Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uk0qqgmbXuo-wpAKfM3hnb9mEzA.roa
File: uk0qqgmbXuo-wpAKfM3hnb9mEzA.roa (raw, json)
Hash identifier: pnQIyXLZErDM1QoSG1QPsyaV7iqBWUp3b1G7Txm/TCM=
Subject key identifier: BA:4D:2A:AA:09:9B:5E:EA:3E:C2:90:0A:7C:CD:E1:9D:BF:66:13:30
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0191386E654275D0CB1A9CC15CB7BBA7FEAD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uk0qqgmbXuo-wpAKfM3hnb9mEzA.roa
Signing time: Fri 09 Aug 2024 18:37:24 +0000
ROA not before: Fri 09 Aug 2024 18:37:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Aug 2024 18:55:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:6e:65:42:75:d0:cb:1a:9c:c1:5c:b7:bb:a7:fe:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 9 18:37:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba4d2aaa099b5eea3ec2900a7ccde19dbf661330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:fb:60:27:ca:7f:30:bf:70:28:ac:65:d7:de:
4a:2c:ea:ed:e9:c0:a3:5c:52:91:15:99:08:b1:b2:
87:cd:2c:e9:3c:91:a1:2f:7a:e1:e9:79:52:37:71:
19:3b:ac:2a:d0:a1:15:14:dc:7b:47:92:fa:33:de:
66:e6:12:3e:7a:61:c6:0d:93:21:c2:e8:f9:46:07:
79:64:38:40:02:d7:93:fc:10:1f:4a:62:70:70:88:
e4:2c:93:09:21:48:cf:56:a6:de:d9:14:ed:e9:e7:
6c:99:51:26:7e:b4:bd:2e:56:5d:5b:aa:83:c0:e6:
fe:d5:9c:f6:8e:d8:04:81:64:17:8b:27:80:7b:90:
44:0b:47:df:42:72:c3:6c:4a:c0:53:a8:da:95:c5:
83:8a:26:47:74:89:12:0d:3a:16:6f:8a:88:98:1c:
88:ba:05:0f:77:f4:8e:2b:aa:56:80:52:c7:92:bc:
32:6b:d2:ad:1d:4b:af:db:04:4b:56:1d:7b:82:30:
d2:fa:d3:a1:10:13:fe:2b:63:16:1f:6c:c4:46:77:
ea:6c:11:6d:12:c3:17:90:2c:96:be:31:6b:e1:ab:
99:b8:03:c5:95:d8:45:80:ca:6a:07:56:99:2c:10:
bf:64:d3:ef:f8:67:ff:7e:48:52:53:6c:6d:d4:95:
fd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:4D:2A:AA:09:9B:5E:EA:3E:C2:90:0A:7C:CD:E1:9D:BF:66:13:30
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uk0qqgmbXuo-wpAKfM3hnb9mEzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.138.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
3c:3e:a7:1c:4b:60:5a:b1:18:bf:fa:bf:e6:28:a5:60:6f:80:
fd:6e:11:2a:a0:e2:51:4d:3b:e2:ed:5a:e6:52:be:9e:be:27:
66:3b:fd:84:40:04:99:cd:21:20:09:6a:04:9f:f2:5e:2d:8b:
0b:51:b1:1a:42:e8:4f:be:4e:64:7a:d3:c6:e5:42:03:fe:60:
f7:3f:19:90:03:eb:b3:58:f8:3e:9b:56:4b:79:b1:3d:3c:ff:
b7:b8:23:37:a2:4b:32:4f:b0:06:7e:9c:ee:93:c2:78:ee:f3:
ee:00:28:19:72:e6:9d:3d:d8:02:c1:4a:94:82:6f:b2:5b:11:
46:7c:16:8f:d2:cc:55:87:fa:b5:fc:11:3f:d0:3b:5f:f4:de:
a2:fc:19:17:cd:64:53:cb:8a:2b:97:93:5d:96:ce:ec:fd:0d:
7c:ff:00:2f:58:a3:c9:62:8d:fb:99:71:39:27:70:7c:f6:e3:
89:47:1c:cd:16:82:cf:fc:f2:a4:39:e8:5f:c3:a1:ed:9c:31:
b0:ee:f4:35:7c:e0:47:98:be:af:5b:0c:15:47:c3:c5:a8:61:
fb:3c:fc:4a:01:cf:96:ee:5b:f9:da:4e:cb:c6:a3:16:90:97:
aa:cc:94:1e:d0:28:59:cf:95:2f:18:59:cc:b7:c5:79:02:0e:
a0:51:27:06
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZE4bmVCddDLGpzBXLe7p/6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODA5MTgzNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTRkMmFhYTA5OWI1ZWVhM2VjMjkwMGE3Y2NkZTE5ZGJmNjYxMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/tgJ8p/ML9wKKxl195KLOrt6cCj
XFKRFZkIsbKHzSzpPJGhL3rh6XlSN3EZO6wq0KEVFNx7R5L6M95m5hI+emHGDZMh
wuj5Rgd5ZDhAAteT/BAfSmJwcIjkLJMJIUjPVqbe2RTt6edsmVEmfrS9LlZdW6qD
wOb+1Zz2jtgEgWQXiyeAe5BEC0ffQnLDbErAU6jalcWDiiZHdIkSDToWb4qImByI
ugUPd/SOK6pWgFLHkrwya9KtHUuv2wRLVh17gjDS+tOhEBP+K2MWH2zERnfqbBFt
EsMXkCyWvjFr4auZuAPFldhFgMpqB1aZLBC/ZNPv+Gf/fkhSU2xt1JX9NwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLpNKqoJm17qPsKQCnzN4Z2/ZhMwMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdWswcXFnbWJYdW8td3BBS2ZNM2huYjltRXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQAueYOAwQA1dGK
AwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEA
PD6nHEtgWrEYv/q/5iilYG+A/W4RKqDiUU074u1a5lK+nr4nZjv9hEAEmc0hIAlq
BJ/yXi2LC1GxGkLoT75OZHrTxuVCA/5g9z8ZkAPrs1j4PptWS3mxPTz/t7gjN6JL
Mk+wBn6c7pPCeO7z7gAoGXLmnT3YAsFKlIJvslsRRnwWj9LMVYf6tfwRP9A7X/Te
ovwZF81kU8uKK5eTXZbO7P0NfP8AL1ijyWKN+5lxOSdwfPbjiUcczRaCz/zypDno
X8Oh7ZwxsO70NXzgR5i+r1sMFUfDxahh+zz8SgHPlu5b+dpOy8ajFpCXqsyUHtAo
Wc+VLxhZzLfFeQIOoFEnBg==
-----END CERTIFICATE-----
Generated at Tue Aug 13 20:45:21 2024 by rpki-client on console-fra.rpki-client.org