Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rHX7kqzRvVlxT02o65N-hM7DlIc.roa
File: rHX7kqzRvVlxT02o65N-hM7DlIc.roa (raw, json)
Hash identifier: L7sukv/HJjIThHMWDL2GoFKJnCm9OggCeT5OnXrUzps=
Subject key identifier: AC:75:FB:92:AC:D1:BD:59:71:4F:4D:A8:EB:93:7E:84:CE:C3:94:87
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189F56647AE2CD9EF366E7824BBD473E7EC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rHX7kqzRvVlxT02o65N-hM7DlIc.roa
Signing time: Mon 14 Aug 2023 18:54:28 +0000
ROA not before: Mon 14 Aug 2023 18:54:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 15 Aug 2023 16:36:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:66:47:ae:2c:d9:ef:36:6e:78:24:bb:d4:73:e7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 14 18:54:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac75fb92acd1bd59714f4da8eb937e84cec39487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:ab:2a:94:2e:1e:c4:0c:9b:5f:c6:92:55:
77:32:d8:56:22:7b:7b:6d:4d:d4:05:8c:ef:e0:85:
78:46:96:ed:c1:7a:27:12:3e:a0:9f:f7:e1:52:4b:
a3:7d:6b:da:35:8f:66:16:a4:82:0c:20:dc:63:5f:
fa:15:41:b4:ef:a0:ca:cc:e6:20:92:a1:d7:a9:10:
97:a4:32:10:94:3e:a4:e7:b5:7b:b9:a9:68:d7:dc:
7f:e2:7d:ef:25:62:00:bd:1a:42:a9:0e:ec:00:5a:
85:55:65:41:e5:2c:10:90:32:f1:7d:66:8c:7e:a8:
79:0b:01:3a:4c:31:65:b1:b7:88:a4:11:a3:3c:8a:
a4:68:91:54:71:03:a0:7d:29:17:a4:07:47:7c:56:
32:f0:0f:73:a4:5c:d1:27:08:8e:79:51:c5:ef:3e:
15:8a:7a:8e:41:f2:d5:37:fb:b1:ff:fa:f5:74:54:
d8:3e:50:48:05:07:69:7a:ff:6a:a0:e2:cd:7d:12:
13:b3:8b:b8:22:bc:26:3e:3a:ed:c0:3b:94:17:19:
cd:49:4c:63:17:05:5d:69:cd:e8:90:51:a8:62:f3:
3b:79:5b:ea:0e:59:b0:38:91:01:ee:c6:fd:b7:71:
95:6a:e0:1c:03:1d:20:9b:eb:2a:91:a0:ed:e2:f8:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:75:FB:92:AC:D1:BD:59:71:4F:4D:A8:EB:93:7E:84:CE:C3:94:87
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rHX7kqzRvVlxT02o65N-hM7DlIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.151.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
04:c1:3e:3c:59:34:31:9b:1f:9d:b3:ed:cd:9e:48:0f:c5:00:
8a:0e:7c:c9:1f:d9:21:e4:81:66:04:66:90:dc:f9:ab:0b:6e:
14:34:64:9d:e3:be:77:e1:13:ac:71:28:a4:1d:39:30:7b:8f:
9e:33:f8:16:7b:7d:07:a8:37:e1:18:60:0d:3c:67:ae:0a:1a:
4e:55:ab:39:36:15:02:69:bf:8a:47:97:1f:39:08:33:94:e8:
b4:b6:39:ff:84:3d:9b:a8:df:d8:e7:01:9a:4e:66:ec:be:7e:
89:a5:e6:36:e9:63:bb:91:11:8a:03:a4:ea:d0:31:b4:f9:eb:
eb:39:e1:44:ff:bb:33:ff:9e:73:a5:fe:ff:82:94:75:19:2f:
04:c6:4f:3c:7d:25:7c:67:f0:0c:d7:18:f8:e8:58:1c:8e:ec:
2e:36:81:f0:3d:d8:fb:83:6f:18:ca:97:00:9d:e0:0f:fe:9a:
2d:bd:53:c3:ae:6d:4e:46:fd:ae:74:34:65:c8:fa:8f:fc:18:
ac:e5:54:3d:b0:cc:8c:e7:f5:f9:64:a6:70:42:0e:b7:5a:03:
ce:5b:98:65:74:76:31:23:3e:5a:c5:69:73:1e:9f:f2:2c:78:
7d:04:12:d0:f9:92:0c:70:25:f1:2a:68:72:dd:78:a6:95:d0:
43:b0:57:56
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAYn1ZkeuLNnvNm54JLvUc+fsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODE0MTg1NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc1ZmI5MmFjZDFiZDU5NzE0ZjRkYThlYjkzN2U4NGNlYzM5NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFWrKpQuHsQMm1/GklV3MthWInt7
bU3UBYzv4IV4RpbtwXonEj6gn/fhUkujfWvaNY9mFqSCDCDcY1/6FUG076DKzOYg
kqHXqRCXpDIQlD6k57V7ualo19x/4n3vJWIAvRpCqQ7sAFqFVWVB5SwQkDLxfWaM
fqh5CwE6TDFlsbeIpBGjPIqkaJFUcQOgfSkXpAdHfFYy8A9zpFzRJwiOeVHF7z4V
inqOQfLVN/ux//r1dFTYPlBIBQdpev9qoOLNfRITs4u4IrwmPjrtwDuUFxnNSUxj
FwVdac3okFGoYvM7eVvqDlmwOJEB7sb9t3GVauAcAx0gm+sqkaDt4vipBwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFKx1+5Ks0b1ZcU9NqOuTfoTOw5SHMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvckhYN2txelJ2Vmx4VDAybzY1Ti1oTTdEbEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
MAwDBABNWpkDBABNWpowDAMEALnmDQMEALnmDgMEANXRigMEANXRlwMEANXRnTAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAATBPjxZNDGb
H52z7c2eSA/FAIoOfMkf2SHkgWYEZpDc+asLbhQ0ZJ3jvnfhE6xxKKQdOTB7j54z
+BZ7fQeoN+EYYA08Z64KGk5Vqzk2FQJpv4pHlx85CDOU6LS2Of+EPZuo39jnAZpO
Zuy+foml5jbpY7uREYoDpOrQMbT56+s54UT/uzP/nnOl/v+ClHUZLwTGTzx9JXxn
8AzXGPjoWByO7C42gfA92PuDbxjKlwCd4A/+mi29U8OubU5G/a50NGXI+o/8GKzl
VD2wzIzn9flkpnBCDrdaA85bmGV0djEjPlrFaXMen/IseH0EEtD5kgxwJfEqaHLd
eKaV0EOwV1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org