Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/O9XnGWugZSGOthb3b-qDW7DyFV0.roa
File: O9XnGWugZSGOthb3b-qDW7DyFV0.roa (raw, json)
Hash identifier: vKaQvONcvOI7cOUM0rtZmyedgVZ4rFSBvaDCi4LUmzo=
Subject key identifier: 3B:D5:E7:19:6B:A0:65:21:8E:B6:16:F7:6F:EA:83:5B:B0:F2:15:5D
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01924EB1337E82FEC342DD9DEBF295237E7A
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/O9XnGWugZSGOthb3b-qDW7DyFV0.roa
Signing time: Wed 02 Oct 2024 19:24:48 +0000
ROA not before: Wed 02 Oct 2024 19:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.138.0/24 maxlen: 24
109.120.149.0/24 maxlen: 24
109.120.150.0/24 maxlen: 24
109.120.151.0/24 maxlen: 24
109.120.155.0/24 maxlen: 24
109.120.156.0/23 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 13:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:b1:33:7e:82:fe:c3:42:dd:9d:eb:f2:95:23:7e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Oct 2 19:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd5e7196ba065218eb616f76fea835bb0f2155d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:10:8d:67:a1:99:bf:80:2e:c9:41:cd:61:6d:
6f:cb:6c:94:a4:56:f0:46:ed:28:e8:9e:f2:d6:a0:
4a:33:16:63:a2:31:77:58:cd:20:da:ce:36:ce:89:
7d:e7:52:92:66:1b:db:33:b9:3e:99:9a:5f:2e:99:
f4:f5:81:48:70:f5:e3:62:1b:a1:c7:27:0d:0e:14:
20:a1:62:66:ad:4c:65:7a:05:8b:4b:6c:17:fa:a3:
1e:66:e5:d0:54:67:25:eb:c0:58:79:31:fc:a8:8e:
8e:04:d5:34:56:86:e0:e0:b3:d7:1f:e5:47:cf:7e:
b1:bd:13:8f:aa:90:e7:aa:c0:df:00:f8:73:3e:91:
db:83:99:b2:1b:21:45:42:f6:d2:e2:f3:3a:02:86:
df:75:e5:38:93:39:be:6b:bc:a9:c7:43:38:6e:1e:
54:ce:14:9d:0f:03:e3:1e:5e:9c:78:fa:b0:12:0d:
c0:77:d0:1c:84:2e:42:ef:64:c4:26:d5:7e:6e:e5:
18:03:cd:6d:04:4c:77:53:33:4d:29:65:9b:72:53:
15:42:f3:8d:e1:e1:6e:d1:1b:e3:87:76:69:7a:d4:
cd:f0:de:80:fa:5d:d6:57:77:5b:91:33:ff:57:2b:
d2:fb:a1:8d:7d:11:a4:c8:53:4b:e6:1e:63:0f:5c:
f0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D5:E7:19:6B:A0:65:21:8E:B6:16:F7:6F:EA:83:5B:B0:F2:15:5D
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/O9XnGWugZSGOthb3b-qDW7DyFV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.138.0/24
109.120.149.0-109.120.151.255
109.120.155.0-109.120.157.255
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:a6:16:b6:4c:b2:31:3a:24:c4:46:75:70:47:a1:8a:d8:ef:
1b:e7:11:56:ba:3c:ce:85:c5:6e:c6:2b:1a:88:14:a2:c0:56:
23:30:b6:28:02:82:30:4e:76:fe:0f:b2:bd:33:9a:f2:59:ef:
84:aa:7a:8c:b6:8f:80:7f:5a:67:df:bf:5f:45:1b:56:b1:dc:
47:9d:8c:e3:0d:97:6f:bc:ea:39:67:f2:e9:5a:c1:63:31:20:
89:a0:04:84:9d:a8:20:9c:c7:42:5e:01:27:a6:d0:5f:12:69:
ec:1d:2e:d9:c7:cb:ba:80:f4:c3:de:f4:14:ab:50:b4:f6:20:
54:3f:9e:d7:b2:12:a1:6a:31:03:3c:25:42:ee:a3:71:ec:ff:
97:92:b5:06:30:d6:3a:12:61:b4:1c:a9:33:27:7f:47:8f:65:
91:5f:d9:6b:8c:51:60:36:15:95:f4:df:6d:76:68:e4:c8:4a:
81:50:84:3f:b6:38:6b:0f:f0:b5:61:30:03:f7:c9:e1:b2:c3:
cf:0f:51:4d:c1:cd:8a:27:fb:bf:e4:ee:2e:21:0b:d3:fa:ab:
bf:48:5b:08:c8:6a:45:a3:18:2a:3f:e4:79:d2:6d:d7:e8:93:
8a:3b:03:9d:e1:57:48:80:e6:10:07:f3:3a:96:ea:5c:ed:f8:
0f:9a:c7:4a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZJOsTN+gv7DQt2d6/KVI356MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQxMDAyMTkyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ1ZTcxOTZiYTA2NTIxOGViNjE2Zjc2ZmVhODM1YmIwZjIxNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhCNZ6GZv4AuyUHNYW1vy2yUpFbw
Ru0o6J7y1qBKMxZjojF3WM0g2s42zol951KSZhvbM7k+mZpfLpn09YFIcPXjYhuh
xycNDhQgoWJmrUxlegWLS2wX+qMeZuXQVGcl68BYeTH8qI6OBNU0Vobg4LPXH+VH
z36xvROPqpDnqsDfAPhzPpHbg5myGyFFQvbS4vM6AobfdeU4kzm+a7ypx0M4bh5U
zhSdDwPjHl6cePqwEg3Ad9AchC5C72TEJtV+buUYA81tBEx3UzNNKWWbclMVQvON
4eFu0Rvjh3ZpetTN8N6A+l3WV3dbkTP/VyvS+6GNfRGkyFNL5h5jD1zwywIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDvV5xlroGUhjrYW92/qg1uw8hVdMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvTzlYbkdXdWdaU0dPdGhiM2ItcURXN0R5RlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEAwQAbXiKMAwDBABteJUDBANteJAwDAMEAG14mwMEAW14
nAMEAm14sAMEAm14uDANBgkqhkiG9w0BAQsFAAOCAQEAH6YWtkyyMTokxEZ1cEeh
itjvG+cRVro8zoXFbsYrGogUosBWIzC2KAKCME52/g+yvTOa8lnvhKp6jLaPgH9a
Z9+/X0UbVrHcR52M4w2Xb7zqOWfy6VrBYzEgiaAEhJ2oIJzHQl4BJ6bQXxJp7B0u
2cfLuoD0w970FKtQtPYgVD+e17ISoWoxAzwlQu6jcez/l5K1BjDWOhJhtBypMyd/
R49lkV/Za4xRYDYVlfTfbXZo5MhKgVCEP7Y4aw/wtWEwA/fJ4bLDzw9RTcHNiif7
v+TuLiEL0/qrv0hbCMhqRaMYKj/kedJt1+iTijsDneFXSIDmEAfzOpbqXO34D5rH
Sg==
-----END CERTIFICATE-----
Generated at Thu Oct 3 15:33:11 2024 by rpki-client on console-fra.rpki-client.org