Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/makGmqfGv-LR1a2mXZiGV_smwXo.roa
File: makGmqfGv-LR1a2mXZiGV_smwXo.roa (raw, json)
Hash identifier: 2ulUZwpiyGTLlBt06hxcdLX5ySWfHRSjOBqjnEmXbUw=
Subject key identifier: 99:A9:06:9A:A7:C6:BF:E2:D1:D5:AD:A6:5D:98:86:57:FB:26:C1:7A
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D93528704D670510541DC8D3F23876297
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/makGmqfGv-LR1a2mXZiGV_smwXo.roa
Signing time: Sat 10 Feb 2024 14:01:15 +0000
ROA not before: Sat 10 Feb 2024 14:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Feb 2024 16:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:52:87:04:d6:70:51:05:41:dc:8d:3f:23:87:62:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Feb 10 14:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99a9069aa7c6bfe2d1d5ada65d988657fb26c17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:75:78:85:4a:fa:ea:d4:a1:49:82:8a:8c:
af:02:63:df:93:64:59:87:77:41:8f:59:62:5f:5d:
99:44:ae:9b:68:77:33:40:11:26:70:d9:fd:83:f5:
75:5f:3e:46:66:1d:09:43:85:01:6a:50:d9:5a:55:
ca:d3:7f:34:ac:16:fd:16:8e:11:17:28:03:ed:04:
e7:20:3e:b6:a4:e6:90:eb:dc:d3:5e:d4:56:66:fb:
8b:32:89:7b:b6:2b:9a:c5:55:b7:bd:6b:ae:4f:26:
00:fb:9b:b4:27:8d:25:28:c5:1e:1b:4c:48:22:88:
d9:9f:88:48:e8:81:29:0c:f5:1e:1d:2e:89:75:05:
68:aa:53:13:c5:01:d9:77:a2:82:05:ce:b1:90:76:
26:d3:9b:72:cf:58:92:a0:c8:64:d2:97:7c:36:d5:
6b:7d:50:26:e6:a1:ef:e1:7c:ae:23:10:16:9c:13:
0e:7e:12:07:2f:41:41:b5:f1:e5:2e:cf:4a:4c:38:
fc:d4:a3:cc:c6:82:db:08:13:fa:55:04:f6:12:d7:
64:68:db:9f:8b:cf:13:c3:82:90:4e:b6:c4:6e:5b:
48:46:2c:57:35:75:27:7d:d9:14:46:73:d9:cc:38:
01:a1:01:56:eb:ee:13:f7:ac:a6:65:03:e9:f6:00:
60:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A9:06:9A:A7:C6:BF:E2:D1:D5:AD:A6:5D:98:86:57:FB:26:C1:7A
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/makGmqfGv-LR1a2mXZiGV_smwXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
26:34:b8:72:20:40:d1:47:80:28:0e:de:c2:80:21:1f:5d:ee:
54:01:d2:a5:4e:5f:9e:a3:d8:84:f2:84:a4:d3:4b:15:b5:4b:
b9:d9:00:85:e2:98:48:23:2d:18:1b:a7:80:f7:e0:e9:04:8c:
ca:ba:2f:49:a5:e0:7c:eb:e1:a0:7e:e8:73:69:63:59:9a:21:
0d:74:65:be:5d:ce:fc:7f:7f:41:cb:a7:67:2a:07:43:22:c0:
d4:89:4b:19:de:fd:d6:7c:27:96:d1:f8:b9:e6:48:2b:e8:46:
31:8d:cc:ba:ab:a0:5d:6d:c9:30:78:fe:b5:69:db:e7:cf:30:
06:4c:2b:38:9f:60:d5:d0:18:5f:94:6d:60:ff:52:31:06:6e:
d4:a7:99:27:f5:08:b2:d3:e5:90:a1:08:67:4c:ea:d4:1c:d9:
e0:31:db:3e:73:ae:87:f3:62:e3:24:dc:b8:22:98:88:67:bc:
21:c7:9e:38:f6:6b:bd:1e:0e:7e:e8:2d:e0:55:af:70:18:2d:
bf:6c:f3:f1:97:fd:af:76:44:6e:65:24:b8:d4:15:34:95:1b:
58:18:1d:00:7b:66:02:4e:76:52:11:a4:52:a6:b6:f3:cf:ee:
91:59:53:1b:3e:9a:54:1a:44:db:b7:86:22:50:e4:7b:02:81:
36:b8:77:9e
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY2TUocE1nBRBUHcjT8jh2KXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMjEwMTQwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE5MDY5YWE3YzZiZmUyZDFkNWFkYTY1ZDk4ODY1N2ZiMjZjMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI51eIVK+urUoUmCioyvAmPfk2RZ
h3dBj1liX12ZRK6baHczQBEmcNn9g/V1Xz5GZh0JQ4UBalDZWlXK0380rBb9Fo4R
FygD7QTnID62pOaQ69zTXtRWZvuLMol7tiuaxVW3vWuuTyYA+5u0J40lKMUeG0xI
IojZn4hI6IEpDPUeHS6JdQVoqlMTxQHZd6KCBc6xkHYm05tyz1iSoMhk0pd8NtVr
fVAm5qHv4XyuIxAWnBMOfhIHL0FBtfHlLs9KTDj81KPMxoLbCBP6VQT2EtdkaNuf
i88Tw4KQTrbEbltIRixXNXUnfdkURnPZzDgBoQFW6+4T96ymZQPp9gBgCQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJmpBpqnxr/i0dWtpl2Yhlf7JsF6MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbWFrR21xZkd2LUxSMWEybVhaaUdWX3Ntd1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAM
AwQBTVqSAwQATVqUAwQA1dGBAwQA1dGKAwQA1dGPAwQA1dGRMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAJjS4ciBA0UeAKA7ewoAhH13u
VAHSpU5fnqPYhPKEpNNLFbVLudkAheKYSCMtGBungPfg6QSMyrovSaXgfOvhoH7o
c2ljWZohDXRlvl3O/H9/QcunZyoHQyLA1IlLGd791nwnltH4ueZIK+hGMY3Muqug
XW3JMHj+tWnb588wBkwrOJ9g1dAYX5RtYP9SMQZu1KeZJ/UIstPlkKEIZ0zq1BzZ
4DHbPnOuh/Ni4yTcuCKYiGe8IceeOPZrvR4Ofugt4FWvcBgtv2zz8Zf9r3ZEbmUk
uNQVNJUbWBgdAHtmAk52UhGkUqa288/ukVlTGz6aVBpE27eGIlDkewKBNrh3ng==
-----END CERTIFICATE-----
Generated at Tue Feb 13 20:23:45 2024 by rpki-client on console-ams.rpki-client.org