Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ste679DlN7P714t8yESLWVXBZNY.roa
File: ste679DlN7P714t8yESLWVXBZNY.roa (raw, json)
Hash identifier: WLmwgTVlB9SMRW6gK+W7zo0yPyNFUnNlBkPv5iPDodc=
Subject key identifier: B2:D7:BA:EF:D0:E5:37:B3:FB:D7:8B:7C:C8:44:8B:59:55:C1:64:D6
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A418E12BF883B9B59FDC87847B2161C4E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ste679DlN7P714t8yESLWVXBZNY.roa
Signing time: Tue 29 Aug 2023 13:49:04 +0000
ROA not before: Tue 29 Aug 2023 13:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:8e:12:bf:88:3b:9b:59:fd:c8:78:47:b2:16:1c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 29 13:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2d7baefd0e537b3fbd78b7cc8448b5955c164d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:10:5b:40:ac:d8:7c:87:13:63:8d:a5:95:45:
2a:9b:f2:67:19:b6:8f:44:a5:c5:2a:ad:98:51:ff:
db:09:78:db:f9:a4:61:f7:e2:90:6a:c3:3c:7f:4f:
56:84:38:41:88:73:6a:ff:e5:06:34:a5:0d:ae:16:
10:e9:0a:22:41:e1:59:81:87:be:f5:39:c7:60:09:
d5:f5:5c:14:cb:8b:04:d4:11:48:02:27:81:e4:5f:
7d:54:6f:e3:e2:28:c3:cc:4e:e3:5b:a2:37:b7:14:
ae:e7:6b:10:db:0f:ca:91:b7:60:ef:e5:46:01:4b:
e6:f7:c7:5d:c9:88:6b:eb:a5:b1:e1:8f:0d:08:c2:
12:74:b7:de:f2:a5:84:a7:3c:9e:64:bd:a6:84:5a:
db:0a:88:a5:0d:57:cd:bc:4e:62:33:70:ef:6c:2a:
c7:1b:af:a4:9f:8d:3b:4e:c1:23:94:82:82:fe:85:
06:0f:54:3a:76:e3:a9:20:17:db:f7:07:7b:7e:b5:
77:4a:51:4e:f1:6a:ec:4d:7a:63:56:95:e3:2d:f0:
6b:c4:66:29:e7:a1:a3:d3:7e:87:68:12:5d:5c:b0:
4d:e6:db:20:e8:50:c0:cc:e5:80:1f:8f:2b:c7:5c:
30:25:ad:6f:43:50:16:e7:71:aa:0f:04:a2:1e:a4:
24:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D7:BA:EF:D0:E5:37:B3:FB:D7:8B:7C:C8:44:8B:59:55:C1:64:D6
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ste679DlN7P714t8yESLWVXBZNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
5c:96:22:3f:f6:7c:6d:db:c0:42:e9:c4:d4:f5:ae:b4:4b:25:
18:0d:3d:b7:66:b7:cd:b9:1d:42:1f:9b:44:6f:78:e1:2e:cc:
cd:b3:ae:c4:30:dd:18:07:5e:c4:be:6f:df:80:8d:ab:bc:1e:
82:e3:23:43:3d:09:17:e1:ef:e9:ad:9e:e8:a5:35:46:b6:61:
ba:06:b8:29:1f:bf:20:05:fe:56:6c:fe:34:94:0c:63:e9:db:
0c:9f:31:69:92:dc:f2:a8:ba:4f:e5:87:79:c2:04:4a:ff:a7:
46:e7:a7:a8:87:eb:2c:d3:5f:39:af:14:bd:34:7b:da:5d:f0:
c9:99:e1:f7:bf:16:3c:a0:9c:98:4d:e9:c2:b7:ab:2a:bf:27:
0c:78:1c:80:bb:c7:81:ba:ef:f9:32:d9:7d:f7:81:c9:cb:be:
65:79:b0:43:b3:77:05:85:fc:c8:c9:ac:e8:7a:f3:6e:dc:95:
4d:f3:a5:6f:a1:db:ef:74:52:55:d5:98:e2:b5:53:fc:0c:1f:
30:a9:42:c9:fd:6f:3c:85:ce:89:71:99:2a:61:99:42:3c:d6:
56:e1:17:ca:45:b1:ec:b1:f3:ed:74:be:1c:0f:b3:ad:71:aa:
4b:26:58:86:46:73:4a:d4:19:37:d8:59:c6:15:bd:a7:88:9b:
37:af:e5:74
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYpBjhK/iDubWf3IeEeyFhxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODI5MTM0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ3YmFlZmQwZTUzN2IzZmJkNzhiN2NjODQ0OGI1OTU1YzE2NGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRBbQKzYfIcTY42llUUqm/JnGbaP
RKXFKq2YUf/bCXjb+aRh9+KQasM8f09WhDhBiHNq/+UGNKUNrhYQ6QoiQeFZgYe+
9TnHYAnV9VwUy4sE1BFIAieB5F99VG/j4ijDzE7jW6I3txSu52sQ2w/Kkbdg7+VG
AUvm98ddyYhr66Wx4Y8NCMISdLfe8qWEpzyeZL2mhFrbCoilDVfNvE5iM3DvbCrH
G6+kn407TsEjlIKC/oUGD1Q6duOpIBfb9wd7frV3SlFO8WrsTXpjVpXjLfBrxGYp
56Gj036HaBJdXLBN5tsg6FDAzOWAH48rx1wwJa1vQ1AW53GqDwSiHqQk7wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLLXuu/Q5Tez+9eLfMhEi1lVwWTWMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvc3RlNjc5RGxON1A3MTR0OHlFU0xXVlhCWk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBABNWrwwDAMEALnmDQMEALnmDgMEANXRijAM
AwQA1dGRAwQA1dGSAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG
9w0BAQsFAAOCAQEAXJYiP/Z8bdvAQunE1PWutEslGA09t2a3zbkdQh+bRG944S7M
zbOuxDDdGAdexL5v34CNq7weguMjQz0JF+Hv6a2e6KU1RrZhuga4KR+/IAX+Vmz+
NJQMY+nbDJ8xaZLc8qi6T+WHecIESv+nRuenqIfrLNNfOa8UvTR72l3wyZnh978W
PKCcmE3pwrerKr8nDHgcgLvHgbrv+TLZffeBycu+ZXmwQ7N3BYX8yMms6HrzbtyV
TfOlb6Hb73RSVdWY4rVT/AwfMKlCyf1vPIXOiXGZKmGZQjzWVuEXykWx7LHz7XS+
HA+zrXGqSyZYhkZzStQZN9hZxhW9p4ibN6/ldA==
-----END CERTIFICATE-----
Generated at Tue Aug 29 21:38:16 2023 by rpki-client on console-ams.rpki-client.org