Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zTbNHoI4DxiyC7wxVEsx84Bwa0s.roa
File: zTbNHoI4DxiyC7wxVEsx84Bwa0s.roa (raw, json)
Hash identifier: ifeoLdhUfIq4ClTUg4hDfCXrfuS7gT5I6+upFdLO+1w=
Subject key identifier: CD:36:CD:1E:82:38:0F:18:B2:0B:BC:31:54:4B:31:F3:80:70:6B:4B
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018C64307462EAEAD2D29DC909D8ED5E1A55
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zTbNHoI4DxiyC7wxVEsx84Bwa0s.roa
Signing time: Wed 13 Dec 2023 17:19:06 +0000
ROA not before: Wed 13 Dec 2023 17:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.129.0/24 maxlen: 24
77.90.128.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
77.90.188.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.145.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.154.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.145.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 15 Dec 2023 15:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:30:74:62:ea:ea:d2:d2:9d:c9:09:d8:ed:5e:1a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 13 17:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd36cd1e82380f18b20bbc31544b31f380706b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:0b:12:21:50:4a:ed:9e:f0:62:78:43:7f:
c1:07:bc:57:f5:05:55:a3:60:82:49:88:38:47:ee:
10:ce:7e:c9:f4:7a:85:e7:79:4b:1a:78:ab:4a:35:
b2:be:b4:41:9d:f7:0d:31:35:8c:79:e6:87:52:0c:
b6:58:49:75:8c:57:8d:e2:67:ef:c2:99:cc:e7:a1:
2a:1d:4d:b9:89:d8:48:03:c9:33:41:17:3a:d0:16:
05:c3:44:71:91:1e:da:d2:29:88:57:e8:eb:6c:b2:
6f:df:40:d0:74:93:5f:c9:09:5b:b8:0d:fe:0b:57:
59:6d:8f:75:51:d3:2d:68:ff:54:77:1e:3a:29:8b:
7e:70:5e:ef:d9:73:e1:58:ab:98:c8:be:cc:0d:b8:
95:81:17:37:7f:c7:1c:60:48:6a:fa:c9:91:b9:0a:
2c:4b:41:d1:e2:13:3b:10:b9:ee:19:0e:78:13:45:
e3:41:cd:9b:ec:67:d6:77:8e:0f:e2:4f:23:6c:56:
fa:4c:29:19:3e:05:8e:5f:41:e0:79:2e:c9:f8:30:
db:37:c5:88:e3:41:f8:a7:14:28:39:0b:80:9c:3d:
34:8f:93:70:db:58:8a:59:08:22:34:33:63:90:54:
5b:de:a8:b6:9f:75:a2:f9:fb:eb:c2:4d:a9:2b:c2:
60:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:36:CD:1E:82:38:0F:18:B2:0B:BC:31:54:4B:31:F3:80:70:6B:4B
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zTbNHoI4DxiyC7wxVEsx84Bwa0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.140.0/24
77.90.142.0-77.90.148.255
77.90.153.0-77.90.154.255
77.90.188.0/24
185.230.13.0-185.230.14.255
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.145.0/24
213.209.150.0/24
213.209.157.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
7e:94:3e:95:67:22:49:da:a2:d6:e9:ba:42:d6:dc:ad:a1:a0:
43:9f:ce:15:41:81:5b:02:21:5c:9f:2e:03:f1:bf:d8:6c:25:
e6:b5:3b:f9:e6:b0:bd:27:41:43:e9:0a:20:84:67:11:40:ad:
4e:a5:8c:60:b0:41:c4:9c:6a:cf:1f:83:85:3a:10:ad:e5:aa:
98:2d:a1:08:76:85:57:05:20:db:17:27:e2:94:77:bb:98:93:
0d:a2:81:da:08:dc:fa:b6:e1:05:60:3e:90:fe:22:8d:8e:11:
76:19:ed:93:af:2a:49:58:57:8e:ae:ab:34:55:82:05:c8:e4:
c7:8f:bc:96:33:71:31:ca:43:6e:7f:b7:0d:c7:8a:fa:0d:db:
29:e2:2a:2e:be:e6:c1:9d:f1:f5:66:fd:33:dd:15:e2:f4:93:
ed:ce:e8:f1:9e:c8:61:a5:9f:1a:fd:7f:51:6f:8a:ee:e4:be:
d0:97:2a:4e:35:2f:4f:05:0d:59:59:da:84:3e:ad:69:9c:92:
51:c4:ce:51:b6:70:93:4d:cf:15:8d:e8:b3:89:36:77:2b:9b:
81:77:ba:c3:2b:7f:e2:79:12:df:8a:63:2b:ee:c7:8e:5d:ae:
b8:ef:28:df:7b:59:aa:63:6b:e5:a2:0f:52:c9:d3:61:43:f5:
5f:86:12:79
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYxkMHRi6urS0p3JCdjtXhpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMjEzMTcxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDM2Y2QxZTgyMzgwZjE4YjIwYmJjMzE1NDRiMzFmMzgwNzA2YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfkLEiFQSu2e8GJ4Q3/BB7xX9QVV
o2CCSYg4R+4Qzn7J9HqF53lLGnirSjWyvrRBnfcNMTWMeeaHUgy2WEl1jFeN4mfv
wpnM56EqHU25idhIA8kzQRc60BYFw0RxkR7a0imIV+jrbLJv30DQdJNfyQlbuA3+
C1dZbY91UdMtaP9Udx46KYt+cF7v2XPhWKuYyL7MDbiVgRc3f8ccYEhq+smRuQos
S0HR4hM7ELnuGQ54E0XjQc2b7GfWd44P4k8jbFb6TCkZPgWOX0HgeS7J+DDbN8WI
40H4pxQoOQuAnD00j5Nw21iKWQgiNDNjkFRb3qi2n3Wi+fvrwk2pK8JgnwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFM02zR6COA8Ysgu8MVRLMfOAcGtLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvelRiTkhvSTREeGl5Qzd3eFZFc3g4NEJ3YTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBggQCAAEwfDAMAwQH
TVqAAwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogDBABNWowwDAMEAU1ajgMEAE1a
lDAMAwQATVqZAwQATVqaAwQATVq8MAwDBAC55g0DBAC55g4DBADV0YEDBADV0YoD
BADV0Y8DBADV0ZEDBADV0ZYDBADV0Z0wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0G
CSqGSIb3DQEBCwUAA4IBAQB+lD6VZyJJ2qLW6bpC1tytoaBDn84VQYFbAiFcny4D
8b/YbCXmtTv55rC9J0FD6QoghGcRQK1OpYxgsEHEnGrPH4OFOhCt5aqYLaEIdoVX
BSDbFyfilHe7mJMNooHaCNz6tuEFYD6Q/iKNjhF2Ge2TrypJWFeOrqs0VYIFyOTH
j7yWM3ExykNuf7cNx4r6Ddsp4iouvubBnfH1Zv0z3RXi9JPtzujxnshhpZ8a/X9R
b4ru5L7QlypONS9PBQ1ZWdqEPq1pnJJRxM5RtnCTTc8VjeiziTZ3K5uBd7rDK3/i
eRLfimMr7seOXa647yjfe1mqY2vlog9SydNhQ/VfhhJ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:06 2024 by rpki-client on console-fra.rpki-client.org