Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vEvPXyPx8jzrO_crIvN2eLQ5xmU.roa
File: vEvPXyPx8jzrO_crIvN2eLQ5xmU.roa (raw, json)
Hash identifier: JQbePtd+kQtmwoOAA4CCcLfoiU81SutlW8XHnU4SiqU=
Subject key identifier: BC:4B:CF:5F:23:F1:F2:3C:EB:3B:F7:2B:22:F3:76:78:B4:39:C6:65
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A1D7CE9A92C011FA39F0A01DC97F4BB9D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vEvPXyPx8jzrO_crIvN2eLQ5xmU.roa
Signing time: Tue 22 Aug 2023 13:44:00 +0000
ROA not before: Tue 22 Aug 2023 13:44:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:7c:e9:a9:2c:01:1f:a3:9f:0a:01:dc:97:f4:bb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 22 13:44:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc4bcf5f23f1f23ceb3bf72b22f37678b439c665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:1f:c7:46:60:8d:1b:39:b4:fd:00:a6:b8:
b0:55:fe:3b:5d:2d:fe:95:f0:6b:24:e0:ca:0e:be:
2b:ce:19:19:6c:1e:a0:5a:b5:ac:31:73:85:38:41:
f3:ff:37:87:0f:ca:8c:4c:1d:b9:be:7b:fc:ae:26:
00:07:dd:d3:5f:0c:f1:33:62:39:f1:47:38:09:1f:
b1:68:17:5e:03:95:30:85:4c:2d:22:b0:81:e0:d3:
06:44:a6:4a:79:f8:b9:5b:98:6a:65:11:e5:a5:d6:
7c:bb:e6:d0:be:18:2c:df:38:17:bc:66:45:69:0c:
66:41:ae:6a:e2:84:df:64:14:04:e9:43:3f:02:2e:
41:bd:2b:00:40:f4:7d:1f:d2:1d:1c:81:00:3d:00:
9c:04:65:a8:ee:92:32:d2:be:fa:ea:e6:48:60:4e:
32:10:c1:44:fa:1a:0a:4e:b1:05:52:27:52:8e:81:
65:ce:88:5e:37:88:ce:96:21:fc:2b:3f:31:ec:95:
74:54:6c:37:62:53:81:4f:33:5f:c4:f6:f0:c2:32:
cc:f4:a5:c8:bf:af:cc:72:9a:de:05:0d:77:46:60:
c7:35:ea:40:d6:fe:a9:53:e4:2e:dc:67:24:0c:56:
8f:1a:e6:13:e0:d8:04:51:2f:c8:36:88:50:a7:81:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:4B:CF:5F:23:F1:F2:3C:EB:3B:F7:2B:22:F3:76:78:B4:39:C6:65
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vEvPXyPx8jzrO_crIvN2eLQ5xmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/23
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
7b:9e:a8:78:6e:83:4b:54:5c:a4:52:58:b5:48:98:c7:37:4c:
64:32:fd:61:81:16:a8:5e:f6:ed:5a:b3:ac:b5:7f:1e:47:1b:
88:a6:87:6a:83:a2:fb:77:9a:57:78:27:93:a0:da:d8:d1:fb:
8e:2e:48:9f:ed:7d:b4:0b:9c:96:3f:7b:db:91:70:85:ad:82:
46:7c:ef:8d:3d:04:72:25:16:38:5d:63:36:e9:f7:38:df:d8:
3f:b9:55:03:29:62:7e:8d:da:3e:bf:a5:66:e4:40:27:b4:a3:
ac:b3:3f:99:d1:a4:7f:e8:4f:f8:e4:23:2d:ab:d8:e3:78:38:
ca:1f:44:fd:dc:19:a4:de:37:08:4a:35:71:ce:14:ce:c9:fa:
59:6b:99:9d:0b:ba:4a:0d:44:46:dd:41:f2:4b:23:37:21:07:
fd:2e:df:d4:e5:33:1c:77:3f:a2:ed:77:9e:6a:76:ab:2e:7d:
a8:05:1f:70:d8:c7:a0:3c:e0:ee:65:c0:62:1a:f3:ab:2d:a5:
a1:10:5d:b7:c3:38:0c:e8:66:45:fb:e6:93:70:65:e1:f3:fe:
42:d3:bc:81:9c:3d:cf:13:2c:df:d8:35:b9:a0:82:b8:e7:5e:
3e:d4:bc:0e:0c:36:68:72:36:e6:3a:f3:e2:64:6b:18:8e:ff:
7a:f3:25:c9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYodfOmpLAEfo58KAdyX9LudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODIyMTM0NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzRiY2Y1ZjIzZjFmMjNjZWIzYmY3MmIyMmYzNzY3OGI0MzljNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEcfx0ZgjRs5tP0ApriwVf47XS3+
lfBrJODKDr4rzhkZbB6gWrWsMXOFOEHz/zeHD8qMTB25vnv8riYAB93TXwzxM2I5
8Uc4CR+xaBdeA5UwhUwtIrCB4NMGRKZKefi5W5hqZRHlpdZ8u+bQvhgs3zgXvGZF
aQxmQa5q4oTfZBQE6UM/Ai5BvSsAQPR9H9IdHIEAPQCcBGWo7pIy0r766uZIYE4y
EMFE+hoKTrEFUidSjoFlzoheN4jOliH8Kz8x7JV0VGw3YlOBTzNfxPbwwjLM9KXI
v6/McpreBQ13RmDHNepA1v6pU+Qu3GckDFaPGuYT4NgEUS/INohQp4E64QIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFLxLz18j8fI86zv3KyLzdni0OcZlMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdkV2UFh5UHg4anpyT19jckl2TjJlTFE1eG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqGAwQBTVqIAwQATVqMMAwDBAFNWo4DBABN
WpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQATVq8MAwDBAC55g0DBAC5
5g4DBADV0YowDAMEANXRkQMEANXRkgMEAdXRljAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAHueqHhug0tUXKRSWLVImMc3TGQy/WGBFqhe
9u1as6y1fx5HG4imh2qDovt3mld4J5Og2tjR+44uSJ/tfbQLnJY/e9uRcIWtgkZ8
7409BHIlFjhdYzbp9zjf2D+5VQMpYn6N2j6/pWbkQCe0o6yzP5nRpH/oT/jkIy2r
2ON4OMofRP3cGaTeNwhKNXHOFM7J+llrmZ0LukoNREbdQfJLIzchB/0u39TlMxx3
P6Ltd55qdqsufagFH3DYx6A84O5lwGIa86stpaEQXbfDOAzoZkX75pNwZeHz/kLT
vIGcPc8TLN/YNbmggrjnXj7UvA4MNmhyNuY68+JkaxiO/3rzJck=
-----END CERTIFICATE-----
Generated at Wed Aug 23 08:33:52 2023 by rpki-client on console-ams.rpki-client.org