Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zEPhHjgMdd7ubSn-9anEbv3Hsv0.roa
File: zEPhHjgMdd7ubSn-9anEbv3Hsv0.roa (raw, json)
Hash identifier: iA6flOu0icFROT19mfDu/qssvFdgRhaDdEvfFCRO4l8=
Subject key identifier: CC:43:E1:1E:38:0C:75:DE:EE:6D:29:FE:F5:A9:C4:6E:FD:C7:B2:FD
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018C115EE8089AA1FDA0D644FB636AA9C9C9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zEPhHjgMdd7ubSn-9anEbv3Hsv0.roa
Signing time: Mon 27 Nov 2023 15:21:21 +0000
ROA not before: Mon 27 Nov 2023 15:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 29 Nov 2023 13:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:5e:e8:08:9a:a1:fd:a0:d6:44:fb:63:6a:a9:c9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 27 15:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc43e11e380c75deee6d29fef5a9c46efdc7b2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:89:d7:ec:59:44:36:82:90:fb:f5:73:38:b3:
a2:1b:b7:ac:4b:e3:20:dc:5a:75:a0:4e:47:79:88:
42:48:68:25:2a:04:81:77:a6:ec:e7:d3:ae:2b:8c:
0f:05:a5:97:83:6c:24:30:b4:86:90:3f:ad:66:85:
24:77:f0:5f:51:c4:d9:20:40:b0:b8:2d:fc:7a:a1:
1b:69:95:9a:04:78:26:27:f7:23:ef:6c:c3:f3:fc:
af:09:1a:50:7b:fa:31:c6:44:28:7b:cb:b1:3f:31:
79:07:37:26:33:a3:ad:c5:a4:da:33:bc:9c:69:23:
75:c3:dd:45:4b:88:47:33:64:93:af:04:1a:57:25:
0a:51:cb:c3:36:e0:9f:77:26:13:24:c4:99:82:7f:
12:1f:b4:8e:81:43:19:75:a9:52:c3:f9:6f:54:fe:
ed:54:49:d1:7a:3e:79:b9:91:3f:27:b6:e7:f2:ef:
14:d0:c6:0d:bd:61:8f:89:e8:20:02:18:6a:f5:16:
f4:60:62:d8:0c:59:08:d0:31:aa:73:f0:fa:26:c3:
c6:0b:3c:10:f4:55:52:15:ad:51:1f:ac:57:25:44:
59:7a:78:50:1f:88:9b:da:7f:e1:77:b3:6e:97:95:
47:9c:00:55:1b:da:79:47:72:73:a0:dc:2d:cb:16:
74:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:43:E1:1E:38:0C:75:DE:EE:6D:29:FE:F5:A9:C4:6E:FD:C7:B2:FD
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zEPhHjgMdd7ubSn-9anEbv3Hsv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0/24
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
40:85:ab:d2:76:8a:f3:d4:c8:ff:23:97:71:08:5c:24:fe:10:
72:09:f5:71:01:5e:ed:51:f2:38:85:e2:7b:f5:1d:aa:9c:7e:
0a:07:fc:b9:e0:58:dc:8c:f3:a6:f6:fb:ca:93:5c:46:45:7b:
01:49:3e:b4:30:5c:13:58:3b:93:d0:28:db:58:6c:63:bd:30:
14:e5:4d:41:fa:1c:93:72:b9:09:15:1d:b1:80:ac:40:e7:bf:
49:0c:65:ff:96:fe:df:0c:29:d5:f9:3d:6e:e4:fa:36:4a:e2:
35:56:09:b4:39:9e:6c:3a:1e:2b:6f:1d:6c:cb:6c:f9:67:60:
16:ac:46:45:4c:39:fd:76:17:3c:3e:22:dd:aa:53:6d:fc:06:
b0:87:b9:56:4d:7b:95:be:df:a2:e1:53:4c:8d:58:a6:35:aa:
02:dc:49:79:5c:08:20:26:0e:82:d4:a0:b2:6a:5f:d3:95:3e:
2f:b1:18:61:31:5c:6e:0c:6f:82:41:51:dc:41:08:24:8d:cd:
b6:8c:37:21:05:98:4d:ac:90:24:09:97:66:b8:f9:23:e1:53:
94:8d:f4:65:3e:88:18:5d:76:45:9e:a8:47:1f:af:8a:62:d1:
d3:a6:8d:98:93:ca:48:8a:6a:a0:45:68:7d:ba:fb:99:bf:e5:
d6:e4:bd:e5
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYwRXugImqH9oNZE+2NqqcnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMTI3MTUyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQzZTExZTM4MGM3NWRlZWU2ZDI5ZmVmNWE5YzQ2ZWZkYzdiMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwonX7FlENoKQ+/VzOLOiG7esS+Mg
3Fp1oE5HeYhCSGglKgSBd6bs59OuK4wPBaWXg2wkMLSGkD+tZoUkd/BfUcTZIECw
uC38eqEbaZWaBHgmJ/cj72zD8/yvCRpQe/oxxkQoe8uxPzF5BzcmM6OtxaTaM7yc
aSN1w91FS4hHM2STrwQaVyUKUcvDNuCfdyYTJMSZgn8SH7SOgUMZdalSw/lvVP7t
VEnRej55uZE/J7bn8u8U0MYNvWGPieggAhhq9Rb0YGLYDFkI0DGqc/D6JsPGCzwQ
9FVSFa1RH6xXJURZenhQH4ib2n/hd7Nul5VHnABVG9p5R3JzoNwtyxZ0kwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFMxD4R44DHXe7m0p/vWpxG79x7L9MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvekVQaEhqZ01kZDd1YlNuLTlhbkVidjNIc3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqU
AwQATVqZAwQATVq8MAwDBAC55g0DBAC55g4DBADV0YEDBADV0YoDBADV0Y8DBADV
0ZYDBADV0Z0wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IB
AQBAhavSdorz1Mj/I5dxCFwk/hByCfVxAV7tUfI4heJ79R2qnH4KB/y54FjcjPOm
9vvKk1xGRXsBST60MFwTWDuT0CjbWGxjvTAU5U1B+hyTcrkJFR2xgKxA579JDGX/
lv7fDCnV+T1u5Po2SuI1Vgm0OZ5sOh4rbx1sy2z5Z2AWrEZFTDn9dhc8PiLdqlNt
/Aawh7lWTXuVvt+i4VNMjVimNaoC3El5XAggJg6C1KCyal/TlT4vsRhhMVxuDG+C
QVHcQQgkjc22jDchBZhNrJAkCZdmuPkj4VOUjfRlPogYXXZFnqhHH6+KYtHTpo2Y
k8pIimqgRWh9uvuZv+XW5L3l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org