Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mD35o27JoGynX-wPWnrpva_Qj6A.roa
File: mD35o27JoGynX-wPWnrpva_Qj6A.roa (raw, json)
Hash identifier: 1mm1CtXnDW/msKxfEx9G3ouYzo/ujI4sI4u39XqQEw8=
Subject key identifier: 98:3D:F9:A3:6E:C9:A0:6C:A7:5F:EC:0F:5A:7A:E9:BD:AF:D0:8F:A0
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A43115756C0A61C130985B39EA7568591
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mD35o27JoGynX-wPWnrpva_Qj6A.roa
Signing time: Tue 29 Aug 2023 20:52:04 +0000
ROA not before: Tue 29 Aug 2023 20:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:43:11:57:56:c0:a6:1c:13:09:85:b3:9e:a7:56:85:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 29 20:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=983df9a36ec9a06ca75fec0f5a7ae9bdafd08fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:07:6c:67:12:35:4f:0a:c6:b1:86:90:79:62:
05:e6:fd:b1:fd:c7:37:f0:34:ab:bd:6b:21:55:91:
3c:da:c0:a7:b5:e2:1d:82:9c:5a:24:be:d6:8e:e4:
99:ac:9a:a1:bc:22:5c:5b:41:3c:b4:bd:3f:e3:b8:
86:85:b0:7e:99:fb:ab:b3:87:d2:a2:d0:83:54:40:
96:2b:23:2d:c3:70:a1:db:37:0f:55:ec:56:fa:1c:
a5:bb:d0:ef:14:a4:d6:47:8c:87:fb:59:65:fd:b1:
dd:17:9a:20:ce:7a:94:96:3b:a4:4d:85:b2:e7:14:
41:fd:ba:87:23:5e:31:ef:47:72:51:8b:7c:01:53:
1f:4b:70:7a:b4:ee:61:56:97:90:d1:23:fd:67:bd:
b5:1c:65:c2:8f:f6:e0:f7:0d:5d:8a:b8:b0:8f:ef:
fd:1d:01:41:97:fa:9e:34:92:70:cf:5b:07:92:97:
a3:74:34:66:33:28:ad:30:03:30:6a:c0:04:52:3a:
38:1f:58:af:77:9e:f9:5b:d5:f8:dc:52:01:cc:34:
da:dc:bd:b6:0f:42:c9:74:67:33:72:8c:9b:bb:64:
ff:a8:6c:71:fd:92:a3:60:08:b7:0a:e3:ec:f1:b4:
71:cc:d5:a2:08:44:38:d5:7c:df:89:f2:34:09:b6:
87:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3D:F9:A3:6E:C9:A0:6C:A7:5F:EC:0F:5A:7A:E9:BD:AF:D0:8F:A0
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mD35o27JoGynX-wPWnrpva_Qj6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.146.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a3:a9:bc:a9:a8:db:d7:4c:4c:d7:f0:bb:2b:72:c0:53:0d:f5:
d7:6e:95:bd:26:1f:dd:fc:8d:07:65:42:26:19:c2:aa:df:6d:
6e:49:5b:b2:5c:2a:5b:6f:25:79:62:fb:55:10:85:0e:0a:1c:
18:00:f9:82:14:81:f8:db:0f:ca:14:22:95:8c:21:f9:96:fa:
c6:f8:63:fb:64:4e:f8:55:39:3b:28:9d:5c:04:08:7d:16:72:
42:2c:dd:2f:0c:49:7a:02:82:93:42:a5:2e:aa:4a:95:22:7e:
c2:1d:49:4b:d2:bf:ff:6e:cb:1d:a1:4a:71:6e:73:7e:1f:d9:
f1:82:2b:f5:07:de:98:7c:af:b5:cc:2a:03:f2:b0:44:17:f8:
12:b0:98:c4:cc:e0:9e:bd:9d:01:a4:19:80:14:30:91:80:be:
e2:8a:95:3b:cd:4d:4b:c0:27:37:9c:85:ce:0d:a9:8b:7a:1e:
46:60:1e:13:d5:20:d0:5b:e8:da:a0:82:28:4d:8b:ae:79:84:
64:47:ed:b9:d9:9b:19:9a:a2:95:0a:82:a5:6f:85:fa:b8:d4:
46:f9:56:a5:cc:e5:7e:2e:e1:8f:89:da:b5:fb:d7:f5:dd:29:
b5:88:77:be:68:85:50:87:f7:a3:38:54:4b:a2:e1:ca:00:9c:
1e:72:6a:41
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYpDEVdWwKYcEwmFs56nVoWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODI5MjA1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNkZjlhMzZlYzlhMDZjYTc1ZmVjMGY1YTdhZTliZGFmZDA4ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQdsZxI1TwrGsYaQeWIF5v2x/cc3
8DSrvWshVZE82sCnteIdgpxaJL7WjuSZrJqhvCJcW0E8tL0/47iGhbB+mfurs4fS
otCDVECWKyMtw3Ch2zcPVexW+hylu9DvFKTWR4yH+1ll/bHdF5ogznqUljukTYWy
5xRB/bqHI14x70dyUYt8AVMfS3B6tO5hVpeQ0SP9Z721HGXCj/bg9w1diriwj+/9
HQFBl/qeNJJwz1sHkpejdDRmMyitMAMwasAEUjo4H1ivd575W9X43FIBzDTa3L22
D0LJdGczcoybu2T/qGxx/ZKjYAi3CuPs8bRxzNWiCEQ41XzfifI0CbaHnQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFJg9+aNuyaBsp1/sD1p66b2v0I+gMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbUQzNW8yN0pvR3luWC13UFducnB2YV9RajZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRigMEANXRkgMEANXRljAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAKOpvKmo29dM
TNfwuytywFMN9ddulb0mH938jQdlQiYZwqrfbW5JW7JcKltvJXli+1UQhQ4KHBgA
+YIUgfjbD8oUIpWMIfmW+sb4Y/tkTvhVOTsonVwECH0WckIs3S8MSXoCgpNCpS6q
SpUifsIdSUvSv/9uyx2hSnFuc34f2fGCK/UH3ph8r7XMKgPysEQX+BKwmMTM4J69
nQGkGYAUMJGAvuKKlTvNTUvAJzechc4NqYt6HkZgHhPVINBb6NqggihNi655hGRH
7bnZmxmaopUKgqVvhfq41Eb5VqXM5X4u4Y+J2rX71/XdKbWId75ohVCH96M4VEui
4coAnB5yakE=
Generated at Thu Aug 31 22:19:54 2023 by rpki-client on console-ams.rpki-client.org