Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uPwiGpA9sQ3TvHcKROtBAnJxhUg.roa
File: uPwiGpA9sQ3TvHcKROtBAnJxhUg.roa (raw, json)
Hash identifier: cCJE0p5/lY2JfrKiQ3OcMSGZVMB9vfHlWn5RNJiV7SA=
Subject key identifier: B8:FC:22:1A:90:3D:B1:0D:D3:BC:77:0A:44:EB:41:02:72:71:85:48
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01940A3034F69A37A5038A6FA5F478B38B09
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uPwiGpA9sQ3TvHcKROtBAnJxhUg.roa
Signing time: Fri 27 Dec 2024 22:15:18 +0000
ROA not before: Fri 27 Dec 2024 22:15:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0a:30:34:f6:9a:37:a5:03:8a:6f:a5:f4:78:b3:8b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 27 22:15:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8fc221a903db10dd3bc770a44eb410272718548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:ea:c8:cd:cf:69:fa:bf:da:e6:41:8d:20:
b9:26:84:bf:27:5b:d8:1b:92:b8:f2:f9:0b:c9:8b:
99:b6:25:94:a3:d8:a8:94:9e:99:40:cb:a3:71:59:
da:24:af:db:15:83:88:52:98:39:8b:d9:66:b2:26:
cd:d2:02:a6:91:40:45:99:33:d9:f7:19:8e:9f:dc:
ff:2a:22:f3:6c:88:38:cc:13:25:89:be:51:32:dc:
f1:9f:9f:fb:89:18:56:e2:a4:79:0c:0a:1f:9b:56:
10:e7:d1:04:20:b7:3f:62:e8:5d:46:08:a3:0e:dc:
55:0a:0d:39:55:65:02:b2:48:54:11:27:06:ae:16:
bc:c8:89:36:ea:c2:33:3c:a8:62:5e:04:8b:75:b8:
0b:22:84:32:76:78:34:b2:1a:41:75:aa:a4:59:9f:
8b:ce:91:b3:46:fd:37:3b:1a:35:f8:cf:51:e9:f6:
c3:2d:80:94:db:6a:c9:88:bb:32:ac:16:55:df:d4:
35:08:f7:fc:0d:3f:f0:ba:a1:57:08:ef:23:f3:1c:
9d:df:ef:ed:ae:6f:65:4c:f2:2e:5e:e5:37:14:a9:
90:cb:3a:f3:4c:2f:d4:c2:b4:97:dd:e0:46:c0:c3:
fa:dd:7b:6d:cd:14:81:bc:31:89:36:4e:1f:26:45:
47:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:FC:22:1A:90:3D:B1:0D:D3:BC:77:0A:44:EB:41:02:72:71:85:48
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uPwiGpA9sQ3TvHcKROtBAnJxhUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.164.0/24
213.209.129.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
3d:75:24:d2:51:c5:12:b3:67:ba:b8:39:dd:8f:75:f6:0a:e4:
b8:0f:e1:54:b8:92:e7:c8:4b:91:9a:f0:da:93:10:08:70:83:
1d:ac:b0:0f:78:66:55:f8:25:14:9b:93:97:75:7b:e1:fa:cf:
3a:bb:88:88:b2:61:50:75:f9:e6:93:63:83:f4:9a:80:b9:0d:
51:42:a7:ab:6e:62:44:73:21:a2:0c:34:1b:da:46:1b:33:1b:
7f:f9:e6:ef:36:c7:e8:52:b8:e4:99:8c:58:50:44:2f:b8:de:
5f:9f:f4:ce:2a:0b:8d:ea:e4:12:7d:95:e9:5d:a6:a4:38:57:
43:cd:5e:9c:6d:2a:49:b7:33:9c:92:0b:d6:20:cf:16:30:77:
2b:ff:7e:8c:62:7b:e0:4b:0a:3c:01:a4:6e:b6:6d:c3:6c:1b:
ed:a1:5c:3d:eb:5c:c7:09:c6:7e:a1:cd:6f:38:98:1c:93:08:
b7:b5:41:ae:72:c9:a3:14:0a:f4:32:3f:0e:09:a0:77:e9:10:
b3:62:0a:89:51:d6:d0:15:25:49:64:13:fb:d0:04:7b:3a:05:
fa:de:c7:cf:fe:36:7f:eb:e3:ec:6a:b5:55:1b:b4:d8:1d:40:
95:c5:ed:b2:8c:b7:73:dc:33:a8:db:b7:9b:fe:1e:c4:25:c4:
8d:37:3e:fb
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZQKMDT2mjelA4pvpfR4s4sJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQxMjI3MjIxNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGZjMjIxYTkwM2RiMTBkZDNiYzc3MGE0NGViNDEwMjcyNzE4NTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArADqyM3Pafq/2uZBjSC5JoS/J1vY
G5K48vkLyYuZtiWUo9iolJ6ZQMujcVnaJK/bFYOIUpg5i9lmsibN0gKmkUBFmTPZ
9xmOn9z/KiLzbIg4zBMlib5RMtzxn5/7iRhW4qR5DAofm1YQ59EEILc/YuhdRgij
DtxVCg05VWUCskhUEScGrha8yIk26sIzPKhiXgSLdbgLIoQydng0shpBdaqkWZ+L
zpGzRv03Oxo1+M9R6fbDLYCU22rJiLsyrBZV39Q1CPf8DT/wuqFXCO8j8xyd3+/t
rm9lTPIuXuU3FKmQyzrzTC/UwrSX3eBGwMP63XttzRSBvDGJNk4fJkVH7QIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFLj8IhqQPbEN07x3CkTrQQJycYVIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdVB3aUdwQTlzUTNUdkhjS1JPdEJBbkp4aFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQMEAE1apAMEANXRgQMEANXRijAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAD11JNJRxRKz
Z7q4Od2PdfYK5LgP4VS4kufIS5Ga8NqTEAhwgx2ssA94ZlX4JRSbk5d1e+H6zzq7
iIiyYVB1+eaTY4P0moC5DVFCp6tuYkRzIaIMNBvaRhszG3/55u82x+hSuOSZjFhQ
RC+43l+f9M4qC43q5BJ9leldpqQ4V0PNXpxtKkm3M5ySC9YgzxYwdyv/foxie+BL
CjwBpG62bcNsG+2hXD3rXMcJxn6hzW84mByTCLe1Qa5yyaMUCvQyPw4JoHfpELNi
ColR1tAVJUlkE/vQBHs6Bfrex8/+Nn/r4+xqtVUbtNgdQJXF7bKMt3PcM6jbt5v+
HsQlxI03Pvs=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:00:44 2025 by rpki-client