Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ou1qcBvgIHHsvAnHhKm5VPM1ank.roa
File: ou1qcBvgIHHsvAnHhKm5VPM1ank.roa (raw, json)
Hash identifier: +Yh/1DZp2B6ZMl2U5KpLZ177mO0tgs1e0gmzhlCK/mo=
Subject key identifier: A2:ED:6A:70:1B:E0:20:71:EC:BC:09:C7:84:A9:B9:54:F3:35:6A:79
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01889623D9D05CB778A50DD9846AED4A6727
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ou1qcBvgIHHsvAnHhKm5VPM1ank.roa
Signing time: Wed 07 Jun 2023 13:55:11 +0000
ROA not before: Wed 07 Jun 2023 13:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:23:d9:d0:5c:b7:78:a5:0d:d9:84:6a:ed:4a:67:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 7 13:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2ed6a701be02071ecbc09c784a9b954f3356a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:8a:2f:cb:f9:5e:eb:d5:a2:30:3f:b5:77:
78:37:31:76:1b:d3:ce:bc:be:15:5e:01:0d:bf:fc:
e7:66:0f:1d:21:23:97:03:6c:c7:2d:df:ee:22:0d:
76:50:db:ad:4b:a2:23:aa:73:eb:b0:1e:c6:26:7d:
df:92:0f:d3:bd:64:ed:e3:ec:b4:d7:97:90:15:05:
ed:f4:56:f0:9e:dc:03:c7:a7:00:d0:49:25:be:b0:
cd:c6:80:0c:5d:66:b3:19:f6:95:d5:27:b1:91:2c:
ef:70:60:49:32:0f:8b:f2:8a:df:ec:a8:96:38:9f:
45:28:12:fb:59:8a:f2:60:50:16:33:38:15:f6:ec:
15:27:02:3d:5c:a7:20:85:c5:99:4a:92:a3:df:d5:
f9:47:6e:32:94:53:1d:01:92:d4:bd:d1:cd:4f:4c:
07:88:c8:b0:a7:94:4c:4b:01:42:e6:4b:43:2b:8f:
e5:77:d3:94:ac:14:6c:8e:5c:6d:a5:09:35:64:b8:
9a:42:b8:dd:6c:58:d2:b4:79:88:f9:0a:94:fd:3b:
87:07:3a:29:3e:66:c7:58:a6:a0:d9:92:16:86:c0:
d1:8b:e0:fb:f6:4c:59:08:a6:fc:1f:e8:92:b7:12:
b8:6c:1d:1c:fa:7f:84:45:cd:5c:bb:c7:84:bc:ba:
39:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:ED:6A:70:1B:E0:20:71:EC:BC:09:C7:84:A9:B9:54:F3:35:6A:79
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ou1qcBvgIHHsvAnHhKm5VPM1ank.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.185.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b1:0e:7a:0f:1d:e6:19:5e:34:f7:f8:97:34:c4:de:82:44:6a:
f3:9f:f5:f9:de:a8:2b:aa:4b:29:59:d0:92:88:71:3b:87:6a:
bb:2e:f9:09:bc:48:c4:72:03:f5:44:6f:0e:5a:15:57:66:99:
d3:30:d2:bd:dd:d3:a9:bb:4d:16:84:74:23:f9:03:73:7b:00:
68:cd:19:83:1b:cf:8d:12:57:dc:be:7f:a2:83:e4:38:b0:53:
e2:5d:b9:3b:c0:a9:4f:9e:d4:fd:b7:1e:d7:0b:6d:3b:f0:16:
e3:07:63:15:a7:82:32:76:03:c1:ac:1d:4f:51:88:33:4e:6b:
5b:85:a6:cd:ab:25:76:ff:41:f4:65:9d:b4:0e:df:39:49:9e:
7c:a5:8b:50:32:c9:93:d1:83:52:16:8d:d7:11:11:54:6a:7c:
d2:82:8e:87:6b:04:86:51:65:52:fe:e1:ad:c7:3d:2e:0f:4a:
4e:9c:43:55:9d:3d:44:97:1f:48:f6:e1:22:a2:91:51:8d:aa:
13:93:56:e5:7a:76:6f:e3:23:67:4a:f2:b4:5b:75:f2:b5:66:
73:7f:de:fb:03:ad:6b:de:62:26:46:ac:dc:fc:08:91:68:9b:
cb:04:1a:aa:bd:ac:18:18:bc:87:0c:cd:92:3f:bb:42:6b:de:
fa:74:b1:d3
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYiWI9nQXLd4pQ3ZhGrtSmcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjA3MTM1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVkNmE3MDFiZTAyMDcxZWNiYzA5Yzc4NGE5Yjk1NGYzMzU2YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0biKL8v5XuvVojA/tXd4NzF2G9PO
vL4VXgENv/znZg8dISOXA2zHLd/uIg12UNutS6IjqnPrsB7GJn3fkg/TvWTt4+y0
15eQFQXt9FbwntwDx6cA0EklvrDNxoAMXWazGfaV1SexkSzvcGBJMg+L8orf7KiW
OJ9FKBL7WYryYFAWMzgV9uwVJwI9XKcghcWZSpKj39X5R24ylFMdAZLUvdHNT0wH
iMiwp5RMSwFC5ktDK4/ld9OUrBRsjlxtpQk1ZLiaQrjdbFjStHmI+QqU/TuHBzop
PmbHWKag2ZIWhsDRi+D79kxZCKb8H+iStxK4bB0c+n+ERc1cu8eEvLo59QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKLtanAb4CBx7LwJx4SpuVTzNWp5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvb3UxcWNCdmdJSEhzdkFuSGhLbTVWUE0xYW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKMAwDBAdNWoAD
BABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpID
BABNWpQDBABNWrkDBADV0YowFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3
DQEBCwUAA4IBAQCxDnoPHeYZXjT3+Jc0xN6CRGrzn/X53qgrqkspWdCSiHE7h2q7
LvkJvEjEcgP1RG8OWhVXZpnTMNK93dOpu00WhHQj+QNzewBozRmDG8+NElfcvn+i
g+Q4sFPiXbk7wKlPntT9tx7XC2078BbjB2MVp4IydgPBrB1PUYgzTmtbhabNqyV2
/0H0ZZ20Dt85SZ58pYtQMsmT0YNSFo3XERFUanzSgo6HawSGUWVS/uGtxz0uD0pO
nENVnT1Elx9I9uEiopFRjaoTk1blenZv4yNnSvK0W3XytWZzf977A61r3mImRqzc
/AiRaJvLBBqqvawYGLyHDM2SP7tCa976dLHT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org