Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujiCmNFQpe9GfCD4gRsf1fYqXzQ.roa
File: ujiCmNFQpe9GfCD4gRsf1fYqXzQ.roa (raw, json)
Hash identifier: y3zLopyu8FjmTVUrCEJ3GurSkFaVUmZjSmJlFsvaDek=
Subject key identifier: BA:38:82:98:D1:50:A5:EF:46:7C:20:F8:81:1B:1F:D5:F6:2A:5F:34
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018FF4C64E8BC09BCE0EBCBF9CAAE36C44FE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujiCmNFQpe9GfCD4gRsf1fYqXzQ.roa
Signing time: Fri 07 Jun 2024 22:16:27 +0000
ROA not before: Fri 07 Jun 2024 22:16:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 10:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f4:c6:4e:8b:c0:9b:ce:0e:bc:bf:9c:aa:e3:6c:44:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 7 22:16:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba388298d150a5ef467c20f8811b1fd5f62a5f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f4:d4:70:36:64:4c:13:05:79:9e:80:bf:d6:
a3:2e:a8:3d:ff:05:d9:4c:5f:82:17:b4:4d:63:65:
b3:de:97:4a:72:83:c5:7b:47:95:53:23:9b:94:dc:
d3:f2:dc:0f:e4:7a:88:7e:b6:a7:f3:47:ff:ed:f0:
cc:9b:d7:ea:67:07:d5:36:63:25:39:a8:75:37:0d:
95:09:30:2e:33:59:1d:7a:6a:55:1b:94:e0:36:b4:
e0:9d:a0:0a:44:0c:c5:9e:a8:f1:56:f8:8f:88:67:
fa:ce:21:82:f5:b2:38:99:8c:16:f5:0e:e2:6b:4c:
fe:1a:a8:7f:cd:36:02:7d:e5:20:36:97:91:87:77:
33:c5:eb:17:86:0b:cc:1d:3d:9a:b6:06:75:08:15:
59:42:95:77:2b:b0:da:96:f6:5b:7e:c5:b2:9c:ca:
78:ee:96:9e:9e:6f:25:45:f3:f1:90:95:0b:9d:50:
23:bf:4b:d3:db:43:82:02:ad:fd:7e:a7:c8:ba:71:
7c:0a:47:e9:7e:1a:ae:5a:62:24:65:05:76:9a:f6:
63:68:17:03:04:cd:ef:71:a8:59:4e:ce:e8:7e:ae:
ab:cb:de:cf:70:4c:c2:8d:f6:1d:4a:c8:33:a8:da:
52:0b:56:1f:c9:d0:5a:ed:a2:32:d6:df:c7:bf:0c:
25:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:38:82:98:D1:50:A5:EF:46:7C:20:F8:81:1B:1F:D5:F6:2A:5F:34
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ujiCmNFQpe9GfCD4gRsf1fYqXzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
48:d8:74:23:43:5d:c5:cf:0f:7f:e9:6e:bb:7c:d5:f0:a0:c3:
0d:09:da:f3:f2:75:00:bf:8b:9a:fc:12:94:ef:ff:b0:6c:f0:
5d:8c:8a:18:2a:c1:f7:2e:37:eb:25:06:41:ec:01:b1:83:6a:
88:b6:31:ba:a7:d0:d4:73:b3:d4:91:c4:28:30:1c:3e:12:db:
44:72:ff:8d:cf:d9:ef:52:3e:08:8e:8f:a4:c3:4e:bd:9b:73:
7d:30:67:c5:53:e2:4a:e0:42:26:99:30:2d:4f:2b:87:55:b0:
50:93:1d:95:3d:b5:81:8f:c0:86:a3:41:ff:2c:ee:c1:9d:3b:
cf:0b:ec:a2:b7:35:eb:f5:f6:d2:95:1e:22:be:cf:29:9d:02:
6e:d2:a2:5e:e3:59:cc:63:2f:3d:7e:5e:c1:c3:ae:a8:15:af:
47:c9:f5:ac:e1:76:36:80:e2:f9:6d:6b:62:d0:60:07:ad:89:
8a:2d:45:be:11:75:6f:b2:2c:4b:8c:83:3e:8b:79:92:5a:94:
00:aa:ee:ad:85:85:88:a2:d2:41:ae:f8:1b:13:53:39:11:d0:
96:b1:f4:a3:be:6a:35:87:94:a9:0e:fd:15:0e:c9:38:91:70:
bd:17:5b:9f:3a:66:0a:dc:57:4d:b5:e5:d9:c6:5c:59:db:27:
59:5a:5c:3f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY/0xk6LwJvODry/nKrjbET+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjA3MjIxNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM4ODI5OGQxNTBhNWVmNDY3YzIwZjg4MTFiMWZkNWY2MmE1ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/TUcDZkTBMFeZ6Av9ajLqg9/wXZ
TF+CF7RNY2Wz3pdKcoPFe0eVUyOblNzT8twP5HqIfran80f/7fDMm9fqZwfVNmMl
Oah1Nw2VCTAuM1kdempVG5TgNrTgnaAKRAzFnqjxVviPiGf6ziGC9bI4mYwW9Q7i
a0z+Gqh/zTYCfeUgNpeRh3czxesXhgvMHT2atgZ1CBVZQpV3K7DalvZbfsWynMp4
7paenm8lRfPxkJULnVAjv0vT20OCAq39fqfIunF8CkfpfhquWmIkZQV2mvZjaBcD
BM3vcahZTs7ofq6ry97PcEzCjfYdSsgzqNpSC1YfydBa7aIy1t/Hvwwl9QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLo4gpjRUKXvRnwg+IEbH9X2Kl80MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdWppQ21ORlFwZTlHZkNENGdSc2YxZllxWHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBADV0YEDBADV0YowDAMEANXRkQMEANXRkgME
ANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBAEjYdCNDXcXPD3/pbrt81fCgww0J2vPydQC/i5r8EpTv/7Bs8F2Mihgqwfcu
N+slBkHsAbGDaoi2Mbqn0NRzs9SRxCgwHD4S20Ry/43P2e9SPgiOj6TDTr2bc30w
Z8VT4krgQiaZMC1PK4dVsFCTHZU9tYGPwIajQf8s7sGdO88L7KK3Nev19tKVHiK+
zymdAm7Sol7jWcxjLz1+XsHDrqgVr0fJ9azhdjaA4vlta2LQYAetiYotRb4RdW+y
LEuMgz6LeZJalACq7q2FhYii0kGu+BsTUzkR0Jax9KO+ajWHlKkO/RUOyTiRcL0X
W586ZgrcV0215dnGXFnbJ1laXD8=
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:07 2024 by rpki-client on console-fra.rpki-client.org