Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/AcSkfwzdPj27GpItZrzIW-Yqn5c.roa
File: AcSkfwzdPj27GpItZrzIW-Yqn5c.roa (raw, json)
Hash identifier: Taqm30RcTnzR+PEpm/8X5iKFUUvO9pHGOODINB4FNac=
Subject key identifier: 01:C4:A4:7F:0C:DD:3E:3D:BB:1A:92:2D:66:BC:C8:5B:E6:2A:9F:97
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E567E0C52B40CC079F0A6AD0AC26BF0F1
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/AcSkfwzdPj27GpItZrzIW-Yqn5c.roa
Signing time: Tue 19 Mar 2024 11:34:45 +0000
ROA not before: Tue 19 Mar 2024 11:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.145.0/24 maxlen: 24
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 21:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:7e:0c:52:b4:0c:c0:79:f0:a6:ad:0a:c2:6b:f0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 19 11:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c4a47f0cdd3e3dbb1a922d66bcc85be62a9f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c4:55:73:b0:db:97:b3:e0:40:f3:49:f9:5a:
98:ff:e4:61:49:26:c6:62:49:d1:6f:db:72:90:6f:
cd:f2:7f:25:ef:30:ef:25:a2:90:ce:51:8f:a1:53:
ce:77:06:4a:8e:fe:da:cd:1f:ac:0b:6c:ec:70:c4:
b8:16:c9:b1:92:79:82:2d:e4:0b:0a:2f:82:58:43:
48:c7:56:1f:a4:16:9b:b8:4a:2f:a3:8d:bf:47:cc:
83:74:94:1e:1d:f4:4c:dd:67:0d:a0:1c:6a:dd:71:
bf:e9:4e:80:42:8e:97:ee:ab:7f:c3:5c:70:5e:b0:
34:3a:4d:cf:97:36:a5:0c:fb:7d:d0:bd:06:10:96:
03:5f:e0:d4:04:40:bd:8f:de:c7:e0:1f:58:b9:02:
d4:78:2e:70:9f:19:4b:52:32:ad:36:a6:d7:43:30:
5f:eb:28:81:c0:9a:82:2e:90:82:e8:87:82:58:a4:
96:77:eb:04:3a:b5:15:2b:f6:6f:41:ed:37:8b:91:
f0:66:ee:c3:ce:d5:d9:5f:e3:80:7a:b1:5a:a4:05:
e5:82:a1:71:2b:37:ac:bf:fd:af:85:02:03:7c:d6:
ed:0b:ab:ec:a6:4d:ac:f7:60:df:e6:3c:d6:b9:1c:
3a:06:fe:c5:93:18:21:3a:91:b7:d7:53:27:59:8d:
af:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C4:A4:7F:0C:DD:3E:3D:BB:1A:92:2D:66:BC:C8:5B:E6:2A:9F:97
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/AcSkfwzdPj27GpItZrzIW-Yqn5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.145.0/24
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
03:a6:9a:1d:cf:cb:34:99:17:a9:8a:fa:03:bb:8b:ba:40:86:
93:b3:3d:98:4f:c5:4b:f8:46:66:16:a4:5d:45:30:cf:28:67:
0c:fc:46:8a:f2:fe:d4:7f:6b:6c:06:bd:15:b9:a8:d4:86:1e:
a8:01:1f:f5:3c:92:c7:a9:c4:8c:9c:19:39:27:c7:0c:e6:6f:
62:bb:0d:a4:34:58:f0:aa:46:70:12:e8:05:d6:78:74:5e:85:
8a:28:e3:a2:0d:8c:a8:ff:e7:a7:f0:d5:3b:b9:65:52:8b:ec:
33:dd:c1:4e:06:5e:74:d3:9d:fa:4d:44:50:39:31:f3:bd:3d:
ce:d6:c9:a3:61:91:10:07:d7:75:8a:05:63:71:a8:1b:ee:ff:
c9:a7:b5:34:79:86:7f:4b:1d:81:28:67:79:20:4e:1b:ac:3e:
82:23:e3:ed:00:40:25:72:17:ca:70:13:50:44:13:2c:ae:79:
43:30:b8:b4:65:1a:a5:92:9b:cf:21:3e:8c:65:a8:a7:36:6c:
1f:50:2e:73:07:5f:d7:ac:82:2c:d5:ef:77:2b:c9:01:b1:8c:
ab:af:f3:67:50:79:c5:6c:27:02:27:ce:9d:e6:82:a7:af:d8:
ad:39:97:6d:ba:e6:65:6d:be:9f:3e:35:b2:63:cb:90:f2:73:
76:f4:65:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5WfgxStAzAefCmrQrCa/DxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzE5MTEzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM0YTQ3ZjBjZGQzZTNkYmIxYTkyMmQ2NmJjYzg1YmU2MmE5Zjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8RVc7Dbl7PgQPNJ+VqY/+RhSSbG
YknRb9tykG/N8n8l7zDvJaKQzlGPoVPOdwZKjv7azR+sC2zscMS4FsmxknmCLeQL
Ci+CWENIx1YfpBabuEovo42/R8yDdJQeHfRM3WcNoBxq3XG/6U6AQo6X7qt/w1xw
XrA0Ok3PlzalDPt90L0GEJYDX+DUBEC9j97H4B9YuQLUeC5wnxlLUjKtNqbXQzBf
6yiBwJqCLpCC6IeCWKSWd+sEOrUVK/ZvQe03i5HwZu7DztXZX+OAerFapAXlgqFx
Kzesv/2vhQIDfNbtC6vspk2s92Df5jzWuRw6Bv7FkxghOpG311MnWY2v1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHEpH8M3T49uxqSLWa8yFvmKp+XMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvQWNTa2Z3emRQajI3R3BJdFpyeklXLVlxbjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTd2IAwQA
Td2RAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQADppodz8s0mRepivoDu4u6QIaT
sz2YT8VL+EZmFqRdRTDPKGcM/EaK8v7Uf2tsBr0VuajUhh6oAR/1PJLHqcSMnBk5
J8cM5m9iuw2kNFjwqkZwEugF1nh0XoWKKOOiDYyo/+en8NU7uWVSi+wz3cFOBl50
0536TURQOTHzvT3O1smjYZEQB9d1igVjcagb7v/Jp7U0eYZ/Sx2BKGd5IE4brD6C
I+PtAEAlchfKcBNQRBMsrnlDMLi0ZRqlkpvPIT6MZainNmwfUC5zB1/XrIIs1e93
K8kBsYyrr/NnUHnFbCcCJ86d5oKnr9itOZdtuuZlbb6fPjWyY8uQ8nN29GXq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org