Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3DlvPYXTlBGCVjqiASzo_k4oVmg.roa
File: 3DlvPYXTlBGCVjqiASzo_k4oVmg.roa (raw, json)
Hash identifier: 9xucs1iMDmQurdlyDJaPQ1p49TDdfSXpVT6zBO04RFQ=
Subject key identifier: DC:39:6F:3D:85:D3:94:11:82:56:3A:A2:01:2C:E8:FE:4E:28:56:68
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018FBC2E4FED0A3A0B2EFD199736728252D2
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3DlvPYXTlBGCVjqiASzo_k4oVmg.roa
Signing time: Mon 27 May 2024 22:31:42 +0000
ROA not before: Mon 27 May 2024 22:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 77.221.151.0/24 maxlen: 24
109.120.154.0/24 maxlen: 24
109.120.156.0/24 maxlen: 24
109.120.158.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 07:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bc:2e:4f:ed:0a:3a:0b:2e:fd:19:97:36:72:82:52:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 27 22:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc396f3d85d3941182563aa2012ce8fe4e285668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:98:c0:9f:5f:80:86:f0:9f:65:26:8b:e2:33:
2a:b4:b3:da:60:69:8e:10:54:df:0c:bc:8a:9b:7d:
f2:59:18:c3:97:9b:f9:73:71:30:0b:4e:b0:e6:c9:
f3:5b:51:ad:91:72:03:ed:8d:e9:cb:70:15:f3:c4:
cb:28:4e:ee:04:8e:0d:9a:9b:72:c6:e4:91:35:08:
e1:c2:9c:21:46:3c:93:fc:b8:a8:1d:02:a4:7c:b4:
26:35:a6:01:47:45:ed:b8:cc:1a:83:1a:bc:99:2c:
5c:7f:07:7f:64:ec:93:ba:8a:6a:e1:cd:7c:35:5d:
1b:b6:be:2f:22:6f:f3:7a:94:7d:5b:8f:92:48:16:
06:9b:c6:a5:61:0d:03:84:18:5d:48:1c:4a:dd:9e:
95:bd:8f:0a:b2:82:6b:99:5f:36:94:c7:4c:05:98:
66:79:4f:ea:f7:a6:40:1c:c6:d4:10:61:fe:07:c6:
ac:7c:71:27:ef:77:1f:34:52:8b:a8:5d:23:e1:cf:
c1:91:a1:83:51:8e:a5:b6:29:52:e1:a7:52:cd:15:
da:d8:c5:a0:67:c1:0f:27:f0:94:38:f1:84:8c:05:
09:93:ff:8b:db:60:80:25:23:e1:32:f5:7e:0f:1d:
f4:9b:00:e0:74:4e:ba:b0:58:69:d2:c0:fb:93:23:
c4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:39:6F:3D:85:D3:94:11:82:56:3A:A2:01:2C:E8:FE:4E:28:56:68
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3DlvPYXTlBGCVjqiASzo_k4oVmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.151.0/24
109.120.154.0/24
109.120.156.0/24
109.120.158.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:f4:65:eb:77:e1:02:c7:e7:e0:33:f5:54:36:6f:cb:c6:46:
39:91:cf:5c:cb:03:72:3d:6e:57:b4:03:41:0f:36:5a:80:a0:
d4:bb:af:22:44:3f:56:89:b4:59:71:62:44:e5:dc:d7:7c:60:
a9:53:85:2b:f4:74:7d:51:89:c4:c7:27:2c:f7:55:b6:21:46:
a9:3d:99:85:3c:5e:d8:a3:3d:d9:29:fc:ed:77:23:18:68:3b:
e8:c1:09:03:31:cd:88:8c:b5:11:13:69:57:c8:3b:4b:59:2d:
34:b0:a7:6d:1a:50:80:de:f6:07:13:ce:67:e9:b9:94:75:8a:
d6:86:ea:c3:8a:82:a8:5a:79:11:a1:42:48:42:22:b9:8d:36:
f9:41:85:0e:5e:fa:2f:23:98:e2:46:3a:12:53:20:4d:71:4d:
66:a6:f1:30:1f:a3:f0:10:3f:c1:41:70:17:63:52:43:03:83:
6f:12:17:b0:f6:8f:d7:5d:55:04:64:a9:3f:52:d2:1c:c7:38:
fe:09:63:59:9b:0b:43:b7:8f:e6:3c:34:38:0b:af:4d:19:3c:
76:9b:6d:6d:82:47:91:da:69:06:21:c5:69:ed:a5:eb:dc:ae:
6c:17:aa:44:ca:e5:4f:3a:43:45:57:1b:71:12:8d:88:72:18:
a3:86:2f:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+8Lk/tCjoLLv0ZlzZyglLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNTI3MjIzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM5NmYzZDg1ZDM5NDExODI1NjNhYTIwMTJjZThmZTRlMjg1NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75jAn1+AhvCfZSaL4jMqtLPaYGmO
EFTfDLyKm33yWRjDl5v5c3EwC06w5snzW1GtkXID7Y3py3AV88TLKE7uBI4Nmpty
xuSRNQjhwpwhRjyT/LioHQKkfLQmNaYBR0XtuMwagxq8mSxcfwd/ZOyTuopq4c18
NV0btr4vIm/zepR9W4+SSBYGm8alYQ0DhBhdSBxK3Z6VvY8KsoJrmV82lMdMBZhm
eU/q96ZAHMbUEGH+B8asfHEn73cfNFKLqF0j4c/BkaGDUY6ltilS4adSzRXa2MWg
Z8EPJ/CUOPGEjAUJk/+L22CAJSPhMvV+Dx30mwDgdE66sFhp0sD7kyPEwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNw5bz2F05QRglY6ogEs6P5OKFZoMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvM0RsdlBZWFRsQkdDVmpxaUFTem9fazRvVm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATd2XAwQA
bXiaAwQAbXicAwQBbXieMA0GCSqGSIb3DQEBCwUAA4IBAQCM9GXrd+ECx+fgM/VU
Nm/LxkY5kc9cywNyPW5XtANBDzZagKDUu68iRD9WibRZcWJE5dzXfGCpU4Ur9HR9
UYnExycs91W2IUapPZmFPF7Yoz3ZKfztdyMYaDvowQkDMc2IjLURE2lXyDtLWS00
sKdtGlCA3vYHE85n6bmUdYrWhurDioKoWnkRoUJIQiK5jTb5QYUOXvovI5jiRjoS
UyBNcU1mpvEwH6PwED/BQXAXY1JDA4NvEhew9o/XXVUEZKk/UtIcxzj+CWNZmwtD
t4/mPDQ4C69NGTx2m21tgkeR2mkGIcVp7aXr3K5sF6pEyuVPOkNFVxtxEo2Ichij
hi9x
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:40:21 2024 by rpki-client on console-ams.rpki-client.org