Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/9wvMAJz3dhbqSpGGw5jw5flLwx8.roa
File: 9wvMAJz3dhbqSpGGw5jw5flLwx8.roa (raw, json)
Hash identifier: LW+3OTaWiKyBj22T+ibO9aUw273+nm+rcAACCDFXbT0=
Subject key identifier: F7:0B:CC:00:9C:F7:76:16:EA:4A:91:86:C3:98:F0:E5:F9:4B:C3:1F
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018FA041DFC7DAC435AE6D21D2A36B239021
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/9wvMAJz3dhbqSpGGw5jw5flLwx8.roa
Signing time: Wed 22 May 2024 12:23:42 +0000
ROA not before: Wed 22 May 2024 12:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.150.0/24 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:41:df:c7:da:c4:35:ae:6d:21:d2:a3:6b:23:90:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 22 12:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70bcc009cf77616ea4a9186c398f0e5f94bc31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:95:08:6f:10:bf:45:e2:21:14:34:95:1f:
9a:33:6e:d5:0d:52:6e:ce:89:4d:1a:ed:fe:d2:2c:
4d:bb:f6:62:65:d1:e3:3b:b3:a7:60:3a:3c:e4:7c:
d6:0c:61:1f:3c:df:7d:2c:79:e7:28:1c:57:69:ed:
ce:6d:b5:49:2b:44:87:72:45:8b:5a:12:00:c1:ae:
99:e7:ab:32:67:17:6d:47:a5:30:1a:54:31:96:6a:
99:bc:88:83:91:f6:7c:fb:fe:d0:d0:51:80:33:5b:
00:0c:a2:7f:9a:f9:2e:fd:b9:79:65:fe:46:92:b8:
73:f4:d6:04:fa:18:c0:7e:21:13:d0:4f:4c:db:c5:
cb:b7:7e:5e:25:4e:85:a4:d3:7b:98:cb:6e:fb:3b:
6b:ac:84:58:ab:3a:82:83:0b:fb:8f:18:0c:63:38:
e9:f2:f7:2d:76:4d:96:fa:70:16:1e:36:f7:8c:05:
fd:07:39:5e:5d:65:58:af:6b:6f:8f:d0:85:14:84:
0e:eb:3c:4a:33:fe:11:96:f7:d9:19:93:b3:db:59:
c8:92:c8:01:a0:5e:c6:dc:25:aa:bd:7f:76:69:ed:
d2:ad:c3:7a:2d:e8:b9:f6:69:4e:58:35:de:4a:94:
61:ea:4e:00:21:bc:f1:74:d3:76:31:7b:89:c8:5a:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0B:CC:00:9C:F7:76:16:EA:4A:91:86:C3:98:F0:E5:F9:4B:C3:1F
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/9wvMAJz3dhbqSpGGw5jw5flLwx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.150.0/24
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:f9:71:62:eb:15:91:ef:04:9d:78:a7:a6:8c:1e:7c:ba:fb:
db:64:67:d9:bc:e0:36:89:15:2a:70:7b:47:9f:00:a7:fd:00:
80:3e:90:10:fe:99:a7:bd:e5:b5:ed:c1:53:a3:d9:1a:df:95:
c7:e2:12:92:ac:7c:3e:75:f4:e9:c4:b3:84:9c:fa:17:d6:8e:
df:d6:8d:01:8c:a2:85:69:98:3b:90:5c:8b:8d:5b:2f:bd:83:
28:42:80:ce:c1:52:3f:94:91:6a:1a:b1:77:29:7a:7b:c4:b3:
4f:72:93:57:70:86:fe:8a:85:18:33:c4:7e:3c:3b:17:6e:8e:
fc:f6:32:bd:b8:fa:6d:41:4d:76:f1:db:fb:ad:b0:dc:dc:f8:
be:db:d1:15:29:17:88:ec:44:7f:8a:34:5b:ca:97:71:29:26:
49:e1:f5:18:05:17:8a:9e:c9:4b:66:66:da:dd:e9:62:d7:a2:
84:8a:0b:21:a7:1e:0d:5d:cf:f4:6f:f7:13:e0:de:39:b8:35:
70:1e:5f:bf:ca:d1:4e:6b:db:f2:10:49:03:1f:6e:aa:99:a3:
99:61:5a:b9:08:f6:fc:da:3c:cd:59:8b:94:60:ae:5a:ee:fd:
32:f4:c5:b9:15:e7:96:60:e0:cb:ae:13:47:7d:a1:08:55:b2:
3f:90:94:56
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+gQd/H2sQ1rm0h0qNrI5AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNTIyMTIyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBiY2MwMDljZjc3NjE2ZWE0YTkxODZjMzk4ZjBlNWY5NGJjMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtKVCG8Qv0XiIRQ0lR+aM27VDVJu
zolNGu3+0ixNu/ZiZdHjO7OnYDo85HzWDGEfPN99LHnnKBxXae3ObbVJK0SHckWL
WhIAwa6Z56syZxdtR6UwGlQxlmqZvIiDkfZ8+/7Q0FGAM1sADKJ/mvku/bl5Zf5G
krhz9NYE+hjAfiET0E9M28XLt35eJU6FpNN7mMtu+ztrrIRYqzqCgwv7jxgMYzjp
8vctdk2W+nAWHjb3jAX9BzleXWVYr2tvj9CFFIQO6zxKM/4RlvfZGZOz21nIksgB
oF7G3CWqvX92ae3SrcN6Lei59mlOWDXeSpRh6k4AIbzxdNN2MXuJyFpavwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPcLzACc93YW6kqRhsOY8OX5S8MfMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvOXd2TUFKejNkaGJxU3BHR3c1anc1ZmxMd3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEAwQAbXiWAwQCbXiwAwQCbXi4MA0GCSqGSIb3DQEBCwUA
A4IBAQCo+XFi6xWR7wSdeKemjB58uvvbZGfZvOA2iRUqcHtHnwCn/QCAPpAQ/pmn
veW17cFTo9ka35XH4hKSrHw+dfTpxLOEnPoX1o7f1o0BjKKFaZg7kFyLjVsvvYMo
QoDOwVI/lJFqGrF3KXp7xLNPcpNXcIb+ioUYM8R+PDsXbo789jK9uPptQU128dv7
rbDc3Pi+29EVKReI7ER/ijRbypdxKSZJ4fUYBReKnslLZmba3eli16KEigshpx4N
Xc/0b/cT4N45uDVwHl+/ytFOa9vyEEkDH26qmaOZYVq5CPb82jzNWYuUYK5a7v0y
9MW5FeeWYODLrhNHfaEIVbI/kJRW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org