA8e0AKa9sh6RF7eGnPut/eeoPBQNCkxVcYaAhwDtGKgCreJ6zU+N
4199/FhvMHuYarejhFHkoS/Y68mRa0WOxlvVgsKMHP1MGS/ML2dGeCl1qQakDvf2
MfI/SsV7C7/80aTw6jkcqxvdjYtxrmCt4ACZ4WnpCMh2nVL+VGj4jjjB
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:07 2024 by rpki-client on console-fra.rpki-client.org