Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tWRi8rRayMogggTrmzRQW1Do3hs.roa
File: tWRi8rRayMogggTrmzRQW1Do3hs.roa (raw, json)
Hash identifier: WmWSiPikRBzVbVrDRxIP2eAc21SfYIyvPS4ujD31vH8=
Subject key identifier: B5:64:62:F2:B4:5A:C8:CA:20:82:04:EB:9B:34:50:5B:50:E8:DE:1B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018AE52323ACD7AF58A71EFF22D33D49C96C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tWRi8rRayMogggTrmzRQW1Do3hs.roa
Signing time: Sat 30 Sep 2023 08:09:59 +0000
ROA not before: Sat 30 Sep 2023 08:09:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1280:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 04 Oct 2023 19:07:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e5:23:23:ac:d7:af:58:a7:1e:ff:22:d3:3d:49:c9:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 30 08:09:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b56462f2b45ac8ca208204eb9b34505b50e8de1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bf:a8:db:b9:42:c4:49:f7:0d:96:1b:d2:66:
20:da:3b:c2:b3:46:cc:c3:7d:b4:93:70:2c:c6:30:
f2:57:ce:06:d4:3f:c6:1a:e7:d2:32:75:8f:c3:b7:
f2:09:b6:2c:34:1b:9a:f5:74:2f:16:6a:45:cc:d5:
5a:b7:81:22:79:a0:97:56:00:55:9d:0d:04:87:8f:
56:72:15:6e:60:63:87:57:08:e1:3a:bb:c3:c8:34:
1f:a3:b3:d4:82:1d:d9:8d:7d:bf:0d:d0:1b:04:9a:
14:00:ee:1e:7e:e1:31:d3:5e:c4:dc:5a:dd:8b:8b:
a3:c3:6b:d1:f9:5c:f0:52:d8:17:5a:78:a4:fd:65:
9a:fa:38:f3:f3:58:27:1b:e9:bc:d5:5f:5d:2a:37:
2c:72:ac:3c:cd:be:0d:0e:c9:a1:7e:eb:9a:76:ff:
14:db:2f:97:cb:03:df:cc:e5:65:0a:e2:40:4a:10:
4b:04:56:ce:c1:f3:d4:8c:27:13:24:c9:a4:98:97:
df:73:19:17:a6:0d:9f:1a:70:04:a0:48:99:c1:a9:
eb:b3:f8:53:03:f0:e3:27:5c:3c:4e:ce:05:3d:dd:
e9:4f:4b:88:59:9f:06:56:00:04:38:59:4a:bd:df:
26:77:20:28:66:9c:ae:23:3a:ed:01:4c:93:74:e1:
9e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:62:F2:B4:5A:C8:CA:20:82:04:EB:9B:34:50:5B:50:E8:DE:1B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tWRi8rRayMogggTrmzRQW1Do3hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.13.0-185.230.15.255
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
06:b9:2a:aa:78:ce:92:a7:e5:58:e6:08:df:91:63:43:24:7f:
ab:b8:ca:ac:8d:ce:42:f6:bb:42:90:38:1e:ff:f6:54:9d:fd:
cc:7c:8a:73:5e:9a:14:c2:d2:ae:99:cc:77:f8:e8:95:ed:35:
24:f7:66:6b:e9:30:53:4f:a9:ee:a2:85:1c:23:16:94:47:76:
6e:52:d6:12:14:8e:c6:33:5f:4e:72:a5:49:a7:6d:5b:cb:db:
35:ce:bd:0a:39:6f:e8:e0:09:21:40:3c:ef:e5:24:9d:0a:a5:
9e:3a:9f:ce:9f:6f:62:7b:84:03:7c:2a:d1:a2:7c:4a:a4:4f:
4f:cc:1e:78:cd:4f:2b:e2:71:10:b1:4f:5b:60:fa:40:76:f5:
0f:5e:b0:d5:4d:90:18:12:d0:e1:b8:39:3e:b4:a0:77:43:ca:
26:49:ef:7f:dc:f1:4e:07:6a:18:30:d5:3c:22:0c:f7:b1:f9:
52:3c:63:fa:58:f4:f1:49:9d:9d:e3:07:87:4c:24:60:14:1d:
e6:1f:46:0c:03:82:11:8b:76:70:ef:f5:48:4c:a3:c7:65:2c:
b9:0a:2d:d3:8f:4a:c8:9c:81:e6:40:03:2c:e6:bf:8c:36:ff:
2d:ef:db:5e:b2:f9:ae:b2:c1:98:8f:58:e8:88:04:8b:9c:3a:
a0:b1:7d:bc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYrlIyOs169Ypx7/ItM9SclsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTMwMDgwOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY0NjJmMmI0NWFjOGNhMjA4MjA0ZWI5YjM0NTA1YjUwZThkZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL+o27lCxEn3DZYb0mYg2jvCs0bM
w320k3AsxjDyV84G1D/GGufSMnWPw7fyCbYsNBua9XQvFmpFzNVat4EieaCXVgBV
nQ0Eh49WchVuYGOHVwjhOrvDyDQfo7PUgh3ZjX2/DdAbBJoUAO4efuEx017E3Frd
i4ujw2vR+VzwUtgXWnik/WWa+jjz81gnG+m81V9dKjcscqw8zb4NDsmhfuuadv8U
2y+XywPfzOVlCuJAShBLBFbOwfPUjCcTJMmkmJffcxkXpg2fGnAEoEiZwanrs/hT
A/DjJ1w8Ts4FPd3pT0uIWZ8GVgAEOFlKvd8mdyAoZpyuIzrtAUyTdOGe3QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFLVkYvK0WsjKIIIE65s0UFtQ6N4bMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdFdSaThyUmF5TW9nZ2dUcm16UlFXMURvM2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkwDAMEALnmDQMEBLnmAAMEANXRijAMAwQA1dGR
AwQA1dGSAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsF
AAOCAQEABrkqqnjOkqflWOYI35FjQyR/q7jKrI3OQva7QpA4Hv/2VJ39zHyKc16a
FMLSrpnMd/jole01JPdma+kwU0+p7qKFHCMWlEd2blLWEhSOxjNfTnKlSadtW8vb
Nc69Cjlv6OAJIUA87+UknQqlnjqfzp9vYnuEA3wq0aJ8SqRPT8weeM1PK+JxELFP
W2D6QHb1D16w1U2QGBLQ4bg5PrSgd0PKJknvf9zxTgdqGDDVPCIM97H5Ujxj+lj0
8UmdneMHh0wkYBQd5h9GDAOCEYt2cO/1SEyjx2UsuQot049KyJyB5kADLOa/jDb/
Le/bXrL5rrLBmI9Y6IgEi5w6oLF9vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org