Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/TrTRZEOK2I756WnYhhKTVT5KPsU.roa
File: TrTRZEOK2I756WnYhhKTVT5KPsU.roa (raw, json)
Hash identifier: JR8sifhKavOyDt7LWGwDbhJRjPFnbmIIJJBIQa8tCtc=
Subject key identifier: 4E:B4:D1:64:43:8A:D8:8E:F9:E9:69:D8:86:12:93:55:3E:4A:3E:C5
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E314368E3CAF37A97578AB85193174530
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/TrTRZEOK2I756WnYhhKTVT5KPsU.roa
Signing time: Tue 12 Mar 2024 06:04:45 +0000
ROA not before: Tue 12 Mar 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:36:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:43:68:e3:ca:f3:7a:97:57:8a:b8:51:93:17:45:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 12 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eb4d164438ad88ef9e969d8861293553e4a3ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a2:7f:e3:6f:79:32:56:86:78:d1:96:d5:72:
35:05:58:8a:5f:4a:4f:af:d1:68:74:75:0b:b0:f9:
09:5f:79:be:f2:09:3e:84:b9:39:55:c9:07:f9:90:
8e:dd:1e:96:a4:bb:d7:45:40:d5:0f:2c:60:65:c5:
84:77:ca:a3:b3:5b:b5:9d:16:7b:2c:10:db:b7:50:
94:73:ae:0c:9b:a4:ca:1e:fd:6d:ed:23:c3:ec:61:
46:17:e1:74:14:96:37:7a:62:e0:71:2a:45:4e:b6:
53:f9:a4:25:f5:85:4a:9d:9f:18:49:ed:87:b1:eb:
b0:91:a3:6d:2a:c1:e1:1f:a7:6e:46:6b:bf:38:5d:
62:8c:2f:0a:7f:5a:b4:f7:56:fe:7a:2b:c4:fe:19:
c9:ac:5c:2a:fc:eb:48:0c:2c:c9:2a:07:3f:36:2f:
29:21:89:6b:ae:8e:97:3e:ff:12:b3:17:76:d2:83:
f6:57:a8:56:de:a6:83:b8:f2:65:aa:3b:7e:ca:51:
5f:cb:68:be:4d:0f:62:33:b9:f7:58:cb:bc:31:64:
52:36:eb:56:81:05:8d:a1:c8:ec:64:53:10:83:a2:
98:41:65:a1:1b:76:fb:4e:43:0f:4a:26:42:67:cb:
c0:b6:f5:a5:35:81:69:71:c7:ef:ad:75:ad:fe:cf:
07:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B4:D1:64:43:8A:D8:8E:F9:E9:69:D8:86:12:93:55:3E:4A:3E:C5
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/TrTRZEOK2I756WnYhhKTVT5KPsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:ce:b9:b0:20:f6:2d:ea:e1:ab:f1:e1:bd:9a:61:f8:0e:66:
70:70:5f:d8:c2:94:57:b9:88:eb:82:52:66:7c:fe:b8:1e:66:
0b:43:f9:b3:6c:2d:a6:69:5e:90:c7:ab:9f:0c:4b:55:62:ea:
f5:df:2c:d8:be:5d:5e:1e:b1:77:b8:1e:c2:0b:ea:9a:c3:5e:
bf:66:50:be:c0:eb:e1:91:4f:d9:d3:bf:b9:01:bc:35:4a:45:
71:70:9c:84:90:70:2a:37:67:39:67:4b:dc:33:26:88:66:c3:
42:59:e9:ed:09:d4:b6:a1:b2:e3:a5:e4:fc:a3:20:8d:dd:6e:
c6:42:b0:34:b9:b8:68:f8:f4:ee:f4:bd:7a:41:bb:26:55:13:
da:bf:42:b9:75:34:51:ac:9f:a0:55:1f:96:0b:d3:55:9f:bf:
98:a6:45:00:c1:c2:92:f6:a5:d3:76:7f:bb:01:6d:f5:0f:8a:
46:af:76:3b:39:6a:fa:21:1d:7a:db:88:cb:07:fe:c7:f7:00:
b8:5d:de:42:60:38:88:31:21:c7:88:5a:47:79:77:61:f7:dc:
bb:da:64:c5:d2:a1:22:98:e3:e4:91:1f:02:2e:cf:e0:1b:aa:
1c:9d:9b:f9:38:a7:33:74:1d:2b:3e:8f:f8:84:cb:7e:a1:b2:
ef:94:5d:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4xQ2jjyvN6l1eKuFGTF0UwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzEyMDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI0ZDE2NDQzOGFkODhlZjllOTY5ZDg4NjEyOTM1NTNlNGEzZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKJ/4295MlaGeNGW1XI1BViKX0pP
r9FodHULsPkJX3m+8gk+hLk5VckH+ZCO3R6WpLvXRUDVDyxgZcWEd8qjs1u1nRZ7
LBDbt1CUc64Mm6TKHv1t7SPD7GFGF+F0FJY3emLgcSpFTrZT+aQl9YVKnZ8YSe2H
seuwkaNtKsHhH6duRmu/OF1ijC8Kf1q091b+eivE/hnJrFwq/OtIDCzJKgc/Ni8p
IYlrro6XPv8Ssxd20oP2V6hW3qaDuPJlqjt+ylFfy2i+TQ9iM7n3WMu8MWRSNutW
gQWNocjsZFMQg6KYQWWhG3b7TkMPSiZCZ8vAtvWlNYFpccfvrXWt/s8HmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE600WRDitiO+elp2IYSk1U+Sj7FMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvVHJUUlpFT0sySTc1NlduWWhoS1RWVDVLUHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTd2IMA0G
CSqGSIb3DQEBCwUAA4IBAQCozrmwIPYt6uGr8eG9mmH4DmZwcF/YwpRXuYjrglJm
fP64HmYLQ/mzbC2maV6Qx6ufDEtVYur13yzYvl1eHrF3uB7CC+qaw16/ZlC+wOvh
kU/Z07+5Abw1SkVxcJyEkHAqN2c5Z0vcMyaIZsNCWentCdS2obLjpeT8oyCN3W7G
QrA0ubho+PTu9L16QbsmVRPav0K5dTRRrJ+gVR+WC9NVn7+YpkUAwcKS9qXTdn+7
AW31D4pGr3Y7OWr6IR1624jLB/7H9wC4Xd5CYDiIMSHHiFpHeXdh99y72mTF0qEi
mOPkkR8CLs/gG6ocnZv5OKczdB0rPo/4hMt+obLvlF3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org