Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y5IDl3uY9wvkRB9agat6r0WHnk0.roa
File: y5IDl3uY9wvkRB9agat6r0WHnk0.roa (raw, json)
Hash identifier: VI3izri4x0byjplwxAFblJaM0u6+hLAgKAZTM6/0XzI=
Subject key identifier: CB:92:03:97:7B:98:F7:0B:E4:44:1F:5A:81:AB:7A:AF:45:87:9E:4D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0188CE7DB43B5494717B2A13C033325A4FBA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y5IDl3uY9wvkRB9agat6r0WHnk0.roa
Signing time: Sun 18 Jun 2023 12:32:04 +0000
ROA not before: Sun 18 Jun 2023 12:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.185.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
213.209.151.0/24 maxlen: 24
213.209.159.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 20 Jun 2023 13:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ce:7d:b4:3b:54:94:71:7b:2a:13:c0:33:32:5a:4f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jun 18 12:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb9203977b98f70be4441f5a81ab7aaf45879e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:6a:af:62:eb:ef:82:4a:03:dc:76:6d:fe:
a0:ab:ba:8c:fb:70:1b:68:18:cb:5f:ed:fe:59:7f:
d6:5a:b1:d6:ec:af:90:f8:72:57:72:06:31:1b:05:
55:88:b5:c2:dc:30:ef:91:6d:18:9b:e8:8c:bb:42:
06:0b:48:51:fc:68:5c:62:a6:89:84:4c:52:3e:09:
70:64:21:7c:bb:75:af:d9:ac:39:b1:23:c0:eb:51:
20:f4:e4:08:d5:9d:7d:99:a0:60:1a:b9:77:4c:ef:
ff:c4:77:1f:2e:dd:f7:21:67:73:34:bc:83:42:7e:
a3:95:b7:61:6a:89:34:37:26:9b:3f:12:19:3d:76:
45:d1:17:10:73:cf:f0:2a:da:3f:9e:17:84:17:c8:
54:fa:ce:4d:d0:dc:c8:eb:2f:3a:c4:a7:03:7c:2e:
cd:9d:6e:80:19:e0:cd:dd:3c:2a:e0:32:a3:2d:cc:
2f:9d:bd:5e:f6:11:75:54:6d:a8:b9:c2:73:3f:be:
3c:fb:22:1c:ce:bf:cc:48:be:5d:ce:92:a3:34:24:
3e:84:95:46:7f:76:c2:93:4d:4d:27:32:28:cd:58:
35:d5:fb:da:eb:c9:33:ef:e6:23:aa:33:32:9e:93:
05:88:f3:f5:ab:21:3c:7d:85:32:53:68:08:0b:e5:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:92:03:97:7B:98:F7:0B:E4:44:1F:5A:81:AB:7A:AF:45:87:9E:4D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y5IDl3uY9wvkRB9agat6r0WHnk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.185.0/24
77.90.188.0/24
185.230.15.0/24
213.209.138.0/24
213.209.146.0/24
213.209.151.0/24
213.209.157.0/24
213.209.159.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
4f:b8:81:19:c1:a4:9f:9f:0c:65:7e:20:44:35:80:8e:94:e9:
72:a2:70:60:9b:34:d8:b4:cf:23:83:47:9e:36:47:c2:c3:5a:
2d:8c:46:bc:ab:9c:84:83:70:9a:07:09:d7:ac:43:ff:3d:c1:
07:9b:c2:75:05:0d:33:85:2b:6f:80:4f:bc:04:0d:38:54:df:
24:8e:cc:ac:b8:1b:8f:c1:a1:94:77:23:e6:fd:d5:4f:0e:7c:
7f:b0:de:8b:82:33:b8:f6:70:8c:8d:9f:96:be:5c:ef:5d:18:
81:80:03:52:c0:0e:76:fc:58:66:36:0a:c5:b4:cc:63:98:49:
73:e1:cb:ad:22:90:f5:b2:d2:a1:50:d9:42:ce:20:13:0b:e3:
6a:a1:a0:88:09:84:57:99:70:35:66:53:16:0a:7d:3d:83:45:
a6:e7:cb:29:8c:03:bc:69:d0:bf:16:0c:aa:b1:d8:27:4a:63:
5c:f6:44:6c:17:ff:b8:00:6c:a8:61:0d:11:6e:25:41:9f:fa:
df:72:a7:9b:64:3a:f5:d8:f3:96:1c:54:13:21:47:8b:ac:20:
61:d1:92:df:ac:8e:1b:04:9f:a0:f4:0d:6a:3f:76:4b:1f:e6:
3a:9f:01:a4:a6:3c:72:cd:11:2e:31:31:f7:25:f3:84:04:63:
6d:63:aa:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYjOfbQ7VJRxeyoTwDMyWk+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjE4MTIzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjkyMDM5NzdiOThmNzBiZTQ0NDFmNWE4MWFiN2FhZjQ1ODc5ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkpqr2Lr74JKA9x2bf6gq7qM+3Ab
aBjLX+3+WX/WWrHW7K+Q+HJXcgYxGwVViLXC3DDvkW0Ym+iMu0IGC0hR/GhcYqaJ
hExSPglwZCF8u3Wv2aw5sSPA61Eg9OQI1Z19maBgGrl3TO//xHcfLt33IWdzNLyD
Qn6jlbdhaok0NyabPxIZPXZF0RcQc8/wKto/nheEF8hU+s5N0NzI6y86xKcDfC7N
nW6AGeDN3Twq4DKjLcwvnb1e9hF1VG2oucJzP748+yIczr/MSL5dzpKjNCQ+hJVG
f3bCk01NJzIozVg11fva68kz7+YjqjMynpMFiPP1qyE8fYUyU2gIC+VIAQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFMuSA5d7mPcL5EQfWoGreq9Fh55NMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveTVJRGwzdVk5d3ZrUkI5YWdhdDZyMFdIbmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0MAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFN
WpIDBABNWpQDBABNWpkDBABNWrkDBABNWrwDBAC55g8DBADV0YoDBADV0ZIDBADV
0ZcDBADV0Z0DBADV0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEB
CwUAA4IBAQBPuIEZwaSfnwxlfiBENYCOlOlyonBgmzTYtM8jg0eeNkfCw1otjEa8
q5yEg3CaBwnXrEP/PcEHm8J1BQ0zhStvgE+8BA04VN8kjsysuBuPwaGUdyPm/dVP
Dnx/sN6LgjO49nCMjZ+WvlzvXRiBgANSwA52/FhmNgrFtMxjmElz4cutIpD1stKh
UNlCziATC+NqoaCICYRXmXA1ZlMWCn09g0Wm58spjAO8adC/FgyqsdgnSmNc9kRs
F/+4AGyoYQ0RbiVBn/rfcqebZDr12POWHFQTIUeLrCBh0ZLfrI4bBJ+g9A1qP3ZL
H+Y6nwGkpjxyzREuMTH3JfOEBGNtY6qe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org