Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y7BrEHVwn_pvD8YLByxOGA2up-c.roa
File: y7BrEHVwn_pvD8YLByxOGA2up-c.roa (raw, json)
Hash identifier: lTEE97RfpU0aOC/zUxuzhowkOiuIXat1DbtempFnlMw=
Subject key identifier: CB:B0:6B:10:75:70:9F:FA:6F:0F:C6:0B:07:2C:4E:18:0D:AE:A7:E7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01910EED664C64C0495DF44FFFDF0B37379F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y7BrEHVwn_pvD8YLByxOGA2up-c.roa
Signing time: Thu 01 Aug 2024 17:12:04 +0000
ROA not before: Thu 01 Aug 2024 17:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:18:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:ed:66:4c:64:c0:49:5d:f4:4f:ff:df:0b:37:37:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 1 17:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbb06b1075709ffa6f0fc60b072c4e180daea7e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dc:2d:b2:1e:6e:95:de:25:06:67:8c:42:ed:
3b:61:a8:15:f0:2f:2b:62:dd:8a:33:f3:84:23:17:
b1:e6:0d:80:57:a5:9b:72:3c:1e:ec:7e:3f:a6:42:
d2:33:07:2b:95:f6:56:cc:62:92:8a:bc:ad:04:73:
42:5b:08:55:1f:55:f3:5b:9d:6d:43:2a:d1:8f:eb:
9a:a7:ff:fe:2a:78:c5:17:35:2f:a3:2d:47:9c:26:
e7:ab:ea:bc:89:28:49:a4:e3:dc:65:cc:b0:3c:6d:
fd:08:bf:73:2f:57:f7:8b:33:39:ec:46:d6:3c:8c:
a2:35:8f:17:e9:5b:0c:c9:01:50:ca:3e:26:19:34:
91:49:e7:85:ae:6b:55:2c:f1:1a:f2:86:82:34:41:
51:3c:5f:75:12:a2:10:f3:8d:62:8b:ba:3d:b6:93:
91:d0:60:33:3b:29:14:a4:ee:6f:31:af:ab:f0:e6:
0a:ea:5d:5d:a1:71:35:a1:74:c2:ee:37:2c:0d:13:
d5:85:91:81:07:6b:ee:60:c9:99:38:b4:38:f2:f6:
55:cb:65:81:3c:65:50:db:8a:66:f5:27:c7:d2:25:
aa:81:c0:ad:e5:26:5e:77:45:2a:79:4a:4d:69:fc:
59:3f:17:a0:e4:85:60:6f:52:c8:3d:e7:66:65:c9:
20:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B0:6B:10:75:70:9F:FA:6F:0F:C6:0B:07:2C:4E:18:0D:AE:A7:E7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/y7BrEHVwn_pvD8YLByxOGA2up-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0-77.90.154.255
185.230.14.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
a1:bb:b5:e0:d8:cd:47:4d:50:3e:6f:80:75:58:00:81:de:5b:
d8:98:70:70:80:3a:64:1f:1b:68:39:fb:8d:c8:e3:af:d2:db:
e3:b4:e7:2b:e8:5e:08:ed:11:04:3e:74:d4:05:70:c2:91:a2:
12:60:96:f0:2e:55:92:b8:86:f4:3e:1d:41:b8:21:da:39:69:
68:f6:45:20:08:a9:b7:02:ad:8c:fe:27:f3:49:4c:df:dc:aa:
6a:f6:ae:0e:13:9e:69:76:49:5f:db:bb:fb:03:f6:ef:b1:a5:
b0:dd:cb:df:fa:53:f7:de:8b:79:aa:4e:d9:47:5e:4b:b9:6d:
50:31:ba:96:87:1d:22:52:98:80:84:aa:d3:39:79:64:2d:fe:
e8:9f:44:e5:d7:86:84:03:55:b6:d1:67:42:d7:7b:93:c9:b6:
9a:ba:f5:4b:d1:d8:7b:3e:ae:bc:71:1b:0b:c1:8a:9b:e2:63:
76:d3:b3:c9:f7:35:15:bc:ad:ed:a3:20:3a:ad:64:9a:8e:5e:
c0:69:5a:49:f9:10:7c:3b:bf:14:02:65:ee:81:4d:56:66:67:
e5:31:10:94:eb:98:f7:86:f0:7f:97:2d:58:2e:e9:f0:65:d8:
6f:f6:13:cf:ee:c5:ab:8c:7f:86:b0:d6:59:64:f6:6a:61:80:
61:41:a3:ba
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZEO7WZMZMBJXfRP/98LNzefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwODAxMTcxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmIwNmIxMDc1NzA5ZmZhNmYwZmM2MGIwNzJjNGUxODBkYWVhN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9wtsh5uld4lBmeMQu07YagV8C8r
Yt2KM/OEIxex5g2AV6Wbcjwe7H4/pkLSMwcrlfZWzGKSirytBHNCWwhVH1XzW51t
QyrRj+uap//+KnjFFzUvoy1HnCbnq+q8iShJpOPcZcywPG39CL9zL1f3izM57EbW
PIyiNY8X6VsMyQFQyj4mGTSRSeeFrmtVLPEa8oaCNEFRPF91EqIQ841ii7o9tpOR
0GAzOykUpO5vMa+r8OYK6l1doXE1oXTC7jcsDRPVhZGBB2vuYMmZOLQ48vZVy2WB
PGVQ24pm9SfH0iWqgcCt5SZed0UqeUpNafxZPxeg5IVgb1LIPedmZckg/wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFMuwaxB1cJ/6bw/GCwcsThgNrqfnMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveTdCckVIVnduX3B2RDhZTEJ5eE9HQTJ1cC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFNWo4DBABN
WpAwDAMEAU1akgMEAE1alDAMAwQATVqZAwQATVqaAwQAueYOAwQA1dGKAwQA1dGP
AwQA1dGWMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEA
obu14NjNR01QPm+AdVgAgd5b2JhwcIA6ZB8baDn7jcjjr9Lb47TnK+heCO0RBD50
1AVwwpGiEmCW8C5VkriG9D4dQbgh2jlpaPZFIAiptwKtjP4n80lM39yqavauDhOe
aXZJX9u7+wP277GlsN3L3/pT996LeapO2UdeS7ltUDG6locdIlKYgISq0zl5ZC3+
6J9E5deGhANVttFnQtd7k8m2mrr1S9HYez6uvHEbC8GKm+JjdtOzyfc1Fbyt7aMg
Oq1kmo5ewGlaSfkQfDu/FAJl7oFNVmZn5TEQlOuY94bwf5ctWC7p8GXYb/YTz+7F
q4x/hrDWWWT2amGAYUGjug==
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:40:40 2024 by rpki-client on console-ams.rpki-client.org