Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/gxFbv3zmg4k_aPOWW1TP2ygwRk4.roa
File: gxFbv3zmg4k_aPOWW1TP2ygwRk4.roa (raw, json)
Hash identifier: swM74O7zYdyyPbhfG6/kqBmu4QmV/9sLoa41qxI6bCE=
Subject key identifier: 83:11:5B:BF:7C:E6:83:89:3F:68:F3:96:5B:54:CF:DB:28:30:46:4E
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 019198AC1F3C6DFD03C9CB0FF8939E509BA4
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/gxFbv3zmg4k_aPOWW1TP2ygwRk4.roa
Signing time: Wed 28 Aug 2024 11:08:22 +0000
ROA not before: Wed 28 Aug 2024 11:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.149.0/24 maxlen: 24
109.120.150.0/24 maxlen: 24
109.120.151.0/24 maxlen: 24
109.120.155.0/24 maxlen: 24
109.120.156.0/23 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 19:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:ac:1f:3c:6d:fd:03:c9:cb:0f:f8:93:9e:50:9b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Aug 28 11:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83115bbf7ce683893f68f3965b54cfdb2830464e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:d8:b7:79:cb:cb:43:ca:67:6c:a0:4f:42:
0a:5b:5e:77:d8:22:29:08:be:a1:84:d2:1e:f5:5c:
76:1e:00:7b:6e:e9:b0:8d:bd:35:aa:81:73:cc:82:
4f:28:6b:4b:87:ee:88:f0:cc:7b:4b:aa:3b:fa:3d:
bb:b1:63:9c:2b:ad:5d:b4:45:4d:42:3f:1e:02:1f:
f9:c4:42:e4:82:fe:9f:e8:83:fc:f8:d9:02:13:f8:
b8:10:61:3e:32:75:c7:cb:8d:81:49:30:cd:d8:47:
22:12:b5:17:68:1d:d9:c9:9a:0f:14:1c:43:a8:51:
fe:7c:39:04:37:bd:6e:2d:2b:28:fd:49:94:e0:2d:
4d:e8:96:03:2c:9d:eb:20:3e:4a:59:5b:47:9b:c4:
45:39:1a:69:0d:75:0f:ff:9e:72:9e:7f:86:4e:be:
bc:a2:62:18:a3:cb:65:1c:37:0d:db:99:59:9e:0a:
e8:b0:f7:9b:8c:a8:1b:0a:ea:b9:37:f8:4b:f1:51:
d1:dd:dd:9a:93:19:80:ed:6c:4a:a4:34:74:f1:be:
f2:d2:91:05:81:23:0d:33:67:06:3f:95:59:ad:ed:
5e:e4:3d:54:93:55:10:55:b9:02:c8:22:cf:6f:69:
87:5b:68:d2:00:24:36:74:7c:b8:67:4a:27:11:2c:
3f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:11:5B:BF:7C:E6:83:89:3F:68:F3:96:5B:54:CF:DB:28:30:46:4E
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/gxFbv3zmg4k_aPOWW1TP2ygwRk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.149.0-109.120.151.255
109.120.155.0-109.120.157.255
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
39:cc:cc:d9:a3:5e:fe:ec:37:96:18:7e:17:f4:6c:69:4b:08:
42:92:df:b3:62:97:ff:4b:bf:48:50:46:db:f8:6a:37:e6:fa:
da:76:41:6e:a3:02:6c:73:8f:dd:7f:a8:d2:fa:d5:31:99:1e:
3e:f0:30:fb:a9:75:c7:48:ac:81:10:0b:5c:b4:7e:f1:f4:5c:
6d:da:83:6d:f2:c2:a0:34:cb:ed:09:ea:ad:11:b5:30:82:85:
81:37:b5:58:b4:ec:9a:51:72:3b:bf:18:fa:52:26:7c:85:ff:
ec:0a:ee:07:4a:5d:63:1a:9f:c5:88:21:b7:b0:63:8a:71:4b:
9b:2e:6c:bb:a8:b9:93:0f:7e:54:02:f1:76:32:e2:b9:52:0b:
28:a7:01:f3:b1:84:3f:d1:f1:90:2a:3c:f1:a3:14:f3:35:25:
33:fc:73:70:e2:dc:20:54:03:83:dc:20:bd:f7:91:08:b3:c8:
e6:87:d6:2f:dd:b8:59:e8:3e:42:15:43:2b:dd:46:bc:86:84:
af:f0:f9:ae:96:e2:d3:a3:81:2a:2a:88:02:6a:06:8d:08:6e:
35:5f:40:b8:66:85:b4:f0:96:3b:67:d7:b4:49:90:24:a5:3a:
d6:5e:eb:0f:1f:03:ba:52:f8:99:c1:37:53:20:86:24:54:29:
83:02:bc:3c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZGYrB88bf0DycsP+JOeUJukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwODI4MTEwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzExNWJiZjdjZTY4Mzg5M2Y2OGYzOTY1YjU0Y2ZkYjI4MzA0NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2fYt3nLy0PKZ2ygT0IKW1532CIp
CL6hhNIe9Vx2HgB7bumwjb01qoFzzIJPKGtLh+6I8Mx7S6o7+j27sWOcK61dtEVN
Qj8eAh/5xELkgv6f6IP8+NkCE/i4EGE+MnXHy42BSTDN2EciErUXaB3ZyZoPFBxD
qFH+fDkEN71uLSso/UmU4C1N6JYDLJ3rID5KWVtHm8RFORppDXUP/55ynn+GTr68
omIYo8tlHDcN25lZngrosPebjKgbCuq5N/hL8VHR3d2akxmA7WxKpDR08b7y0pEF
gSMNM2cGP5VZre1e5D1Uk1UQVbkCyCLPb2mHW2jSACQ2dHy4Z0onESw/RwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIMRW7985oOJP2jzlltUz9soMEZOMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvZ3hGYnYzem1nNGtfYVBPV1cxVFAyeWd3Ums0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEMAwDBABteJUDBANteJAwDAMEAG14mwMEAW14nAMEAm14
sAMEAm14uDANBgkqhkiG9w0BAQsFAAOCAQEAOczM2aNe/uw3lhh+F/RsaUsIQpLf
s2KX/0u/SFBG2/hqN+b62nZBbqMCbHOP3X+o0vrVMZkePvAw+6l1x0isgRALXLR+
8fRcbdqDbfLCoDTL7QnqrRG1MIKFgTe1WLTsmlFyO78Y+lImfIX/7AruB0pdYxqf
xYght7BjinFLmy5su6i5kw9+VALxdjLiuVILKKcB87GEP9HxkCo88aMU8zUlM/xz
cOLcIFQDg9wgvfeRCLPI5ofWL924Weg+QhVDK91GvIaEr/D5rpbi06OBKiqIAmoG
jQhuNV9AuGaFtPCWO2fXtEmQJKU61l7rDx8DulL4mcE3UyCGJFQpgwK8PA==
-----END CERTIFICATE-----
Generated at Wed Oct 2 20:34:25 2024 by rpki-client on console-fra.rpki-client.org