Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rJ30dZKYfrsNyHADR2Pyo5WEneU.roa
File: rJ30dZKYfrsNyHADR2Pyo5WEneU.roa (raw, json)
Hash identifier: 6GpbOT0dDHjp9AFaYMo0YGR+aMO53TQidWHOfNUgdkQ=
Subject key identifier: AC:9D:F4:75:92:98:7E:BB:0D:C8:70:03:47:63:F2:A3:95:84:9D:E5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019188F376AABA940FF6D44D51C3031B45E5
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rJ30dZKYfrsNyHADR2Pyo5WEneU.roa
Signing time: Sun 25 Aug 2024 09:52:22 +0000
ROA not before: Sun 25 Aug 2024 09:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Aug 2024 09:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:88:f3:76:aa:ba:94:0f:f6:d4:4d:51:c3:03:1b:45:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 25 09:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac9df47592987ebb0dc870034763f2a395849de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:99:1e:3d:9c:72:ef:01:58:ce:46:be:fa:
88:8b:18:21:07:1b:85:14:a2:e4:b0:3d:a3:7d:52:
5f:0a:80:e6:58:4b:52:94:a0:d0:cd:07:79:15:cc:
78:eb:07:b7:ec:d2:3f:ff:d2:8b:01:0e:0f:c8:41:
f1:26:71:71:8e:51:dd:da:8c:96:1d:fc:a8:4c:37:
69:37:e5:8d:92:04:12:57:7a:a4:1c:5b:f7:55:19:
d6:8a:ee:7d:be:51:19:89:06:84:56:77:b4:0c:6e:
65:6e:11:90:c7:06:d9:18:77:f4:8c:08:40:23:a4:
5f:2a:62:28:e3:52:d2:10:c9:90:f7:41:51:e3:b5:
61:cd:8a:38:e3:91:7d:ba:75:f8:2f:fc:3e:8d:fc:
56:22:dd:85:22:f8:a9:a0:81:fb:aa:74:1d:0b:ae:
58:96:02:89:30:84:a3:78:07:e5:68:9e:2a:72:d9:
88:3c:61:1c:10:7b:cb:fb:1b:96:b4:89:57:79:fc:
47:59:07:07:77:1a:50:c0:d2:79:9e:b8:5d:58:3d:
f4:b8:10:21:52:cd:23:2c:59:29:96:0b:66:d7:57:
09:36:a9:e6:ce:db:a9:51:00:87:3a:46:47:95:15:
48:d6:67:d1:27:fb:77:28:15:70:b4:23:35:ad:d9:
63:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9D:F4:75:92:98:7E:BB:0D:C8:70:03:47:63:F2:A3:95:84:9D:E5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/rJ30dZKYfrsNyHADR2Pyo5WEneU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
3a:8f:96:1e:16:40:1e:b6:02:75:e6:34:a8:d2:2a:ac:12:37:
29:f5:0a:2b:c4:8a:a3:d0:ca:c0:3c:4a:9e:70:d9:d2:ca:57:
a8:07:eb:6c:e0:50:4c:27:6a:03:f8:68:8f:d5:ce:72:60:29:
5b:f2:e2:09:7f:1c:23:10:66:12:a6:c4:5f:f0:da:d1:a2:30:
63:86:24:2a:61:c4:80:8a:78:c8:5e:e7:f4:17:71:94:ba:ec:
d5:5f:d6:73:7f:c8:1e:36:78:f1:08:f5:6c:51:2a:db:39:3c:
2f:58:8f:16:d4:88:e7:c3:6b:75:04:66:cb:6c:84:00:40:23:
22:54:0d:c7:0e:db:d9:0a:89:ef:cc:f8:02:7e:84:66:1d:5d:
80:b4:a5:90:60:0d:3c:d6:f3:87:c7:55:42:09:2c:b0:3d:db:
8d:ad:8e:70:34:54:72:71:5b:fc:ef:79:48:ff:0e:c2:b0:44:
c2:75:6c:52:ad:aa:4f:0b:06:f5:5a:44:be:c5:c9:d9:f5:eb:
66:61:9b:a3:8d:ad:a6:40:bf:d0:63:5c:5a:a0:da:ea:59:af:
62:ea:05:76:4b:6d:e9:81:57:67:c5:dd:47:3d:b5:d8:7e:45:
e8:4c:ba:08:62:2c:b2:18:41:55:4b:03:2a:01:fa:8c:12:2d:
0d:d5:bf:36
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZGI83aqupQP9tRNUcMDG0XlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODI1MDk1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlkZjQ3NTkyOTg3ZWJiMGRjODcwMDM0NzYzZjJhMzk1ODQ5ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCZHj2ccu8BWM5GvvqIixghBxuF
FKLksD2jfVJfCoDmWEtSlKDQzQd5Fcx46we37NI//9KLAQ4PyEHxJnFxjlHd2oyW
HfyoTDdpN+WNkgQSV3qkHFv3VRnWiu59vlEZiQaEVne0DG5lbhGQxwbZGHf0jAhA
I6RfKmIo41LSEMmQ90FR47VhzYo445F9unX4L/w+jfxWIt2FIvipoIH7qnQdC65Y
lgKJMISjeAflaJ4qctmIPGEcEHvL+xuWtIlXefxHWQcHdxpQwNJ5nrhdWD30uBAh
Us0jLFkplgtm11cJNqnmztupUQCHOkZHlRVI1mfRJ/t3KBVwtCM1rdlj/QIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFKyd9HWSmH67DchwA0dj8qOVhJ3lMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvckozMGRaS1lmcnNOeUhBRFIyUHlvNVdFbmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQwDAMEAE1amQMEAE1amgMEALnmDgMEANXRgQMEANXRigME
ANXRljAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBADqP
lh4WQB62AnXmNKjSKqwSNyn1CivEiqPQysA8Sp5w2dLKV6gH62zgUEwnagP4aI/V
znJgKVvy4gl/HCMQZhKmxF/w2tGiMGOGJCphxICKeMhe5/QXcZS67NVf1nN/yB42
ePEI9WxRKts5PC9YjxbUiOfDa3UEZstshABAIyJUDccO29kKie/M+AJ+hGYdXYC0
pZBgDTzW84fHVUIJLLA9242tjnA0VHJxW/zveUj/DsKwRMJ1bFKtqk8LBvVaRL7F
ydn162Zhm6ONraZAv9BjXFqg2upZr2LqBXZLbemBV2fF3Uc9tdh+RehMughiLLIY
QVVLAyoB+owSLQ3VvzY=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:41:47 2024 by rpki-client on console-fra.rpki-client.org