Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/p2zxPnnqSBxCC7w_W5DaytFWRkI.roa
File: p2zxPnnqSBxCC7w_W5DaytFWRkI.roa (raw, json)
Hash identifier: 977Hw2Gil2iFIB6N87QYalVFFdOzW0CLYvVrgbQab1Y=
Subject key identifier: A7:6C:F1:3E:79:EA:48:1C:42:0B:BC:3F:5B:90:DA:CA:D1:56:46:42
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018BA92861A8BF7B52C0C7BC3F50CDBA08CF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/p2zxPnnqSBxCC7w_W5DaytFWRkI.roa
Signing time: Tue 07 Nov 2023 09:41:17 +0000
ROA not before: Tue 07 Nov 2023 09:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:28:61:a8:bf:7b:52:c0:c7:bc:3f:50:cd:ba:08:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 7 09:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a76cf13e79ea481c420bbc3f5b90dacad1564642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:69:3e:83:da:bc:18:97:9e:26:78:0b:42:e9:
7a:7d:3a:62:b6:28:96:f6:44:7f:70:39:3e:e2:01:
f9:33:e0:e4:2c:1e:a4:ea:e2:b5:b9:57:70:4b:0a:
0d:8f:b9:4f:d1:bc:ea:3c:40:a3:3f:54:a5:bd:22:
85:41:e8:be:27:13:f9:e6:8c:03:94:d8:c5:4a:0f:
56:ad:0d:80:3e:c9:e2:3c:0b:64:05:37:55:62:d1:
2a:cd:cc:d9:0b:09:6b:77:b1:d4:91:8e:5a:dd:41:
8c:14:d1:8e:8b:22:10:bb:13:61:6d:1b:e0:c9:ab:
10:23:76:d8:95:68:52:d0:0a:11:36:18:c7:6f:4c:
66:ac:14:f2:f2:9b:78:a9:6b:96:13:81:61:c7:4d:
79:23:a0:09:b7:f0:52:06:13:9a:1e:6b:cc:5f:1c:
96:74:d6:be:47:9f:87:70:43:7a:e9:64:13:cd:c2:
2b:e8:e5:ef:61:2b:09:3e:fa:4b:ae:fc:bb:a8:35:
15:70:a7:89:09:c5:b0:cc:21:39:a7:71:ab:f8:54:
6f:42:be:20:b9:d1:8a:b1:62:79:bc:f0:0f:02:84:
de:87:2c:b1:1b:91:d4:b2:4c:81:df:d5:0f:9e:d5:
5e:af:8e:4e:9c:2a:ea:14:75:09:3c:ac:cf:6c:86:
24:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6C:F1:3E:79:EA:48:1C:42:0B:BC:3F:5B:90:DA:CA:D1:56:46:42
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/p2zxPnnqSBxCC7w_W5DaytFWRkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0/24
77.90.188.0/24
185.230.14.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
14:84:0d:5a:c3:0d:47:56:37:32:b9:e9:fa:e6:47:63:58:97:
60:6e:da:61:d8:16:d3:b0:94:d7:f4:c1:ef:dc:be:10:07:24:
17:23:cd:bb:a4:6f:54:33:9f:b4:b5:46:93:85:5b:3d:f2:e9:
3f:63:6c:5b:13:d6:40:a8:d0:5c:b3:11:16:83:a7:61:28:eb:
c1:bf:57:1a:de:50:b2:53:53:74:69:48:73:a8:71:a5:18:47:
cb:21:b4:f2:64:33:c6:6c:ea:49:33:0a:f8:23:7d:53:c7:8f:
1e:24:b7:23:d2:e7:67:3d:cb:b3:9c:47:5c:03:b6:91:e6:b3:
41:91:d8:5c:c9:39:c1:84:ca:7b:1a:7a:99:0e:7b:fe:5f:25:
52:9a:c5:d9:4b:a4:77:10:3a:6c:db:5f:2c:a0:48:4d:c6:03:
75:b4:9d:3c:94:99:d2:50:9a:10:82:c0:13:28:ec:47:77:1b:
58:78:e0:44:8a:ca:e9:ef:af:48:5b:14:ca:d0:7f:68:a6:8c:
44:e0:50:66:fa:f2:f5:1b:6f:f8:60:57:e5:f6:90:3d:34:43:
7d:9a:9b:3b:12:51:25:9b:33:37:71:43:50:f3:71:e6:fe:f6:
17:7f:39:bc:ff:5a:c9:6b:13:35:d4:3a:9f:14:d4:12:5b:64:
59:ce:85:71
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYupKGGov3tSwMe8P1DNugjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMTA3MDk0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZjZjEzZTc5ZWE0ODFjNDIwYmJjM2Y1YjkwZGFjYWQxNTY0NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWk+g9q8GJeeJngLQul6fTpitiiW
9kR/cDk+4gH5M+DkLB6k6uK1uVdwSwoNj7lP0bzqPECjP1SlvSKFQei+JxP55owD
lNjFSg9WrQ2APsniPAtkBTdVYtEqzczZCwlrd7HUkY5a3UGMFNGOiyIQuxNhbRvg
yasQI3bYlWhS0AoRNhjHb0xmrBTy8pt4qWuWE4Fhx015I6AJt/BSBhOaHmvMXxyW
dNa+R5+HcEN66WQTzcIr6OXvYSsJPvpLrvy7qDUVcKeJCcWwzCE5p3Gr+FRvQr4g
udGKsWJ5vPAPAoTehyyxG5HUskyB39UPntVer45OnCrqFHUJPKzPbIYkYQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKds8T556kgcQgu8P1uQ2srRVkZCMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvcDJ6eFBubnFTQnhDQzd3X1c1RGF5dEZXUmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGAwDAMEB01a
gAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpQD
BABNWpkDBABNWrwDBAC55g4DBADV0YoDBADV0ZEDBADV0ZYDBADV0Z0wFAQCAAIw
DgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQAUhA1aww1HVjcyuen6
5kdjWJdgbtph2BbTsJTX9MHv3L4QByQXI827pG9UM5+0tUaThVs98uk/Y2xbE9ZA
qNBcsxEWg6dhKOvBv1ca3lCyU1N0aUhzqHGlGEfLIbTyZDPGbOpJMwr4I31Tx48e
JLcj0udnPcuznEdcA7aR5rNBkdhcyTnBhMp7GnqZDnv+XyVSmsXZS6R3EDps218s
oEhNxgN1tJ08lJnSUJoQgsATKOxHdxtYeOBEisrp769IWxTK0H9opoxE4FBm+vL1
G2/4YFfl9pA9NEN9mps7ElElmzM3cUNQ83Hm/vYXfzm8/1rJaxM11DqfFNQSW2RZ
zoVx
-----END CERTIFICATE-----
Generated at Sat Nov 11 12:41:17 2023 by rpki-client on console-ams.rpki-client.org