Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nzLiy8RcWDjyPoHkpJS6Z3onZt8.roa
File: nzLiy8RcWDjyPoHkpJS6Z3onZt8.roa (raw, json)
Hash identifier: 6hagT8ph00Exo/mN9x0rZdT+qvvP2PcuX8ZcYgOE7u4=
Subject key identifier: 9F:32:E2:CB:C4:5C:58:38:F2:3E:81:E4:A4:94:BA:67:7A:27:66:DF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A89EC76AE2C8D952A6C06186D5BE04851
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nzLiy8RcWDjyPoHkpJS6Z3onZt8.roa
Signing time: Tue 12 Sep 2023 15:04:50 +0000
ROA not before: Tue 12 Sep 2023 15:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Sat 16 Sep 2023 11:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:ec:76:ae:2c:8d:95:2a:6c:06:18:6d:5b:e0:48:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 12 15:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f32e2cbc45c5838f23e81e4a494ba677a2766df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:46:80:79:bb:2c:73:a7:f8:4e:8b:7e:c4:c5:
7f:48:cb:ed:9b:00:19:81:cb:a8:4f:09:72:f7:f8:
c6:19:7f:cc:f0:d2:0b:f4:73:f5:6d:0f:78:50:68:
73:87:9f:a7:b6:a2:da:43:ca:c8:2d:43:2a:0a:d2:
4b:36:81:e5:a2:66:6d:93:2d:7c:ee:38:a5:f5:9d:
25:f1:0a:36:ac:fa:c0:d1:aa:4e:ac:94:a1:2c:7b:
f5:7b:86:19:e9:2b:fb:14:56:61:15:92:bd:99:ac:
53:d5:40:dc:20:93:f8:ea:31:ba:2d:73:72:3c:0d:
27:89:fd:83:04:0a:5a:a3:8c:ed:6c:6c:a9:75:2b:
20:4e:a0:41:b4:eb:53:92:d5:7f:f3:55:67:5b:74:
e6:0d:34:4b:17:6b:72:82:c5:aa:06:3d:37:6e:41:
fd:9b:e2:9d:5b:6b:c1:89:96:23:0b:ab:6d:3a:58:
10:5a:c4:51:94:5f:d5:73:8b:e9:2b:83:87:07:a3:
1d:80:bc:c5:88:2a:59:9f:b6:40:66:a3:3e:15:1c:
c4:a8:6a:f5:21:66:a3:42:e3:d8:ac:67:df:46:97:
5a:85:65:d1:ab:77:7c:c4:51:87:16:28:e6:0c:05:
a0:bb:40:d1:91:e4:08:e7:3b:26:4d:64:b0:2e:d8:
33:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:32:E2:CB:C4:5C:58:38:F2:3E:81:E4:A4:94:BA:67:7A:27:66:DF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/nzLiy8RcWDjyPoHkpJS6Z3onZt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.143.0/24
213.209.146.0/24
213.209.150.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
70:29:d3:3f:f8:15:9d:46:14:b4:0d:0b:55:a5:ac:2b:91:de:
f6:17:3f:13:32:55:95:21:f0:d4:bf:49:c6:f5:e9:e3:3c:33:
d9:d4:68:ef:fc:0c:63:88:7d:16:53:f1:d2:61:6b:44:52:89:
54:49:7c:23:96:bf:a7:20:ff:0d:3a:df:6d:ad:05:91:5a:79:
18:cf:46:56:67:b8:5b:09:5b:0f:c7:00:a2:59:eb:19:a1:60:
ef:96:d5:78:03:41:b6:bf:4c:6a:e3:7a:7b:1f:68:1c:49:2c:
05:a3:04:15:b4:d2:f3:ea:9e:9f:df:9b:e2:c7:e4:71:d2:2d:
bc:f7:8f:c7:2e:ac:f1:3e:95:46:35:f4:ba:0b:86:32:a7:9a:
9a:5d:8a:8d:3d:3e:17:f5:d9:40:4a:c0:65:25:1b:ac:fe:09:
54:9d:6e:ee:c6:c0:b1:03:8d:3d:11:da:ff:d1:f7:c3:2d:77:
7b:8f:a0:ce:7f:d1:82:37:98:02:49:79:59:54:22:88:0f:56:
43:51:83:a0:a0:b4:c8:5a:d1:8b:1f:4c:db:5d:4f:e1:8d:ea:
62:e5:5f:ce:b8:06:56:a5:7f:92:ab:97:41:f3:03:66:fb:63:
5a:9d:e8:d7:a1:1f:71:57:ad:98:cf:9a:c8:cc:4e:b0:ad:82:
28:bf:5c:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYqJ7HauLI2VKmwGGG1b4EhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTEyMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMyZTJjYmM0NWM1ODM4ZjIzZTgxZTRhNDk0YmE2NzdhMjc2NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUaAebssc6f4Tot+xMV/SMvtmwAZ
gcuoTwly9/jGGX/M8NIL9HP1bQ94UGhzh5+ntqLaQ8rILUMqCtJLNoHlomZtky18
7jil9Z0l8Qo2rPrA0apOrJShLHv1e4YZ6Sv7FFZhFZK9maxT1UDcIJP46jG6LXNy
PA0nif2DBApao4ztbGypdSsgTqBBtOtTktV/81VnW3TmDTRLF2tygsWqBj03bkH9
m+KdW2vBiZYjC6ttOlgQWsRRlF/Vc4vpK4OHB6MdgLzFiCpZn7ZAZqM+FRzEqGr1
IWajQuPYrGffRpdahWXRq3d8xFGHFijmDAWgu0DRkeQI5zsmTWSwLtgz3wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFJ8y4svEXFg48j6B5KSUumd6J2bfMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbnpMaXk4UmNXRGp5UG9Ia3BKUzZaM29uWnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEALnmDQMEALnmDgMEANXRigMEANXRjwMEANXRkgME
ANXRlgMEANXRnzAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBAHAp0z/4FZ1GFLQNC1WlrCuR3vYXPxMyVZUh8NS/Scb16eM8M9nUaO/8DGOI
fRZT8dJha0RSiVRJfCOWv6cg/w06322tBZFaeRjPRlZnuFsJWw/HAKJZ6xmhYO+W
1XgDQba/TGrjensfaBxJLAWjBBW00vPqnp/fm+LH5HHSLbz3j8curPE+lUY19LoL
hjKnmppdio09Phf12UBKwGUlG6z+CVSdbu7GwLEDjT0R2v/R98Mtd3uPoM5/0YI3
mAJJeVlUIogPVkNRg6CgtMha0YsfTNtdT+GN6mLlX864Blalf5Krl0HzA2b7Y1qd
6NehH3FXrZjPmsjMTrCtgii/XMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org