Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/jnwzL3WuIt8aq2BwKg0k4VGaLiY.roa
File: jnwzL3WuIt8aq2BwKg0k4VGaLiY.roa (raw, json)
Hash identifier: Fbr8+Vh5sLGk0vzLKM4q0QBqJN6T+AkkxW/SixvFXJA=
Subject key identifier: 8E:7C:33:2F:75:AE:22:DF:1A:AB:60:70:2A:0D:24:E1:51:9A:2E:26
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018FF193D1F200317F4828AE4C0982005F70
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/jnwzL3WuIt8aq2BwKg0k4VGaLiY.roa
Signing time: Fri 07 Jun 2024 07:22:27 +0000
ROA not before: Fri 07 Jun 2024 07:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 77.221.151.0/24 maxlen: 24
109.120.156.0/24 maxlen: 24
109.120.158.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 17:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:93:d1:f2:00:31:7f:48:28:ae:4c:09:82:00:5f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jun 7 07:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e7c332f75ae22df1aab60702a0d24e1519a2e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:57:1f:09:b7:07:b5:6a:8b:00:bd:e8:23:
48:8a:14:cb:bc:9a:1d:b4:d3:53:34:bf:85:a0:03:
d5:06:6d:7e:96:69:6a:05:f4:f8:fa:c4:55:b7:87:
22:09:d4:dd:b9:26:c1:d0:b5:56:9e:e8:4a:3b:82:
66:f7:0a:42:04:f6:ce:6d:99:f6:62:5e:fd:3e:c0:
a8:dd:48:49:53:bb:36:f5:f7:d1:34:b3:40:ec:d1:
e9:fd:33:20:fe:8e:c9:5f:1c:36:33:8f:75:cd:48:
10:e5:8a:5f:0f:5d:59:ff:88:e1:0d:46:35:7f:1f:
08:7d:09:e7:08:e1:fe:59:0c:87:dc:e9:f9:57:78:
26:99:a4:c8:6b:07:1d:67:33:62:da:f5:c5:b0:e7:
4a:a4:1e:75:2b:f9:ff:5f:17:cb:58:20:31:a5:ea:
a7:a1:d3:9b:49:b1:b8:ca:a0:37:93:ac:96:67:1a:
40:a6:b2:1f:67:42:bd:03:2a:f0:40:97:a7:1c:b9:
8c:1e:30:e9:22:bd:28:cc:a7:de:e1:95:e2:02:83:
d5:9f:9b:26:f9:f1:f7:91:82:85:49:73:2f:3e:7b:
74:af:25:d3:9f:55:cb:dc:08:c6:df:7d:ec:54:48:
50:fc:21:af:16:ce:10:5b:48:a2:80:29:e7:85:e2:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7C:33:2F:75:AE:22:DF:1A:AB:60:70:2A:0D:24:E1:51:9A:2E:26
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/jnwzL3WuIt8aq2BwKg0k4VGaLiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.151.0/24
109.120.156.0/24
109.120.158.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:cf:7a:83:5b:b5:08:22:08:f2:9e:14:0f:4c:b6:a2:78:1e:
fa:60:73:01:27:d2:d1:ed:08:ca:dd:db:be:70:16:df:1d:de:
e4:9e:ed:83:4e:60:50:3b:c3:d1:77:b1:28:f1:ae:14:1c:50:
c0:38:de:51:e3:28:75:55:91:60:4e:0c:a0:62:2e:25:1c:05:
5a:44:d3:49:d6:ce:56:e5:1a:b3:8c:6f:a3:05:16:25:5c:11:
3c:e6:09:ee:f5:bd:e4:77:c3:54:5c:a3:15:9e:ae:35:31:08:
cc:f4:38:5a:17:4c:93:0a:86:88:ae:6d:d0:4d:f0:e6:dd:36:
20:e7:f6:74:f6:c3:4d:0c:dd:26:a5:1f:2f:7c:b5:92:69:b6:
4b:fb:a8:09:b4:62:be:00:03:21:30:87:24:56:fa:7c:28:de:
5a:44:7e:ea:fa:96:c4:7b:da:a7:c9:f9:d9:65:f9:c3:78:31:
d3:aa:35:31:95:d8:3f:d8:e6:17:7b:ed:e7:b0:c3:71:af:29:
4e:d6:65:e7:b9:b2:a5:32:76:45:80:17:3c:be:03:a1:d9:74:
58:88:fe:33:82:f4:c6:0b:a3:bd:c4:9c:45:2d:b2:39:d0:e9:
5f:5f:5d:da:45:1a:3b:ea:15:a1:3e:e8:73:db:18:ac:c4:f7:
18:3c:b7:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/xk9HyADF/SCiuTAmCAF9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNjA3MDcyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdjMzMyZjc1YWUyMmRmMWFhYjYwNzAyYTBkMjRlMTUxOWEyZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VNXHwm3B7VqiwC96CNIihTLvJod
tNNTNL+FoAPVBm1+lmlqBfT4+sRVt4ciCdTduSbB0LVWnuhKO4Jm9wpCBPbObZn2
Yl79PsCo3UhJU7s29ffRNLNA7NHp/TMg/o7JXxw2M491zUgQ5YpfD11Z/4jhDUY1
fx8IfQnnCOH+WQyH3On5V3gmmaTIawcdZzNi2vXFsOdKpB51K/n/XxfLWCAxpeqn
odObSbG4yqA3k6yWZxpAprIfZ0K9AyrwQJenHLmMHjDpIr0ozKfe4ZXiAoPVn5sm
+fH3kYKFSXMvPnt0ryXTn1XL3AjG333sVEhQ/CGvFs4QW0iigCnnheIC9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI58My91riLfGqtgcCoNJOFRmi4mMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvam53ekwzV3VJdDhhcTJCd0tnMGs0VkdhTGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATd2XAwQA
bXicAwQBbXieMA0GCSqGSIb3DQEBCwUAA4IBAQBsz3qDW7UIIgjynhQPTLaieB76
YHMBJ9LR7QjK3du+cBbfHd7knu2DTmBQO8PRd7Eo8a4UHFDAON5R4yh1VZFgTgyg
Yi4lHAVaRNNJ1s5W5RqzjG+jBRYlXBE85gnu9b3kd8NUXKMVnq41MQjM9DhaF0yT
CoaIrm3QTfDm3TYg5/Z09sNNDN0mpR8vfLWSabZL+6gJtGK+AAMhMIckVvp8KN5a
RH7q+pbEe9qnyfnZZfnDeDHTqjUxldg/2OYXe+3nsMNxrylO1mXnubKlMnZFgBc8
vgOh2XRYiP4zgvTGC6O9xJxFLbI50OlfX13aRRo76hWhPuhz2xisxPcYPLcF
-----END CERTIFICATE-----
Generated at Mon Jun 10 20:37:16 2024 by rpki-client on console-fra.rpki-client.org