Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/PDxu69nrEegwys0ARU5N_mHiS6g.roa
File: PDxu69nrEegwys0ARU5N_mHiS6g.roa (raw, json)
Hash identifier: IVVFj3zX9bfIk8dHS/sd3F2iUnuJrTQgeVScFaZQNPo=
Subject key identifier: 3C:3C:6E:EB:D9:EB:11:E8:30:CA:CD:00:45:4E:4D:FE:61:E2:4B:A8
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018FD58757F20BEA5933A03DC289192D7C5E
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/PDxu69nrEegwys0ARU5N_mHiS6g.roa
Signing time: Sat 01 Jun 2024 20:39:27 +0000
ROA not before: Sat 01 Jun 2024 20:39:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 77.221.145.0/24 maxlen: 24
92.243.74.0/24 maxlen: 24
92.243.75.0/24 maxlen: 24
109.120.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 06:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d5:87:57:f2:0b:ea:59:33:a0:3d:c2:89:19:2d:7c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jun 1 20:39:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3c6eebd9eb11e830cacd00454e4dfe61e24ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2e:a8:28:d7:ba:17:0b:5a:db:9e:22:fb:f4:
e0:e0:a9:61:43:55:ec:c2:e1:0c:93:d2:96:c7:d3:
90:2e:da:08:9f:70:bc:44:e1:74:29:66:06:bc:3b:
04:b9:df:38:18:a6:69:7c:d3:80:bc:51:a2:d4:d4:
50:2c:af:4d:73:e8:da:18:23:55:d0:56:a1:5c:9b:
6d:f0:79:99:fe:62:94:d0:e8:b9:71:75:91:bd:1e:
37:92:fb:5f:a7:3b:19:e4:1d:1b:a1:13:c7:7d:c9:
94:c1:ff:60:6b:9a:20:13:29:2e:76:8e:fd:6f:bd:
14:e1:8f:86:09:84:14:5a:0e:f7:bd:1c:6d:c3:be:
3a:4c:7f:aa:79:42:60:fe:85:fb:71:4d:47:aa:4f:
f8:b0:91:5c:78:0b:a8:f5:98:ea:90:46:86:85:4e:
69:86:fd:fe:3a:30:f6:6c:71:0d:78:f4:56:6b:fc:
7a:53:53:39:39:eb:26:2e:0f:ff:84:55:23:f8:39:
6a:ca:68:e1:41:44:3e:bd:7d:39:6e:2e:a2:ea:95:
86:df:3e:a2:d1:28:94:f6:ff:ff:21:ee:8a:f2:c3:
15:f7:6b:26:14:e6:a2:fa:10:cf:ea:9c:6c:95:85:
ba:8c:0b:64:2a:8e:da:ac:70:66:e8:75:0d:4d:1b:
e9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:6E:EB:D9:EB:11:E8:30:CA:CD:00:45:4E:4D:FE:61:E2:4B:A8
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/PDxu69nrEegwys0ARU5N_mHiS6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.145.0/24
92.243.74.0/23
109.120.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:33:65:83:e1:63:e4:e3:d0:7f:88:59:52:03:97:b3:6e:46:
55:de:0d:6d:06:08:f8:ec:2e:ce:6e:97:30:42:c5:27:f9:0d:
80:72:17:e6:7a:a9:dd:58:03:44:cb:6f:2d:e7:c5:b3:70:95:
72:bb:6c:98:c3:a8:33:70:81:e4:17:eb:ab:e9:42:b6:29:dc:
a8:81:29:0d:ec:d3:48:3b:53:f9:5a:1f:fc:a5:4b:20:40:95:
56:27:3b:7e:9d:d6:e7:54:89:3c:a8:89:c8:32:ea:6c:f4:ef:
4c:1f:1d:89:bc:e6:8b:ec:6e:d6:fb:20:94:60:0d:26:68:c8:
76:e4:df:ea:a0:8a:a6:4e:be:8c:36:44:1e:09:6d:0e:9a:e6:
af:75:27:51:5f:7a:8e:81:0b:b2:6b:21:a7:7a:ee:40:b7:c8:
4d:eb:a5:1b:ad:69:bd:e6:2e:78:d4:4c:b0:f4:ed:42:89:09:
76:c8:ec:6e:9d:6c:25:39:b7:26:e1:bd:77:70:c7:7a:5f:de:
1a:d5:fb:fd:ce:e7:d1:19:5c:ca:0c:4b:20:4d:e3:bd:7c:00:
70:c1:2e:b4:18:aa:2d:67:48:34:ed:ce:c5:ff:f0:33:82:98:
b8:60:1a:0a:9d:c9:a7:80:83:e5:a3:03:f4:82:c8:66:d2:bc:
ae:6b:71:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/Vh1fyC+pZM6A9wokZLXxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNjAxMjAzOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNjNmVlYmQ5ZWIxMWU4MzBjYWNkMDA0NTRlNGRmZTYxZTI0YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy6oKNe6Fwta254i+/Tg4KlhQ1Xs
wuEMk9KWx9OQLtoIn3C8ROF0KWYGvDsEud84GKZpfNOAvFGi1NRQLK9Nc+jaGCNV
0FahXJtt8HmZ/mKU0Oi5cXWRvR43kvtfpzsZ5B0boRPHfcmUwf9ga5ogEykudo79
b70U4Y+GCYQUWg73vRxtw746TH+qeUJg/oX7cU1Hqk/4sJFceAuo9ZjqkEaGhU5p
hv3+OjD2bHENePRWa/x6U1M5OesmLg//hFUj+DlqymjhQUQ+vX05bi6i6pWG3z6i
0SiU9v//Ie6K8sMV92smFOai+hDP6pxslYW6jAtkKo7arHBm6HUNTRvpnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDw8buvZ6xHoMMrNAEVOTf5h4kuoMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvUER4dTY5bnJFZWd3eXMwQVJVNU5fbUhpUzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATd2RAwQB
XPNKAwQAbXiZMA0GCSqGSIb3DQEBCwUAA4IBAQC1M2WD4WPk49B/iFlSA5ezbkZV
3g1tBgj47C7ObpcwQsUn+Q2AchfmeqndWANEy28t58WzcJVyu2yYw6gzcIHkF+ur
6UK2KdyogSkN7NNIO1P5Wh/8pUsgQJVWJzt+ndbnVIk8qInIMups9O9MHx2JvOaL
7G7W+yCUYA0maMh25N/qoIqmTr6MNkQeCW0OmuavdSdRX3qOgQuyayGneu5At8hN
66UbrWm95i541Eyw9O1CiQl2yOxunWwlObcm4b13cMd6X94a1fv9zufRGVzKDEsg
TeO9fABwwS60GKotZ0g07c7F//Azgpi4YBoKncmngIPlowP0gshm0ryua3EJ
-----END CERTIFICATE-----
Generated at Mon Sep 30 08:54:03 2024 by rpki-client on console-ams.rpki-client.org