Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Tsuxdrus6jo55K4lN4-rc3A-KB0.roa
File: Tsuxdrus6jo55K4lN4-rc3A-KB0.roa (raw, json)
Hash identifier: +ES9MTA7gE+XwbcUJsAcZEV6mJ/xsmi+aBSncKezMCo=
Subject key identifier: 4E:CB:B1:76:BB:AC:EA:3A:39:E4:AE:25:37:8F:AB:73:70:3E:28:1D
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01900348B3819DDDBA7987FF2C025EA3ACBC
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Tsuxdrus6jo55K4lN4-rc3A-KB0.roa
Signing time: Mon 10 Jun 2024 17:53:34 +0000
ROA not before: Mon 10 Jun 2024 17:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.149.0/24 maxlen: 24
109.120.150.0/24 maxlen: 24
109.120.151.0/24 maxlen: 24
109.120.152.0/24 maxlen: 24
109.120.155.0/24 maxlen: 24
109.120.156.0/23 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 11:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:48:b3:81:9d:dd:ba:79:87:ff:2c:02:5e:a3:ac:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jun 10 17:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ecbb176bbacea3a39e4ae25378fab73703e281d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9c:c1:45:a1:67:26:8e:5d:fe:14:78:e3:25:
10:c4:db:74:2b:6d:ee:a4:e2:23:e2:13:21:bb:47:
a3:c4:2e:a4:3f:e7:da:de:70:fc:b7:ec:c0:bc:9e:
46:7c:cf:9b:c9:22:7d:c0:de:b6:8a:cb:e6:28:d7:
df:a2:7e:51:44:87:5a:e1:d0:6d:f5:e6:09:9c:11:
d9:8f:30:98:f8:6a:a7:e3:91:ca:ea:19:cc:d6:08:
b8:a2:e0:24:d3:ce:f9:b8:63:dd:6a:4f:23:ef:19:
95:d4:cc:87:33:98:58:78:2f:6c:06:52:69:c1:80:
63:06:85:1d:41:bb:59:21:c9:14:e5:68:82:53:79:
e4:53:db:e4:c0:c5:cd:6e:60:9c:5f:93:c5:12:8d:
80:bf:e5:17:7f:c8:47:fc:3b:38:04:9c:75:af:13:
81:b4:99:22:65:6d:0c:8a:e2:b7:dd:fc:e9:55:bd:
93:0c:f2:34:04:9b:82:c3:b7:a3:ca:2b:b9:af:10:
98:f7:a7:9b:7c:36:30:c6:c8:ba:a8:9c:d3:ea:10:
5d:03:91:bf:21:0b:34:08:52:1e:99:79:74:09:8f:
6a:4b:12:ee:40:4e:01:1a:32:a1:dd:b9:da:cf:09:
08:59:a7:fa:e3:a5:53:b4:e2:02:7e:3f:e5:7c:3e:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CB:B1:76:BB:AC:EA:3A:39:E4:AE:25:37:8F:AB:73:70:3E:28:1D
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Tsuxdrus6jo55K4lN4-rc3A-KB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.149.0-109.120.152.255
109.120.155.0-109.120.157.255
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:d4:e6:fa:14:75:3d:04:71:af:cd:d6:6a:d7:3d:3f:d9:a7:
70:d6:15:8d:28:34:16:0c:91:6d:34:cd:72:37:30:7f:3d:c6:
96:9a:ed:64:80:84:2c:89:be:b7:63:42:c5:6f:e2:40:bb:69:
5c:4f:04:5a:74:9f:a7:12:3c:a7:35:7f:a6:cf:da:fc:eb:66:
19:89:f0:0e:f9:88:26:2d:9f:9a:06:07:e9:c6:b3:22:57:bf:
36:c7:ce:ed:2a:4b:84:dd:72:79:b3:df:76:98:75:80:58:d3:
5e:28:b2:19:97:2d:fe:f6:04:45:79:04:f4:b2:a5:f9:fb:5b:
cf:74:80:f2:14:59:f0:6b:a5:f1:b2:a2:8b:43:ea:f8:1b:f2:
0f:98:0f:9d:10:94:4b:92:d5:5f:b0:ee:2f:4f:1d:a3:f4:ac:
1f:db:3d:ea:c5:6c:34:77:59:89:ae:6e:0b:e2:1a:e4:fb:5d:
f0:e7:cd:33:95:0e:f0:82:03:4c:7b:0e:8b:02:4c:11:ef:6c:
a5:33:47:3e:ff:94:83:0f:26:b4:c4:64:2a:b9:ad:03:02:8b:
26:8d:6f:88:fe:ce:d2:0a:a4:f7:37:44:0f:5d:58:a1:1e:68:
0f:68:db:02:56:49:74:98:bd:0f:2a:d7:58:be:0e:2b:1a:3c:
f2:3f:8f:a3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZADSLOBnd26eYf/LAJeo6y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNjEwMTc1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNiYjE3NmJiYWNlYTNhMzllNGFlMjUzNzhmYWI3MzcwM2UyODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZzBRaFnJo5d/hR44yUQxNt0K23u
pOIj4hMhu0ejxC6kP+fa3nD8t+zAvJ5GfM+bySJ9wN62isvmKNffon5RRIda4dBt
9eYJnBHZjzCY+Gqn45HK6hnM1gi4ouAk0875uGPdak8j7xmV1MyHM5hYeC9sBlJp
wYBjBoUdQbtZIckU5WiCU3nkU9vkwMXNbmCcX5PFEo2Av+UXf8hH/Ds4BJx1rxOB
tJkiZW0MiuK33fzpVb2TDPI0BJuCw7ejyiu5rxCY96ebfDYwxsi6qJzT6hBdA5G/
IQs0CFIemXl0CY9qSxLuQE4BGjKh3bnazwkIWaf646VTtOICfj/lfD6LhQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFE7LsXa7rOo6OeSuJTePq3NwPigdMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvVHN1eGRydXM2am81NUs0bE40LXJjM0EtS0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEMAwDBABteJUDBABteJgwDAMEAG14mwMEAW14nAMEAm14
sAMEAm14uDANBgkqhkiG9w0BAQsFAAOCAQEAf9Tm+hR1PQRxr83Watc9P9mncNYV
jSg0FgyRbTTNcjcwfz3GlprtZICELIm+t2NCxW/iQLtpXE8EWnSfpxI8pzV/ps/a
/OtmGYnwDvmIJi2fmgYH6cazIle/NsfO7SpLhN1yebPfdph1gFjTXiiyGZct/vYE
RXkE9LKl+ftbz3SA8hRZ8Gul8bKii0Pq+BvyD5gPnRCUS5LVX7DuL08do/SsH9s9
6sVsNHdZia5uC+Ia5Ptd8OfNM5UO8IIDTHsOiwJMEe9spTNHPv+Ugw8mtMRkKrmt
AwKLJo1viP7O0gqk9zdED11YoR5oD2jbAlZJdJi9DyrXWL4OKxo88j+Pow==
-----END CERTIFICATE-----
Generated at Wed Aug 28 14:17:30 2024 by rpki-client on console-ams.rpki-client.org