Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/VCyKGIufYTr2MuA0xbJlP7YL05E.roa
File: VCyKGIufYTr2MuA0xbJlP7YL05E.roa (raw, json)
Hash identifier: 69GVZNnczraDSrisnmDJgkepbFYytLSyS7rxcGEsLtI=
Subject key identifier: 54:2C:8A:18:8B:9F:61:3A:F6:32:E0:34:C5:B2:65:3F:B6:0B:D3:91
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018EA99677231CA12AB981D2E7E16266274E
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/VCyKGIufYTr2MuA0xbJlP7YL05E.roa
Signing time: Thu 04 Apr 2024 14:49:54 +0000
ROA not before: Thu 04 Apr 2024 14:49:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 12:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:96:77:23:1c:a1:2a:b9:81:d2:e7:e1:62:66:27:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Apr 4 14:49:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=542c8a188b9f613af632e034c5b2653fb60bd391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c7:4b:f7:ef:c3:19:cb:65:ec:3c:ab:47:d6:
d9:ce:16:ce:69:11:7f:84:14:b4:1f:66:a1:81:ed:
0d:d5:80:04:46:14:9d:99:28:37:6f:03:c2:ee:0e:
60:ea:cd:ed:54:da:8d:1f:f0:16:3f:42:50:41:b7:
dc:d3:c3:0c:89:3c:5d:a2:11:a8:ac:39:f8:71:2f:
ef:97:29:b9:f4:1c:f6:74:3b:1e:f9:04:67:b5:f3:
41:0a:b2:d6:f1:a0:68:fa:7f:9c:5e:8e:8a:99:76:
a1:b9:8c:bc:30:0b:47:b2:e2:0a:ea:f7:0d:5f:e4:
dc:9f:ec:24:08:66:ef:db:2e:68:c8:53:1e:8c:b3:
10:c6:fc:59:e2:73:71:27:b0:c6:5c:25:69:c1:e5:
ec:e4:24:d7:68:55:93:be:59:4c:e5:a5:33:eb:22:
25:75:7e:a9:90:69:34:6d:28:3e:2c:79:d7:c2:9e:
42:66:5e:73:e1:0b:59:1c:3c:81:31:ec:0c:43:be:
9f:00:de:00:1f:0b:39:51:74:24:dd:11:c3:0a:df:
a9:d6:ba:28:aa:41:10:bd:ca:ae:6c:0a:0d:4c:28:
30:8f:82:5c:b4:b7:32:b9:f2:82:61:7a:89:3d:cd:
a1:07:2f:61:7b:6d:50:80:7c:e9:b0:be:37:f3:de:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2C:8A:18:8B:9F:61:3A:F6:32:E0:34:C5:B2:65:3F:B6:0B:D3:91
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/VCyKGIufYTr2MuA0xbJlP7YL05E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
17:4c:97:43:ee:a5:80:25:13:bf:1f:4c:21:38:5b:59:54:14:
f1:e1:34:99:fd:5e:fe:76:81:05:af:82:b9:5f:4b:1b:7f:4c:
90:6c:14:da:6b:66:16:42:2f:5d:14:ba:6a:17:e8:e7:99:7c:
75:e8:79:04:b9:56:4d:8c:1f:b7:0a:71:19:a3:d9:99:49:cb:
7d:a1:0d:02:9e:1e:e0:60:35:a1:df:14:93:6b:d6:b3:b4:84:
f7:fb:ba:93:1d:89:ca:10:a7:e0:19:b9:c9:88:5c:0d:7d:f5:
96:a4:f9:09:57:60:32:01:9b:75:34:72:db:7f:3c:e1:38:15:
c8:2f:84:90:5b:2c:e9:e8:50:34:35:17:e3:f1:35:9c:1e:a9:
70:b0:33:f2:e2:af:46:01:d4:d2:65:78:a6:2e:11:0d:0b:9a:
e1:91:d0:e7:53:c1:2a:23:7d:a5:5d:41:4a:18:2b:eb:45:cb:
3a:ee:30:32:12:97:3f:5d:a5:c0:d2:47:44:2f:5d:f3:6f:e7:
75:9b:d9:b3:83:57:43:ed:ad:eb:2e:95:ad:ac:ae:a0:24:86:
4d:1d:88:45:7a:2e:aa:02:99:b2:5f:58:9f:3b:75:9a:18:6d:
c7:40:61:31:9b:a4:26:24:86:27:e0:47:87:ea:24:ca:21:b5:
09:ad:67:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6plncjHKEquYHS5+FiZidOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNDA0MTQ0OTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJjOGExODhiOWY2MTNhZjYzMmUwMzRjNWIyNjUzZmI2MGJkMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8dL9+/DGctl7DyrR9bZzhbOaRF/
hBS0H2ahge0N1YAERhSdmSg3bwPC7g5g6s3tVNqNH/AWP0JQQbfc08MMiTxdohGo
rDn4cS/vlym59Bz2dDse+QRntfNBCrLW8aBo+n+cXo6KmXahuYy8MAtHsuIK6vcN
X+Tcn+wkCGbv2y5oyFMejLMQxvxZ4nNxJ7DGXCVpweXs5CTXaFWTvllM5aUz6yIl
dX6pkGk0bSg+LHnXwp5CZl5z4QtZHDyBMewMQ76fAN4AHws5UXQk3RHDCt+p1roo
qkEQvcqubAoNTCgwj4JctLcyufKCYXqJPc2hBy9he21QgHzpsL43894/dQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFQsihiLn2E69jLgNMWyZT+2C9ORMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvVkN5S0dJdWZZVHIyTXVBMHhiSmxQN1lMMDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEAwQCbXiwAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQAX
TJdD7qWAJRO/H0whOFtZVBTx4TSZ/V7+doEFr4K5X0sbf0yQbBTaa2YWQi9dFLpq
F+jnmXx16HkEuVZNjB+3CnEZo9mZSct9oQ0Cnh7gYDWh3xSTa9aztIT3+7qTHYnK
EKfgGbnJiFwNffWWpPkJV2AyAZt1NHLbfzzhOBXIL4SQWyzp6FA0NRfj8TWcHqlw
sDPy4q9GAdTSZXimLhENC5rhkdDnU8EqI32lXUFKGCvrRcs67jAyEpc/XaXA0kdE
L13zb+d1m9mzg1dD7a3rLpWtrK6gJIZNHYhFei6qApmyX1ifO3WaGG3HQGExm6Qm
JIYn4EeH6iTKIbUJrWeH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org