Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/llwh7NnU6XblXwN0YzdP87P9f3g.roa
File: llwh7NnU6XblXwN0YzdP87P9f3g.roa (raw, json)
Hash identifier: z6/ozAUC5vab9/SWevZBOz+PsXTObqcIErBTFaZgH+I=
Subject key identifier: 96:5C:21:EC:D9:D4:E9:76:E5:5F:03:74:63:37:4F:F3:B3:FD:7F:78
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01900346DE38A988039BF3228150A2868C9A
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/llwh7NnU6XblXwN0YzdP87P9f3g.roa
Signing time: Mon 10 Jun 2024 17:51:34 +0000
ROA not before: Mon 10 Jun 2024 17:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 77.221.151.0/24 maxlen: 24
109.120.158.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 08:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:03:46:de:38:a9:88:03:9b:f3:22:81:50:a2:86:8c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jun 10 17:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=965c21ecd9d4e976e55f037463374ff3b3fd7f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ed:10:01:25:27:dc:52:25:51:45:55:1d:ed:
bc:cd:7f:b0:97:2e:a4:f0:4c:af:c3:7b:8a:d4:27:
69:09:66:11:cb:a0:36:e8:47:63:0c:e2:9f:d6:5e:
b6:6f:fb:c7:a1:f7:7f:07:05:5f:52:66:e8:22:67:
25:18:45:cc:25:38:e3:3d:8b:5f:70:ca:6f:68:8e:
70:ad:ef:84:57:04:c8:f9:b9:95:72:66:73:c3:cb:
f5:c4:2e:b5:d1:b9:e6:22:79:74:90:42:52:73:e6:
3f:1b:32:bd:e0:11:0a:4a:57:ba:77:aa:bb:97:7b:
9f:50:72:6e:34:60:08:59:49:2d:82:3f:bd:7b:46:
07:df:7a:7d:ef:18:ab:05:ed:5c:4a:bc:c3:e8:08:
b2:4d:04:60:c3:d2:23:9a:17:ab:5f:f3:ef:ff:9b:
e9:46:f2:98:06:45:b5:3b:dd:fa:83:f6:15:45:b0:
0b:39:60:d7:40:30:66:33:96:1f:d2:74:f3:6e:41:
59:cd:b2:ec:0f:a6:b6:35:6e:ca:76:16:2c:87:cc:
f7:bf:29:b6:47:4c:e6:20:5b:4a:5b:bf:7e:74:b3:
b3:51:18:c8:9b:e0:c4:6d:0b:a4:42:73:e8:6a:37:
85:7c:0c:c0:a4:68:5f:21:b1:77:c9:77:4e:d0:b4:
37:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5C:21:EC:D9:D4:E9:76:E5:5F:03:74:63:37:4F:F3:B3:FD:7F:78
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/llwh7NnU6XblXwN0YzdP87P9f3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.151.0/24
109.120.158.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:95:23:e4:fb:a8:4b:7e:88:08:4a:52:38:f4:d7:93:cd:16:
31:49:30:5f:60:a6:53:c1:27:64:f7:a0:79:ea:f6:ae:cf:aa:
bc:e7:74:95:7e:66:8f:58:9a:cc:55:9a:c5:4e:89:40:52:13:
c4:c6:79:3c:82:da:c0:e3:ce:94:39:db:8c:f6:69:99:44:3e:
2a:e2:70:b9:ea:79:f2:b3:91:42:34:ed:d5:10:24:b2:70:c0:
78:34:4b:1f:1e:d4:18:fa:8d:a4:ff:3d:1c:93:ef:83:65:7e:
ba:3f:af:87:0b:a3:1d:75:77:ea:6a:0b:fd:23:24:c9:a7:b4:
df:9d:c7:8d:dc:fb:48:41:ef:fc:29:75:96:b0:71:e0:eb:e1:
a2:f6:25:79:fd:40:63:40:96:8e:83:8e:23:9e:84:21:2b:15:
4e:a2:b5:a1:f6:54:2e:d2:89:f9:06:78:13:1f:a9:34:16:e7:
38:fe:69:54:9d:c6:c9:49:6d:c9:48:01:e8:47:68:cc:1c:54:
6a:59:0c:a0:6a:d4:dd:10:17:b6:f7:f4:4e:8a:a5:86:06:74:
70:29:cb:bf:dc:3f:43:14:7c:3b:34:99:22:05:a8:fc:13:7e:
39:d6:de:85:0f:ab:31:7d:bd:11:05:30:a9:f5:07:72:8c:90:
3f:35:68:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZADRt44qYgDm/MigVCihoyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNjEwMTc1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVjMjFlY2Q5ZDRlOTc2ZTU1ZjAzNzQ2MzM3NGZmM2IzZmQ3Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+0QASUn3FIlUUVVHe28zX+wly6k
8Eyvw3uK1CdpCWYRy6A26EdjDOKf1l62b/vHofd/BwVfUmboImclGEXMJTjjPYtf
cMpvaI5wre+EVwTI+bmVcmZzw8v1xC610bnmInl0kEJSc+Y/GzK94BEKSle6d6q7
l3ufUHJuNGAIWUktgj+9e0YH33p97xirBe1cSrzD6AiyTQRgw9IjmherX/Pv/5vp
RvKYBkW1O936g/YVRbALOWDXQDBmM5Yf0nTzbkFZzbLsD6a2NW7KdhYsh8z3vym2
R0zmIFtKW79+dLOzURjIm+DEbQukQnPoajeFfAzApGhfIbF3yXdO0LQ3+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZcIezZ1Ol25V8DdGM3T/Oz/X94MB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvbGx3aDdOblU2WGJsWHdOMFl6ZFA4N1A5ZjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATd2XAwQB
bXieMA0GCSqGSIb3DQEBCwUAA4IBAQBrlSPk+6hLfogISlI49NeTzRYxSTBfYKZT
wSdk96B56vauz6q853SVfmaPWJrMVZrFTolAUhPExnk8gtrA486UOduM9mmZRD4q
4nC56nnys5FCNO3VECSycMB4NEsfHtQY+o2k/z0ck++DZX66P6+HC6MddXfqagv9
IyTJp7TfnceN3PtIQe/8KXWWsHHg6+Gi9iV5/UBjQJaOg44jnoQhKxVOorWh9lQu
0on5BngTH6k0Fuc4/mlUncbJSW3JSAHoR2jMHFRqWQygatTdEBe29/ROiqWGBnRw
Kcu/3D9DFHw7NJkiBaj8E3451t6FD6sxfb0RBTCp9QdyjJA/NWic
-----END CERTIFICATE-----
Generated at Wed Jul 17 11:14:43 2024 by rpki-client on console-ams.rpki-client.org