Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yhaK1e5Hp_ZsKtJcB0vSsLbQuv8.roa
File: yhaK1e5Hp_ZsKtJcB0vSsLbQuv8.roa (raw, json)
Hash identifier: BocPx6XCWUyF4TfPOPs/7zXIgQm5q6GAoFzXvxSZZVQ=
Subject key identifier: CA:16:8A:D5:EE:47:A7:F6:6C:2A:D2:5C:07:4B:D2:B0:B6:D0:BA:FF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747A8664F9089FDBD14E00A8B6C9473
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yhaK1e5Hp_ZsKtJcB0vSsLbQuv8.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Jan 2025 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a8:66:4f:90:89:fd:bd:14:e0:0a:8b:6c:94:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca168ad5ee47a7f66c2ad25c074bd2b0b6d0baff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d3:ef:b3:c4:cf:77:23:6c:f1:ff:d3:86:46:
1e:f5:10:49:f2:52:5a:1f:35:b8:27:31:ee:19:34:
1a:a9:b0:56:f5:d8:d6:df:c0:5c:96:24:6c:71:f2:
3f:62:c5:1b:df:d0:d3:39:ef:83:c0:72:fa:6a:9b:
6e:ca:59:a5:b2:c6:f9:97:5c:16:02:50:7b:77:7f:
92:ff:d5:7a:ff:8f:70:a0:e3:2e:77:5b:96:4b:6b:
fa:7f:1d:81:f3:ec:a8:82:fd:3f:22:80:07:ce:78:
0f:8b:fa:85:02:b3:9e:cb:ce:5e:e3:70:45:fa:e8:
16:48:b9:88:64:b5:88:fb:56:bf:1a:48:ef:ad:e5:
df:0d:7a:13:0f:52:d5:71:d5:8e:dd:df:ce:04:5f:
87:69:3e:73:c5:53:9b:35:9b:23:f3:23:10:b8:98:
14:89:74:89:d9:84:ee:16:5b:0e:49:21:d0:d2:dc:
29:5c:45:a3:16:fc:39:14:41:6d:2e:2d:38:4c:70:
f5:7b:86:9f:1e:ae:dd:0b:50:6b:64:75:75:56:34:
02:ab:27:ad:b9:00:a5:23:fd:ee:02:b5:4c:f5:d6:
dd:33:e5:24:a2:16:4a:62:c4:9a:b2:f2:8e:85:63:
79:46:46:41:aa:02:37:e1:c4:d8:e3:fb:3d:dc:2f:
8b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:16:8A:D5:EE:47:A7:F6:6C:2A:D2:5C:07:4B:D2:B0:B6:D0:BA:FF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yhaK1e5Hp_ZsKtJcB0vSsLbQuv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.164.0/24
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
20:6e:b3:d7:7f:3f:5f:d3:f3:6e:bb:0b:19:68:11:39:01:d5:
c9:45:a2:25:6d:5a:4c:c2:e4:cf:36:f7:3d:65:d3:c9:79:30:
bc:c0:97:60:00:d3:87:1e:3e:87:7a:76:2b:b2:18:27:37:77:
61:e6:24:69:81:27:f8:e4:15:c2:0c:b3:e8:59:34:f6:28:b3:
44:b8:e3:c8:b7:a5:d6:27:a9:30:61:ec:1a:39:da:b3:de:49:
98:76:4d:86:80:10:3a:24:df:5c:24:07:12:aa:fd:84:eb:93:
b8:4d:eb:ee:a9:64:ee:f2:c1:40:aa:37:95:2e:f7:ab:28:0e:
67:c3:dd:be:93:2f:8e:08:9b:35:43:f0:fc:19:55:fd:04:90:
28:ae:79:c1:20:92:23:bd:85:6d:ec:30:8e:94:90:13:b5:4a:
83:41:f1:49:17:fb:22:95:c8:fd:56:56:6b:7f:ee:d2:65:7d:
c6:f4:63:59:ec:0c:e9:01:f7:f0:b4:97:ac:5f:a8:13:4f:11:
2d:c9:57:b4:12:e5:58:a2:a5:41:85:54:3c:7c:a3:d5:3b:91:
3b:46:39:d9:d2:21:ae:88:cc:89:f4:24:8f:70:f6:fc:8c:40:
fb:fd:5f:54:32:02:49:c6:d6:cc:ae:5c:38:15:88:c2:c5:99:
ab:a7:f6:d1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZQnR6hmT5CJ/b0U4AqLbJRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE2OGFkNWVlNDdhN2Y2NmMyYWQyNWMwNzRiZDJiMGI2ZDBiYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudPvs8TPdyNs8f/ThkYe9RBJ8lJa
HzW4JzHuGTQaqbBW9djW38BcliRscfI/YsUb39DTOe+DwHL6aptuylmlssb5l1wW
AlB7d3+S/9V6/49woOMud1uWS2v6fx2B8+yogv0/IoAHzngPi/qFArOey85e43BF
+ugWSLmIZLWI+1a/GkjvreXfDXoTD1LVcdWO3d/OBF+HaT5zxVObNZsj8yMQuJgU
iXSJ2YTuFlsOSSHQ0twpXEWjFvw5FEFtLi04THD1e4afHq7dC1BrZHV1VjQCqyet
uQClI/3uArVM9dbdM+UkohZKYsSasvKOhWN5RkZBqgI34cTY4/s93C+LdQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMoWitXuR6f2bCrSXAdL0rC20Lr/MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveWhhSzFlNUhwX1pzS3RKY0IwdlNzTGJRdXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQMEAE1apAMEANXRgQMEANXRigME
ANXRjwMEANXRljAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBACBus9d/P1/T8267CxloETkB1clFoiVtWkzC5M829z1l08l5MLzAl2AA04ce
Pod6diuyGCc3d2HmJGmBJ/jkFcIMs+hZNPYos0S448i3pdYnqTBh7Bo52rPeSZh2
TYaAEDok31wkBxKq/YTrk7hN6+6pZO7ywUCqN5Uu96soDmfD3b6TL44ImzVD8PwZ
Vf0EkCiuecEgkiO9hW3sMI6UkBO1SoNB8UkX+yKVyP1WVmt/7tJlfcb0Y1nsDOkB
9/C0l6xfqBNPES3JV7QS5ViipUGFVDx8o9U7kTtGOdnSIa6IzIn0JI9w9vyMQPv9
X1QyAknG1syuXDgViMLFmaun9tE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:09 2025 by rpki-client