Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lRY-1X-pAd95MZY29WbjkcrZc7g.roa
File: lRY-1X-pAd95MZY29WbjkcrZc7g.roa (raw, json)
Hash identifier: cbXbwiFKKB5suHJpeEzZjTvKP/WtZPM8/NaEET85TOs=
Subject key identifier: 95:16:3E:D5:7F:A9:01:DF:79:31:96:36:F5:66:E3:91:CA:D9:73:B8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F61CC66DADBDC3A5198FEE85EE134254B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lRY-1X-pAd95MZY29WbjkcrZc7g.roa
Signing time: Fri 10 May 2024 09:18:56 +0000
ROA not before: Fri 10 May 2024 09:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 19 May 2024 11:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:cc:66:da:db:dc:3a:51:98:fe:e8:5e:e1:34:25:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 10 09:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95163ed57fa901df79319636f566e391cad973b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8e:70:b2:10:12:6e:4c:4b:15:6f:c3:bf:45:
3d:3c:bd:17:bb:cc:ad:42:53:71:52:d6:ba:dd:9f:
cf:06:84:99:1f:5b:4a:9b:de:c6:b6:04:2a:7b:06:
f2:4b:08:12:4d:70:d1:24:6c:e3:83:78:23:e1:53:
e8:15:ed:73:a2:47:1c:1a:d9:59:0c:9f:31:66:a1:
35:a0:25:d9:fd:0e:3f:3d:1a:c7:6a:bc:56:59:df:
65:4b:44:cc:78:f5:57:24:f4:06:10:66:73:ea:15:
84:24:56:5b:6d:73:28:f7:34:32:41:8e:f6:2e:71:
8c:91:b1:4d:53:9c:10:ec:87:77:e5:89:7a:84:c8:
a8:21:bc:8d:8f:24:fe:60:e5:34:16:f9:4d:84:db:
ce:25:c6:70:29:e3:24:03:79:1c:46:97:cf:15:5a:
df:a5:37:26:c1:2c:1c:3e:e8:58:e5:87:ad:9b:6a:
b1:91:34:30:41:79:64:bf:50:55:61:73:38:95:58:
b7:3f:ad:4e:61:be:6c:d1:35:90:6c:52:cf:d0:6c:
2c:ac:03:59:e1:2b:df:cb:f0:53:15:c7:86:e4:af:
ca:93:23:fe:5f:04:9e:a4:3e:d0:f6:07:9e:2c:a4:
4f:9e:ba:68:5d:f8:42:ec:d0:0d:0e:1f:7a:82:9a:
65:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:16:3E:D5:7F:A9:01:DF:79:31:96:36:F5:66:E3:91:CA:D9:73:B8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lRY-1X-pAd95MZY29WbjkcrZc7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0/24
213.209.138.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
35:27:a7:83:69:ad:ed:cc:c4:d6:e1:74:27:09:c6:9a:1d:72:
63:02:6a:b5:09:74:53:44:ff:96:cc:88:aa:7e:78:bc:5e:55:
f2:22:83:53:bd:e3:55:f4:a5:c2:12:58:02:3c:70:54:be:29:
6c:0c:ee:9c:20:9e:28:67:20:a8:8f:2c:4c:92:78:9b:3d:33:
c2:11:36:c5:4f:6d:ba:18:44:0d:39:b6:f9:c6:5c:bc:53:9a:
f2:cf:fc:2b:64:08:11:6a:95:cc:8c:d6:d2:6f:ae:f7:7a:9f:
2c:9e:42:9b:72:9a:fb:71:e7:80:aa:9e:06:58:d9:e2:c3:90:
6c:bc:c7:e5:4a:80:6b:b3:f4:55:0b:f5:15:00:e3:b3:cd:7a:
73:14:10:94:d2:5d:62:70:63:a9:94:7b:37:39:ce:82:07:81:
2e:57:20:0d:4a:19:b9:9e:d6:c0:28:cf:2d:c0:1c:b2:cd:7e:
61:ae:70:d6:89:60:36:f8:f9:97:fa:ca:cf:1e:33:e1:00:9c:
9d:c6:b7:1c:96:cc:f7:46:9c:64:67:59:ec:1b:9d:81:68:67:
c0:2c:45:ef:35:6a:3a:65:83:99:2d:55:6e:86:08:15:62:fc:
f1:3e:f7:d3:71:d8:7b:60:98:52:a0:a2:2c:fe:ff:38:82:57:
b9:93:a4:e6
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY9hzGba29w6UZj+6F7hNCVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNTEwMDkxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE2M2VkNTdmYTkwMWRmNzkzMTk2MzZmNTY2ZTM5MWNhZDk3M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Y5wshASbkxLFW/Dv0U9PL0Xu8yt
QlNxUta63Z/PBoSZH1tKm97GtgQqewbySwgSTXDRJGzjg3gj4VPoFe1zokccGtlZ
DJ8xZqE1oCXZ/Q4/PRrHarxWWd9lS0TMePVXJPQGEGZz6hWEJFZbbXMo9zQyQY72
LnGMkbFNU5wQ7Id35Yl6hMioIbyNjyT+YOU0FvlNhNvOJcZwKeMkA3kcRpfPFVrf
pTcmwSwcPuhY5Yetm2qxkTQwQXlkv1BVYXM4lVi3P61OYb5s0TWQbFLP0GwsrANZ
4Svfy/BTFceG5K/KkyP+XwSepD7Q9geeLKRPnrpoXfhC7NANDh96gpplzwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJUWPtV/qQHfeTGWNvVm45HK2XO4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbFJZLTFYLXBBZDk1TVpZMjlXYmprY3JaYzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQAueYNAwQA1dGKAwQA1dGRMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEANSeng2mt7czE1uF0JwnGmh1yYwJqtQl0
U0T/lsyIqn54vF5V8iKDU73jVfSlwhJYAjxwVL4pbAzunCCeKGcgqI8sTJJ4mz0z
whE2xU9tuhhEDTm2+cZcvFOa8s/8K2QIEWqVzIzW0m+u93qfLJ5Cm3Ka+3HngKqe
BljZ4sOQbLzH5UqAa7P0VQv1FQDjs816cxQQlNJdYnBjqZR7NznOggeBLlcgDUoZ
uZ7WwCjPLcAcss1+Ya5w1olgNvj5l/rKzx4z4QCcnca3HJbM90acZGdZ7BudgWhn
wCxF7zVqOmWDmS1VboYIFWL88T7303HYe2CYUqCiLP7/OIJXuZOk5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org