Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/8rH6WbmjQ9sC7e7iqc1KkbBqBZs.roa
File: 8rH6WbmjQ9sC7e7iqc1KkbBqBZs.roa (raw, json)
Hash identifier: QVwBX0ASkV1WvNHMdBOzP7bbgIKl9ppGdA7Oln7kUAE=
Subject key identifier: F2:B1:FA:59:B9:A3:43:DB:02:ED:EE:E2:A9:CD:4A:91:B0:6A:05:9B
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E84C7B985703C9724754698550626FC1F
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/8rH6WbmjQ9sC7e7iqc1KkbBqBZs.roa
Signing time: Thu 28 Mar 2024 11:17:45 +0000
ROA not before: Thu 28 Mar 2024 11:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 14:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:c7:b9:85:70:3c:97:24:75:46:98:55:06:26:fc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 28 11:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2b1fa59b9a343db02edeee2a9cd4a91b06a059b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:5f:b2:d8:2b:c8:48:dc:00:f2:02:85:bd:
89:5c:1f:04:72:5a:1f:4a:31:f0:08:44:82:02:5d:
e7:fb:2d:4f:44:2a:dc:b2:8d:be:6b:6b:dc:73:fb:
4d:e6:e5:a1:00:8f:1d:20:02:c4:34:0a:2f:e7:bb:
21:3e:40:fc:7f:1b:d0:30:79:29:51:2b:08:e8:a5:
f5:b4:82:13:7a:6f:7b:01:fb:c3:53:23:81:59:3e:
f0:1d:51:ee:8f:06:da:74:71:b0:e7:bc:db:dd:95:
3b:8f:4d:04:0c:d5:1e:90:e9:79:60:b8:97:41:6b:
fa:2f:89:9f:b8:2b:f7:ac:bd:05:3e:c1:f1:a2:ba:
59:3b:0f:57:50:20:39:d2:96:5d:1c:5f:08:92:85:
f8:fc:6b:af:82:fa:bc:2c:dd:9c:a1:5e:eb:c7:dc:
8d:d6:03:b5:11:32:d7:31:b9:67:72:b5:09:89:3f:
80:6a:8d:96:0f:f7:9d:01:a7:3c:99:4e:96:37:ac:
3b:c5:b3:09:74:f1:71:bd:aa:ba:f9:1a:38:4f:88:
bf:cf:04:0c:f2:38:1e:74:a7:f9:b2:2d:2a:50:a2:
95:51:53:d4:a6:35:a8:ca:fd:2b:34:22:87:56:db:
85:86:a8:39:0a:a8:0b:a2:c4:96:40:a4:c9:6b:5a:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B1:FA:59:B9:A3:43:DB:02:ED:EE:E2:A9:CD:4A:91:B0:6A:05:9B
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/8rH6WbmjQ9sC7e7iqc1KkbBqBZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:13:f5:91:46:7c:4b:6f:87:d3:7b:db:61:5d:f3:a6:c8:e1:
77:84:95:ba:62:49:b5:69:2a:f2:3f:76:48:bc:bd:a2:e6:ac:
c8:10:f0:70:4c:a4:22:3b:da:dc:37:57:88:6f:89:c5:44:49:
af:b6:6c:dd:71:3b:ca:50:1e:61:83:6b:11:44:2f:1a:0e:0f:
56:6d:75:9b:9a:20:be:f1:28:29:06:c4:6a:31:80:23:aa:2d:
8c:28:ab:c2:b1:eb:81:26:88:60:a4:07:f4:2b:d9:dd:ca:18:
bd:20:e7:a8:32:e8:a0:4d:e8:4e:7d:cb:9e:c5:1b:3f:44:35:
d3:b2:14:ac:87:da:04:1a:26:80:e2:12:c7:01:d0:4f:f5:4e:
15:c4:8e:a9:05:d2:76:5c:97:52:88:75:d7:7c:ef:e0:c6:b1:
d7:6a:57:ad:02:2d:f8:ba:18:c1:1b:4e:14:d9:c3:3d:58:39:
03:05:68:80:4b:f8:b3:22:83:29:f8:46:b2:db:07:5b:04:58:
ea:bc:b6:ed:65:5d:7d:af:e9:f1:54:50:74:90:ab:cd:55:55:
84:35:55:84:82:ae:8b:c7:93:70:68:92:00:0c:aa:3f:e1:9d:
4d:2f:2a:7e:5b:d2:68:37:3f:8f:dc:f2:ca:40:2b:5f:a2:0c:
6a:0f:ff:54
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6Ex7mFcDyXJHVGmFUGJvwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzI4MTExNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIxZmE1OWI5YTM0M2RiMDJlZGVlZTJhOWNkNGE5MWIwNmEwNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsshfstgryEjcAPIChb2JXB8Eclof
SjHwCESCAl3n+y1PRCrcso2+a2vcc/tN5uWhAI8dIALENAov57shPkD8fxvQMHkp
USsI6KX1tIITem97AfvDUyOBWT7wHVHujwbadHGw57zb3ZU7j00EDNUekOl5YLiX
QWv6L4mfuCv3rL0FPsHxorpZOw9XUCA50pZdHF8IkoX4/Guvgvq8LN2coV7rx9yN
1gO1ETLXMblncrUJiT+Aao2WD/edAac8mU6WN6w7xbMJdPFxvaq6+Ro4T4i/zwQM
8jgedKf5si0qUKKVUVPUpjWoyv0rNCKHVtuFhqg5CqgLosSWQKTJa1pI9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPKx+lm5o0PbAu3u4qnNSpGwagWbMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvOHJINldibWpROXNDN2U3aXFjMUtrYkJxQlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiwAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQBeE/WRRnxL
b4fTe9thXfOmyOF3hJW6Ykm1aSryP3ZIvL2i5qzIEPBwTKQiO9rcN1eIb4nFREmv
tmzdcTvKUB5hg2sRRC8aDg9WbXWbmiC+8SgpBsRqMYAjqi2MKKvCseuBJohgpAf0
K9ndyhi9IOeoMuigTehOfcuexRs/RDXTshSsh9oEGiaA4hLHAdBP9U4VxI6pBdJ2
XJdSiHXXfO/gxrHXaletAi34uhjBG04U2cM9WDkDBWiAS/izIoMp+Eay2wdbBFjq
vLbtZV19r+nxVFB0kKvNVVWENVWEgq6Lx5NwaJIADKo/4Z1NLyp+W9JoNz+P3PLK
QCtfogxqD/9U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org