Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XLaxm6gBbwdD9XExve_3P5v7f8c.roa
File: XLaxm6gBbwdD9XExve_3P5v7f8c.roa (raw, json)
Hash identifier: n/0nJO1EES7YbV1ViPd2FX2JQnapzAtQu4g/WLdgDyw=
Subject key identifier: 5C:B6:B1:9B:A8:01:6F:07:43:F5:71:31:BD:EF:F7:3F:9B:FB:7F:C7
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0194ADDEC9C3DECB59EB647F076B44EA59D9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XLaxm6gBbwdD9XExve_3P5v7f8c.roa
Signing time: Tue 28 Jan 2025 17:04:06 +0000
ROA not before: Tue 28 Jan 2025 17:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.153.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.129.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.150.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 15:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:de:c9:c3:de:cb:59:eb:64:7f:07:6b:44:ea:59:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 28 17:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cb6b19ba8016f0743f57131bdeff73f9bfb7fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d9:5d:53:65:58:5e:80:76:c9:c8:7b:9e:db:
7f:ac:58:32:3d:0a:07:2c:df:e9:08:d0:05:bc:34:
f3:1f:30:f1:64:48:a8:64:79:dc:80:f1:5a:8a:e2:
10:53:05:40:9d:8c:3d:b2:7b:d1:9d:bf:12:ec:6a:
d8:3d:88:14:6d:85:6b:48:a2:1b:26:ce:dd:fe:d8:
a5:13:95:67:e3:b1:ec:06:7d:8d:51:f5:55:8a:d0:
bb:cc:95:a7:50:f9:c1:2a:e6:7f:d4:9a:93:b3:22:
0c:a7:f9:b9:dd:6b:5d:7b:43:fc:25:8c:00:02:fb:
84:74:6c:90:c9:8d:aa:f1:2e:5f:52:28:c7:5c:04:
19:c2:1d:1a:82:7a:b7:e5:ee:9a:75:03:fe:0f:fa:
56:a0:05:f0:63:75:86:54:60:56:13:b6:ef:14:6b:
7d:37:c7:72:86:b5:15:f0:6e:8c:00:2e:d2:8c:d4:
ab:76:52:d0:10:74:c1:d0:b1:db:f0:5c:35:14:cc:
09:cd:db:f1:79:36:76:58:cb:5d:14:3f:bf:1d:d8:
5c:92:e3:0c:cb:c4:cf:21:01:05:4c:b1:c3:df:42:
99:17:b4:fd:dd:d9:79:4b:d7:00:40:9c:35:fb:60:
39:0c:74:85:f1:54:7b:4f:ef:2f:c5:00:f5:ae:51:
e6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B6:B1:9B:A8:01:6F:07:43:F5:71:31:BD:EF:F7:3F:9B:FB:7F:C7
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/XLaxm6gBbwdD9XExve_3P5v7f8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.153.0/24
77.90.164.0/24
213.209.129.0/24
213.209.138.0/24
213.209.143.0/24
213.209.150.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
42:97:95:d8:dd:aa:d9:ab:e3:c3:1e:ef:57:83:9b:34:b5:ca:
aa:b9:83:a2:73:1b:0a:ec:1d:75:e7:b6:0d:24:67:69:b4:18:
aa:48:3f:37:4f:cc:1e:2b:96:0d:ab:d6:60:f8:87:59:f3:61:
6c:56:ef:54:52:f7:b7:a8:9a:56:df:aa:47:e4:82:d5:04:fc:
a2:2a:81:1a:8f:76:3e:70:28:5a:4d:07:8e:93:6d:4d:e0:8c:
40:87:80:31:53:e1:d9:0d:ad:ca:50:64:ef:dc:66:97:18:98:
24:ca:7d:36:62:f6:87:f7:6f:10:4e:6c:6f:2a:8e:c8:73:d5:
9e:4b:8e:34:3f:26:68:30:c6:0d:aa:59:28:34:e0:9e:b3:7c:
e9:62:fe:88:84:f7:fa:b4:7f:89:4f:e5:c3:7a:2a:6f:13:74:
b7:5e:d1:dc:2a:44:70:b8:79:2d:f6:b8:d8:e6:ff:c9:dd:8b:
80:a4:3c:0f:f6:6c:78:e1:e6:72:2c:72:77:ac:87:e3:a8:3d:
72:fc:21:92:9b:f2:e8:7a:01:ab:e8:28:2e:4b:f9:3d:d9:25:
ac:c5:33:ee:20:6c:eb:52:3a:fd:10:38:ae:55:98:8d:05:69:
34:e6:97:1f:0d:16:30:14:4c:3c:7a:38:8f:46:35:27:b0:86:
8d:db:2f:a5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZSt3snD3stZ62R/B2tE6lnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTI4MTcwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I2YjE5YmE4MDE2ZjA3NDNmNTcxMzFiZGVmZjczZjliZmI3ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dldU2VYXoB2ych7ntt/rFgyPQoH
LN/pCNAFvDTzHzDxZEioZHncgPFaiuIQUwVAnYw9snvRnb8S7GrYPYgUbYVrSKIb
Js7d/tilE5Vn47HsBn2NUfVVitC7zJWnUPnBKuZ/1JqTsyIMp/m53Wtde0P8JYwA
AvuEdGyQyY2q8S5fUijHXAQZwh0agnq35e6adQP+D/pWoAXwY3WGVGBWE7bvFGt9
N8dyhrUV8G6MAC7SjNSrdlLQEHTB0LHb8Fw1FMwJzdvxeTZ2WMtdFD+/HdhckuMM
y8TPIQEFTLHD30KZF7T93dl5S9cAQJw1+2A5DHSF8VR7T+8vxQD1rlHmhwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFFy2sZuoAW8HQ/VxMb3v9z+b+3/HMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWExheG02Z0Jid2REOVhFeHZlXzNQNXY3ZjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwMAwDBAdN
WoADBABNWoIwDAMEAk1ahAMEAE1ahgMEAU1aiDAMAwQATVqLAwQATVqMMAwDBAFN
Wo4DBABNWpAwDAMEAU1akgMEAE1alAMEAE1amQMEAE1apAMEANXRgQMEANXRigME
ANXRjwMEANXRljAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQAD
ggEBAEKXldjdqtmr48Me71eDmzS1yqq5g6JzGwrsHXXntg0kZ2m0GKpIPzdPzB4r
lg2r1mD4h1nzYWxW71RS97eomlbfqkfkgtUE/KIqgRqPdj5wKFpNB46TbU3gjECH
gDFT4dkNrcpQZO/cZpcYmCTKfTZi9of3bxBObG8qjshz1Z5LjjQ/Jmgwxg2qWSg0
4J6zfOli/oiE9/q0f4lP5cN6Km8TdLde0dwqRHC4eS32uNjm/8ndi4CkPA/2bHjh
5nIscnesh+OoPXL8IZKb8uh6AavoKC5L+T3ZJazFM+4gbOtSOv0QOK5VmI0FaTTm
lx8NFjAUTDx6OI9GNSewho3bL6U=
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:34:54 2025 by rpki-client