Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oofRe6QId12o58LfwH0bKAAXyWU.roa
File: oofRe6QId12o58LfwH0bKAAXyWU.roa (raw, json)
Hash identifier: hNkuZppZAbTiujzgusxyBI/m6myKg8u5RQzuB/n0WGA=
Subject key identifier: A2:87:D1:7B:A4:08:77:5D:A8:E7:C2:DF:C0:7D:1B:28:00:17:C9:65
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01900441B8C3B4D745D353319F198E1A2FAD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oofRe6QId12o58LfwH0bKAAXyWU.roa
Signing time: Mon 10 Jun 2024 22:25:34 +0000
ROA not before: Mon 10 Jun 2024 22:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 15:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:04:41:b8:c3:b4:d7:45:d3:53:31:9f:19:8e:1a:2f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 10 22:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a287d17ba408775da8e7c2dfc07d1b280017c965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:49:31:84:89:53:15:b4:9d:50:a8:48:1e:ae:
52:cc:fb:d5:d1:b2:a3:5e:13:00:41:8f:dc:f9:89:
78:b4:2c:69:46:a1:b8:11:3c:24:3a:34:0b:77:8c:
6e:48:09:cf:57:c3:2a:24:c9:ec:66:a6:fb:03:77:
a1:8a:15:17:60:a9:6b:0f:cb:2e:27:6d:3c:62:35:
43:ab:25:8d:b3:b7:2a:98:ee:50:60:53:e5:be:c5:
c0:91:59:14:1d:72:d6:33:7a:4d:0e:27:fe:7a:18:
f9:3d:41:7a:38:c6:53:77:79:70:69:f4:a7:55:f4:
e4:9f:5a:1b:c6:cb:6e:70:c5:77:31:86:dc:60:d8:
47:8a:c6:41:23:42:b6:91:73:31:a5:f1:8b:8a:d5:
fa:fe:05:8d:83:19:90:c7:97:f6:ef:8e:b8:f7:eb:
b4:69:16:ce:67:98:16:ea:f9:fa:24:1b:93:b0:72:
98:4c:a0:36:b7:1a:98:60:97:04:6f:21:97:d7:31:
92:e3:9c:ff:8d:b4:2b:ed:dd:b3:08:9d:96:49:c3:
04:68:50:4a:9f:64:e7:9f:f5:e9:a7:1a:ea:c1:8d:
f0:52:f3:cf:dd:b3:02:2e:16:c1:aa:d2:e8:ea:fa:
b3:c6:4a:97:2b:82:08:af:0c:3f:36:19:51:36:ac:
2c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:87:D1:7B:A4:08:77:5D:A8:E7:C2:DF:C0:7D:1B:28:00:17:C9:65
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oofRe6QId12o58LfwH0bKAAXyWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
0e:9b:5d:5c:03:05:b0:03:7e:e5:dd:3c:42:21:19:f6:2d:7a:
17:a6:a5:55:c3:51:02:07:62:ba:44:ed:95:57:48:71:6f:50:
84:a7:fc:34:46:30:21:bb:11:49:cf:02:cd:ce:f3:e1:2f:ba:
20:5a:a7:7f:e9:f7:1c:29:7b:15:e9:f8:a9:7d:eb:a9:55:3b:
85:a1:f6:48:65:b7:de:0a:23:13:18:87:f9:10:98:4d:72:f0:
81:2f:b6:d2:8e:0a:4f:1c:d5:7b:65:2a:92:d7:d5:31:9c:3b:
78:18:52:50:40:92:8c:82:4b:a8:6d:7b:44:b5:95:ee:da:87:
d0:96:ee:6a:66:9b:ff:d4:92:11:a5:87:9d:28:4e:b0:46:59:
5b:dd:ce:77:20:2c:3f:db:61:8e:db:3d:e1:f5:a6:63:c5:4e:
bf:9a:28:00:79:b9:a8:4f:a4:b1:de:24:08:50:d6:11:53:ed:
07:b5:c1:67:fd:41:6a:4a:f2:5e:7c:ee:00:65:86:38:cb:99:
62:ac:82:0b:cc:7b:77:be:cf:95:98:a9:bc:80:8c:ea:e4:bb:
fc:5c:9b:72:ab:b6:4d:60:70:f4:51:bc:66:39:f0:96:6d:5c:
8f:6f:71:07:3b:8e:e3:64:7a:bb:4a:cd:2c:1b:08:16:23:74:
85:c9:d6:68
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZAEQbjDtNdF01MxnxmOGi+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjEwMjIyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjg3ZDE3YmE0MDg3NzVkYThlN2MyZGZjMDdkMWIyODAwMTdjOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUkxhIlTFbSdUKhIHq5SzPvV0bKj
XhMAQY/c+Yl4tCxpRqG4ETwkOjQLd4xuSAnPV8MqJMnsZqb7A3ehihUXYKlrD8su
J208YjVDqyWNs7cqmO5QYFPlvsXAkVkUHXLWM3pNDif+ehj5PUF6OMZTd3lwafSn
VfTkn1obxstucMV3MYbcYNhHisZBI0K2kXMxpfGLitX6/gWNgxmQx5f274649+u0
aRbOZ5gW6vn6JBuTsHKYTKA2txqYYJcEbyGX1zGS45z/jbQr7d2zCJ2WScMEaFBK
n2Tnn/XppxrqwY3wUvPP3bMCLhbBqtLo6vqzxkqXK4IIrww/NhlRNqwsmQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFKKH0XukCHddqOfC38B9GygAF8llMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvb29mUmU2UUlkMTJvNThMZndIMGJLQUFYeVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBAC55g4DBADV0YEDBADV0YowDAMEANXRkQME
ANXRkgMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAA6bXVwDBbADfuXdPEIhGfYtehempVXDUQIHYrpE7ZVXSHFvUISn
/DRGMCG7EUnPAs3O8+EvuiBap3/p9xwpexXp+Kl966lVO4Wh9khlt94KIxMYh/kQ
mE1y8IEvttKOCk8c1XtlKpLX1TGcO3gYUlBAkoyCS6hte0S1le7ah9CW7mpmm//U
khGlh50oTrBGWVvdzncgLD/bYY7bPeH1pmPFTr+aKAB5uahPpLHeJAhQ1hFT7Qe1
wWf9QWpK8l587gBlhjjLmWKsggvMe3e+z5WYqbyAjOrku/xcm3Krtk1gcPRRvGY5
8JZtXI9vcQc7juNkertKzSwbCBYjdIXJ1mg=
-----END CERTIFICATE-----
Generated at Tue Jun 11 20:23:05 2024 by rpki-client on console-ams.rpki-client.org