Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z11ymUkjEk_GirwvkedZC4_jnFE.roa
File: z11ymUkjEk_GirwvkedZC4_jnFE.roa (raw, json)
Hash identifier: RO1Wt7+YG9vNEQ0Ubl8rHf/+gbwdU21WeYE010hKT9s=
Subject key identifier: CF:5D:72:99:49:23:12:4F:C6:8A:BC:2F:91:E7:59:0B:8F:E3:9C:51
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018733DBC925CB9DF262CFFC693DCC0E3C9D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z11ymUkjEk_GirwvkedZC4_jnFE.roa
Signing time: Thu 30 Mar 2023 18:50:54 +0000
ROA not before: Thu 30 Mar 2023 18:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.135.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.178.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Sat 08 Apr 2023 08:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:db:c9:25:cb:9d:f2:62:cf:fc:69:3d:cc:0e:3c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 30 18:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf5d72994923124fc68abc2f91e7590b8fe39c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:a6:c4:66:90:be:5a:73:f5:bd:44:b7:f7:
e1:03:48:bf:55:c3:e5:cb:2e:20:62:01:d5:85:a5:
2e:df:62:93:ae:72:a6:08:b4:f3:27:2e:f3:3b:95:
2b:f6:7c:38:81:f0:9f:d2:2d:0f:3d:f9:2a:9c:cc:
ba:e4:b3:7e:2d:71:90:0f:2f:0e:84:44:29:69:0b:
e4:58:1b:23:e6:3c:fc:85:c6:c4:b7:b3:5f:ac:07:
08:40:a1:e9:79:1a:70:95:5c:9a:d3:2d:12:86:2b:
54:59:b2:aa:5d:ae:78:42:44:16:41:f2:dc:00:1e:
89:c6:df:c2:2d:b5:ee:a2:6b:51:02:25:ea:8c:08:
e3:19:1c:5a:5e:36:73:b9:a8:67:fb:34:0d:1f:87:
25:97:7f:05:8c:ee:12:8e:76:7a:d8:41:28:5a:a9:
12:5f:30:2c:4c:81:bd:eb:ed:dc:27:98:4f:c3:86:
f7:d8:f9:f5:89:57:e8:08:b6:1b:4c:30:96:0a:f8:
2a:39:26:4e:35:d5:8f:3f:5a:c8:e8:03:a1:97:df:
f1:56:9d:f0:d8:ee:43:24:a3:bc:3e:9d:23:9f:14:
25:1d:fc:a9:f1:fa:16:82:46:f7:e4:82:61:37:82:
be:28:48:27:83:e1:d8:68:c9:fb:18:17:b3:4f:dd:
3a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5D:72:99:49:23:12:4F:C6:8A:BC:2F:91:E7:59:0B:8F:E3:9C:51
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z11ymUkjEk_GirwvkedZC4_jnFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.137.255
77.90.140.0/24
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.178.0/24
213.209.138.0/24
213.209.145.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
b4:c5:ee:c6:87:1f:cf:fe:a5:6d:d2:83:dd:c2:9f:5b:d7:9e:
1b:e8:79:01:12:c7:1a:d9:1b:1d:b6:50:42:10:81:19:79:49:
ce:98:07:0b:64:4b:36:c9:d7:0c:1f:bb:d6:a4:1c:4e:e6:46:
47:f1:3f:86:26:fe:e7:ec:7a:6c:3d:1d:53:47:d4:65:2f:39:
21:9b:8e:34:95:87:91:ea:3f:09:02:09:cc:22:7d:14:fc:21:
0f:5f:26:ef:bf:32:38:2a:1c:6c:b3:01:32:50:e6:79:d8:ef:
e1:ba:e0:35:28:31:49:d8:40:01:88:d3:6d:20:e5:b5:83:d1:
5a:b5:db:cb:5d:8a:3e:ad:8a:ae:2e:16:62:cb:2b:e9:01:c0:
55:86:1d:b4:16:a3:d0:c8:8f:25:c6:cd:bb:d4:23:ae:6e:bf:
0c:e8:58:4f:e8:95:9c:ec:da:c2:e0:0c:ab:21:61:06:6f:60:
90:91:78:75:ff:eb:75:fd:ee:7f:9e:b0:00:fa:30:96:dc:cd:
13:86:10:24:7a:bc:b4:b3:6e:bc:64:51:0b:76:03:f5:ef:db:
42:0f:17:09:8f:56:5e:cf:fb:bc:69:08:5b:a9:b9:17:5a:a2:
88:eb:0f:b9:df:24:b1:9f:fc:8a:c5:00:f7:8a:85:f5:9f:85:
43:b2:54:33
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYcz28kly53yYs/8aT3MDjydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMzMwMTg1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVkNzI5OTQ5MjMxMjRmYzY4YWJjMmY5MWU3NTkwYjhmZTM5YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyamxGaQvlpz9b1Et/fhA0i/VcPl
yy4gYgHVhaUu32KTrnKmCLTzJy7zO5Ur9nw4gfCf0i0PPfkqnMy65LN+LXGQDy8O
hEQpaQvkWBsj5jz8hcbEt7NfrAcIQKHpeRpwlVya0y0ShitUWbKqXa54QkQWQfLc
AB6Jxt/CLbXuomtRAiXqjAjjGRxaXjZzuahn+zQNH4cll38FjO4SjnZ62EEoWqkS
XzAsTIG96+3cJ5hPw4b32Pn1iVfoCLYbTDCWCvgqOSZONdWPP1rI6AOhl9/xVp3w
2O5DJKO8Pp0jnxQlHfyp8foWgkb35IJhN4K+KEgng+HYaMn7GBezT906aQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFM9dcplJIxJPxoq8L5HnWQuP45xRMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvejExeW1Va2pFa19HaXJ3dmtlZFpDNF9qbkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqS
AwQATVqUAwQATVqyAwQA1dGKAwQA1dGRAwQA1dGWMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAtMXuxocfz/6lbdKD3cKfW9eeG+h5ARLH
GtkbHbZQQhCBGXlJzpgHC2RLNsnXDB+71qQcTuZGR/E/hib+5+x6bD0dU0fUZS85
IZuONJWHkeo/CQIJzCJ9FPwhD18m778yOCocbLMBMlDmedjv4brgNSgxSdhAAYjT
bSDltYPRWrXby12KPq2Kri4WYssr6QHAVYYdtBaj0MiPJcbNu9Qjrm6/DOhYT+iV
nOzawuAMqyFhBm9gkJF4df/rdf3uf56wAPowltzNE4YQJHq8tLNuvGRRC3YD9e/b
Qg8XCY9WXs/7vGkIW6m5F1qiiOsPud8ksZ/8isUA94qF9Z+FQ7JUMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org