Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/0pzHL-sk1GKsA1uUe02QWc2_m2U.roa
File: 0pzHL-sk1GKsA1uUe02QWc2_m2U.roa (raw, json)
Hash identifier: cpBQngD2hdsu6kf+woZy73OTcY+SMMbuzUSYx+PuXQw=
Subject key identifier: D2:9C:C7:2F:EB:24:D4:62:AC:03:5B:94:7B:4D:90:59:CD:BF:9B:65
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E58910DA8EE3469E6EBBD1CFEBDB081D2
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/0pzHL-sk1GKsA1uUe02QWc2_m2U.roa
Signing time: Tue 19 Mar 2024 21:14:44 +0000
ROA not before: Tue 19 Mar 2024 21:14:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.145.0/24 maxlen: 24
77.221.148.0/24 maxlen: 24
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 11:09:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:91:0d:a8:ee:34:69:e6:eb:bd:1c:fe:bd:b0:81:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 19 21:14:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d29cc72feb24d462ac035b947b4d9059cdbf9b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:98:db:89:9a:cf:05:c0:c1:51:ca:2c:59:
8c:f8:cb:fa:f1:ae:92:f2:bc:c8:1d:3e:5c:73:eb:
eb:61:9d:08:87:9c:80:5d:54:f5:f9:c0:f6:e5:9d:
9a:cb:77:69:67:a1:1b:79:80:c1:23:66:78:60:19:
91:36:56:80:2c:85:47:76:b0:e1:4f:1c:41:f2:34:
0f:9c:b5:3b:b9:ba:01:a9:ea:a6:e0:e3:d1:1a:54:
b5:3f:e0:6d:32:45:42:9e:c1:61:28:d6:1c:a7:85:
ca:63:80:b0:4f:c2:11:9f:b0:e2:b4:99:4c:a7:bc:
20:05:c4:43:b7:c9:2c:3b:da:31:e1:6c:4c:a9:4c:
b8:6c:5b:c2:a2:95:f7:6b:ef:d0:06:3c:c8:be:22:
b2:3e:d1:e8:77:d1:59:17:17:9c:f9:2f:71:62:e8:
6f:20:30:e8:74:11:b7:93:78:c0:b7:75:81:2d:b7:
81:70:d8:98:93:d8:e5:57:17:ee:61:e3:a8:cd:5b:
72:25:76:96:7b:b9:04:41:14:c4:b8:dc:40:b5:f0:
38:5a:d5:83:37:b3:aa:68:b1:c6:c2:09:2a:f1:d8:
7a:80:c4:09:1f:a6:db:ff:0e:94:fb:32:54:15:73:
78:9a:3f:0d:cc:0c:b9:35:e1:4b:af:20:ad:f3:1d:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9C:C7:2F:EB:24:D4:62:AC:03:5B:94:7B:4D:90:59:CD:BF:9B:65
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/0pzHL-sk1GKsA1uUe02QWc2_m2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.145.0/24
77.221.148.0/24
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
85:7c:6d:b4:23:92:ca:18:04:28:a3:cd:7b:e7:c4:cc:bf:d5:
2b:38:85:45:7a:9c:89:fa:8a:ef:e6:be:f8:38:cb:d8:08:5b:
11:5d:76:6f:88:f4:15:2b:ab:10:4a:d6:17:c7:22:b6:a2:e0:
00:4a:95:7c:cd:01:9a:5a:22:20:6e:15:57:65:6d:5c:d9:80:
32:e7:df:ea:52:87:e4:53:09:ee:78:da:9c:15:78:79:87:ec:
d8:05:53:5d:95:ae:bf:0d:17:2d:49:c9:b8:ce:0e:8e:1d:6f:
94:86:ba:4e:0d:33:41:cb:aa:32:a9:44:f8:de:e6:fb:fe:82:
10:0f:04:93:de:6b:91:a2:16:87:58:a3:f4:33:06:b7:82:a4:
50:ba:28:72:e0:b4:b9:a5:35:73:04:c9:17:1a:de:ca:13:84:
34:06:eb:8f:d9:52:f2:fc:36:b3:38:4d:9f:20:d7:f0:7f:6d:
12:82:59:b3:f1:d2:e7:06:2a:47:b6:31:46:85:3f:bd:b5:97:
50:70:ea:94:39:c8:3c:98:62:3a:c2:9b:b1:1d:db:69:02:60:
9f:ee:62:1d:f1:7a:7e:aa:43:e0:84:3d:3b:cd:1a:0c:99:96:
b5:db:92:cb:e7:41:53:75:01:75:a7:e6:0b:62:e9:21:25:39:
36:c2:01:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5YkQ2o7jRp5uu9HP69sIHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzE5MjExNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjljYzcyZmViMjRkNDYyYWMwMzViOTQ3YjRkOTA1OWNkYmY5YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrGY24mazwXAwVHKLFmM+Mv68a6S
8rzIHT5cc+vrYZ0Ih5yAXVT1+cD25Z2ay3dpZ6EbeYDBI2Z4YBmRNlaALIVHdrDh
TxxB8jQPnLU7uboBqeqm4OPRGlS1P+BtMkVCnsFhKNYcp4XKY4CwT8IRn7DitJlM
p7wgBcRDt8ksO9ox4WxMqUy4bFvCopX3a+/QBjzIviKyPtHod9FZFxec+S9xYuhv
IDDodBG3k3jAt3WBLbeBcNiYk9jlVxfuYeOozVtyJXaWe7kEQRTEuNxAtfA4WtWD
N7OqaLHGwgkq8dh6gMQJH6bb/w6U+zJUFXN4mj8NzAy5NeFLryCt8x1kpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNKcxy/rJNRirANblHtNkFnNv5tlMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvMHB6SEwtc2sxR0tzQTF1VWUwMlFXYzJfbTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDTd2IAwQA
Td2RAwQATd2UAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQCFfG20I5LKGAQoo817
58TMv9UrOIVFepyJ+orv5r74OMvYCFsRXXZviPQVK6sQStYXxyK2ouAASpV8zQGa
WiIgbhVXZW1c2YAy59/qUofkUwnueNqcFXh5h+zYBVNdla6/DRctScm4zg6OHW+U
hrpODTNBy6oyqUT43ub7/oIQDwST3muRohaHWKP0Mwa3gqRQuihy4LS5pTVzBMkX
Gt7KE4Q0BuuP2VLy/DazOE2fINfwf20Sglmz8dLnBipHtjFGhT+9tZdQcOqUOcg8
mGI6wpuxHdtpAmCf7mId8Xp+qkPghD07zRoMmZa125LL50FTdQF1p+YLYukhJTk2
wgGS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org