Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vWBFd0Z4v26bAePUSPch37gr9pA.roa
File: vWBFd0Z4v26bAePUSPch37gr9pA.roa (raw, json)
Hash identifier: 1Ruu7APNsykaUiy0giVqbVCJbNIXjLNQrW9TfBVCPt8=
Subject key identifier: BD:60:45:77:46:78:BF:6E:9B:01:E3:D4:48:F7:21:DF:B8:2B:F6:90
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019001AB0B69DC4D032A28F35F3379D1D9F1
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vWBFd0Z4v26bAePUSPch37gr9pA.roa
Signing time: Mon 10 Jun 2024 10:21:45 +0000
ROA not before: Mon 10 Jun 2024 10:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 22:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:ab:0b:69:dc:4d:03:2a:28:f3:5f:33:79:d1:d9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 10 10:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd6045774678bf6e9b01e3d448f721dfb82bf690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e4:e8:1a:3c:ec:8c:39:85:e1:f6:31:cc:dc:
ec:e7:73:8b:5b:84:ba:b8:89:1d:e9:19:d7:84:47:
28:a8:0d:83:02:d2:3f:b6:38:4c:b3:2f:2b:16:23:
16:84:29:30:0f:9a:e6:bc:e3:d5:f4:b0:1b:08:60:
ff:2d:20:b1:cf:ea:79:77:12:b3:06:bf:e3:0d:c1:
2b:c3:04:a0:d2:24:e2:54:1e:77:fa:6b:2a:fa:ea:
97:32:a0:09:f3:a9:5b:db:b2:e2:78:8f:30:ea:75:
7b:18:86:73:50:18:1b:e6:72:5d:19:53:bb:9c:1c:
b9:fe:5b:37:1b:5e:c4:d1:02:2d:49:5e:8c:6a:09:
fb:12:72:09:50:a9:41:ff:e0:e4:7c:ac:25:21:d2:
ca:42:e9:f8:62:15:73:f1:8b:8f:1c:1f:a9:2f:f2:
b3:06:86:f4:81:d3:42:61:24:ed:66:85:55:41:27:
05:8b:51:54:41:42:35:7f:c9:6e:04:3b:83:e4:44:
55:0f:b3:05:43:0c:f5:94:9c:20:42:29:9e:08:c9:
1e:ef:3d:24:1e:2f:9c:72:0c:89:14:3d:90:c7:d0:
03:25:ef:af:54:d6:38:4d:58:da:0f:d1:b5:e0:b6:
39:f3:a0:49:ef:f3:8a:bc:c2:4c:65:47:e0:df:6e:
f6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:60:45:77:46:78:BF:6E:9B:01:E3:D4:48:F7:21:DF:B8:2B:F6:90
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vWBFd0Z4v26bAePUSPch37gr9pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
185.230.14.0/24
213.209.129.0/24
213.209.138.0/24
213.209.145.0-213.209.146.255
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
76:51:e5:17:e5:74:99:3f:14:76:51:8d:cc:33:3e:2b:a0:50:
48:8a:f9:92:f1:74:d6:b9:4a:f2:54:02:7d:40:50:73:1c:da:
97:45:8a:93:64:1c:22:97:ec:b1:ce:57:c8:4b:72:c3:4b:ac:
d3:12:46:f7:5c:f7:fc:00:0a:55:86:70:da:a5:2c:8a:dc:fd:
32:96:46:2e:57:65:e5:75:08:f7:e9:b4:59:29:e3:ac:ff:04:
7a:df:b0:fd:85:3a:a6:93:3b:40:ab:f5:23:d4:f3:18:1e:7e:
77:39:c3:ee:f9:42:cb:17:e5:e5:33:9e:7c:d0:0f:bd:1a:82:
61:bf:42:63:92:45:b8:55:a7:e2:ca:06:66:4b:75:ff:15:01:
41:0c:f5:c2:f1:f9:cc:db:89:cc:56:d4:3c:dc:05:c2:0a:fa:
c7:07:d6:67:98:eb:ef:26:3b:44:2a:b4:8c:e2:5c:3d:64:92:
26:db:eb:02:36:eb:e5:e3:79:43:60:74:36:b9:8a:fb:10:5d:
b3:7e:2b:d0:a6:32:75:42:1a:1b:56:73:18:5d:4f:bc:1e:8a:
5a:44:62:ac:63:e7:ec:5a:51:ca:82:25:2c:54:4d:0a:cc:8b:
68:47:91:8d:17:dd:3a:95:7c:97:f2:2e:e3:cf:4e:3e:70:40:
a3:0b:4b:b6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZABqwtp3E0DKijzXzN50dnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNjEwMTAyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDYwNDU3NzQ2NzhiZjZlOWIwMWUzZDQ0OGY3MjFkZmI4MmJmNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+ToGjzsjDmF4fYxzNzs53OLW4S6
uIkd6RnXhEcoqA2DAtI/tjhMsy8rFiMWhCkwD5rmvOPV9LAbCGD/LSCxz+p5dxKz
Br/jDcErwwSg0iTiVB53+msq+uqXMqAJ86lb27LieI8w6nV7GIZzUBgb5nJdGVO7
nBy5/ls3G17E0QItSV6Magn7EnIJUKlB/+DkfKwlIdLKQun4YhVz8YuPHB+pL/Kz
Bob0gdNCYSTtZoVVQScFi1FUQUI1f8luBDuD5ERVD7MFQwz1lJwgQimeCMke7z0k
Hi+ccgyJFD2Qx9ADJe+vVNY4TVjaD9G14LY586BJ7/OKvMJMZUfg3272bQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFL1gRXdGeL9umwHj1Ej3Id+4K/aQMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdldCRmQwWjR2MjZiQWVQVVNQY2gzN2dyOXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDB8BAIAATB2MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQ
MAwDBAFNWpIDBABNWpQDBABNWpkDBAC55g4DBADV0YEDBADV0YowDAMEANXRkQME
ANXRkgMEANXRlgMEANXRnTAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBAHZR5RfldJk/FHZRjcwzPiugUEiK+ZLxdNa5SvJUAn1AUHMc2pdF
ipNkHCKX7LHOV8hLcsNLrNMSRvdc9/wAClWGcNqlLIrc/TKWRi5XZeV1CPfptFkp
46z/BHrfsP2FOqaTO0Cr9SPU8xgefnc5w+75QssX5eUznnzQD70agmG/QmOSRbhV
p+LKBmZLdf8VAUEM9cLx+czbicxW1DzcBcIK+scH1meY6+8mO0QqtIziXD1kkibb
6wI26+XjeUNgdDa5ivsQXbN+K9CmMnVCGhtWcxhdT7weilpEYqxj5+xaUcqCJSxU
TQrMi2hHkY0X3TqVfJfyLuPPTj5wQKMLS7Y=
-----END CERTIFICATE-----
Generated at Mon Jun 10 23:03:24 2024 by rpki-client on console-fra.rpki-client.org