Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/rTrstVXQXtQqInd6tQ3iVykkpQQ.roa
File: rTrstVXQXtQqInd6tQ3iVykkpQQ.roa (raw, json)
Hash identifier: wVss6kED0OgggjsefYKdIQ/qHzGSjA4pi+Q2lnxVfFc=
Subject key identifier: AD:3A:EC:B5:55:D0:5E:D4:2A:22:77:7A:B5:0D:E2:57:29:24:A5:04
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018FB92C971AA775A60F5BE39DA677D93D48
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/rTrstVXQXtQqInd6tQ3iVykkpQQ.roa
Signing time: Mon 27 May 2024 08:30:58 +0000
ROA not before: Mon 27 May 2024 08:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.149.0/24 maxlen: 24
109.120.150.0/24 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 22:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:2c:97:1a:a7:75:a6:0f:5b:e3:9d:a6:77:d9:3d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 27 08:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad3aecb555d05ed42a22777ab50de2572924a504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c6:96:6e:26:41:c7:53:4b:cf:ab:4c:e4:7b:
83:54:b0:77:3e:47:d1:cc:5e:4c:74:f6:38:18:ae:
35:a6:6a:c9:27:e9:71:5c:4a:e5:ad:48:49:bf:50:
76:f2:67:a2:b7:f0:e8:3f:4a:95:bc:a9:3d:7f:af:
46:c2:d8:ef:fc:32:39:3a:2a:d2:a8:47:1d:3c:46:
c7:3f:9a:de:2d:80:08:96:18:b6:d8:6f:08:2e:13:
63:05:0d:d8:51:ba:8e:83:77:d0:f3:97:41:54:89:
56:27:5e:ab:8e:e1:2d:b8:9a:51:e3:fe:13:98:b1:
86:dd:3c:99:0e:8f:3b:5e:cb:37:37:96:96:f8:4a:
31:06:eb:5b:10:31:2b:1b:82:80:00:b2:12:31:d6:
a7:2c:59:41:93:c8:12:a1:ab:22:7e:52:3a:bc:ad:
0d:66:f4:79:27:f8:f1:d2:9b:87:b8:0f:57:9a:ac:
07:26:85:eb:8f:47:e3:98:48:19:45:17:c3:0d:55:
6d:41:a3:1c:d2:60:3c:1d:0b:d5:38:24:3e:6b:6c:
7c:c5:64:c3:55:46:0d:14:5d:2f:a2:f1:60:b7:65:
5b:93:73:db:a4:a7:e1:cf:ee:de:b8:f6:88:45:1f:
3c:d5:4e:a7:ec:2e:50:cb:b8:1b:54:f7:e3:d2:d3:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3A:EC:B5:55:D0:5E:D4:2A:22:77:7A:B5:0D:E2:57:29:24:A5:04
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/rTrstVXQXtQqInd6tQ3iVykkpQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.149.0-109.120.150.255
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:53:06:82:34:61:8d:53:30:0d:46:64:8c:29:9a:0d:d2:eb:
3a:76:17:b7:3c:26:14:f7:62:67:fb:b4:f3:7b:d9:11:d7:3d:
5a:16:67:8c:d8:ac:fe:75:cc:92:2d:87:59:7f:00:ca:a1:ba:
1c:01:fa:88:68:20:ca:4e:32:ed:2f:45:c7:92:b8:1b:ee:83:
cb:4b:c3:43:d5:1c:b8:bd:d5:06:c6:e5:11:5c:5b:1c:72:5a:
31:c7:ba:26:27:ba:bb:f4:34:0e:54:12:2c:d9:c4:ea:d9:d9:
f4:78:9b:85:24:28:05:48:8d:e2:c6:48:9d:a4:b9:6b:f8:9c:
5e:15:61:b6:7d:19:f2:3c:53:67:0c:53:54:4a:ac:1f:07:73:
67:1f:31:16:4e:98:18:70:ac:fb:27:90:07:95:c9:61:41:17:
e8:7d:3d:72:db:e3:a5:e9:64:0e:66:3f:f7:0b:d2:ca:ed:65:
a4:55:af:7b:15:d3:03:a6:d6:f4:6e:f3:0d:d4:96:fa:7f:fa:
79:32:8d:46:bf:ba:c6:ee:43:f9:0d:cd:e8:d1:1f:a3:12:e3:
b1:ca:0e:b3:51:ab:26:d1:37:ca:a8:c7:c7:ff:ba:08:c6:92:
f5:5a:fb:2f:93:0d:9c:dc:6e:8f:0d:8c:b3:3d:84:b8:35:34:
70:d8:43:a7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY+5LJcap3WmD1vjnaZ32T1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNTI3MDgzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNhZWNiNTU1ZDA1ZWQ0MmEyMjc3N2FiNTBkZTI1NzI5MjRhNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMaWbiZBx1NLz6tM5HuDVLB3PkfR
zF5MdPY4GK41pmrJJ+lxXErlrUhJv1B28meit/DoP0qVvKk9f69Gwtjv/DI5OirS
qEcdPEbHP5reLYAIlhi22G8ILhNjBQ3YUbqOg3fQ85dBVIlWJ16rjuEtuJpR4/4T
mLGG3TyZDo87Xss3N5aW+EoxButbEDErG4KAALISMdanLFlBk8gSoasiflI6vK0N
ZvR5J/jx0puHuA9XmqwHJoXrj0fjmEgZRRfDDVVtQaMc0mA8HQvVOCQ+a2x8xWTD
VUYNFF0vovFgt2Vbk3PbpKfhz+7euPaIRR881U6n7C5Qy7gbVPfj0tM+WwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFK067LVV0F7UKiJ3erUN4lcpJKUEMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvclRyc3RWWFFYdFFxSW5kNnRRM2lWeWtrcFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEMAwDBABteJUDBABteJYDBAJteLADBAJteLgwDQYJKoZI
hvcNAQELBQADggEBALFTBoI0YY1TMA1GZIwpmg3S6zp2F7c8JhT3Ymf7tPN72RHX
PVoWZ4zYrP51zJIth1l/AMqhuhwB+ohoIMpOMu0vRceSuBvug8tLw0PVHLi91QbG
5RFcWxxyWjHHuiYnurv0NA5UEizZxOrZ2fR4m4UkKAVIjeLGSJ2kuWv4nF4VYbZ9
GfI8U2cMU1RKrB8Hc2cfMRZOmBhwrPsnkAeVyWFBF+h9PXLb46XpZA5mP/cL0srt
ZaRVr3sV0wOm1vRu8w3Ulvp/+nkyjUa/usbuQ/kNzejRH6MS47HKDrNRqybRN8qo
x8f/ugjGkvVa+y+TDZzcbo8NjLM9hLg1NHDYQ6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org