Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/yCQJcgPY484IHGwdus2H-L6p5DA.roa
File: yCQJcgPY484IHGwdus2H-L6p5DA.roa (raw, json)
Hash identifier: zoF8v6FNHdSJCLled+ED83tx6OYOgJiJr2fos5FxH5g=
Subject key identifier: C8:24:09:72:03:D8:E3:CE:08:1C:6C:1D:BA:CD:87:F8:BE:A9:E4:30
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E5B8DB96BAB531B8C18B923AFBC5392B5
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/yCQJcgPY484IHGwdus2H-L6p5DA.roa
Signing time: Wed 20 Mar 2024 11:09:58 +0000
ROA not before: Wed 20 Mar 2024 11:09:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 14:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:8d:b9:6b:ab:53:1b:8c:18:b9:23:af:bc:53:92:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 20 11:09:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c824097203d8e3ce081c6c1dbacd87f8bea9e430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:13:73:74:f2:60:41:95:13:dd:0b:60:16:d7:
22:91:82:6c:27:50:14:fa:b8:81:dc:da:4c:a6:10:
e4:ca:69:d0:e2:02:a6:65:4e:5d:d3:1b:c8:ae:c6:
18:f3:dd:7b:64:5e:7a:12:2a:5e:8d:7c:d2:78:9e:
cf:7c:5d:4b:ce:0c:b6:78:29:52:34:37:88:de:11:
8d:3c:53:86:c6:23:0f:70:01:94:bb:40:fe:34:ea:
f2:05:af:fc:2e:04:ba:f0:8d:81:cc:9e:4d:6a:09:
46:ba:e4:5c:b8:45:69:72:10:16:20:f3:7d:d3:a2:
38:06:99:98:7e:22:42:40:32:4b:7d:8a:60:cd:f7:
33:4f:33:c7:02:2b:37:da:f6:87:6c:01:11:42:a1:
f0:0e:dd:76:8d:19:32:42:51:18:ba:8e:ff:61:c2:
e0:82:af:08:f2:7c:a6:ce:5d:62:ff:2b:4e:43:f3:
40:4f:6b:21:08:b9:ed:e2:ec:41:d5:7e:80:c7:bf:
47:24:40:7f:75:0d:6f:38:ea:50:00:37:c6:17:8d:
23:05:eb:f4:2e:4c:8f:01:23:ff:9f:d5:db:63:c9:
b2:b7:ca:4b:3f:42:57:7b:35:c7:46:c2:c0:4b:ec:
ec:7d:0c:f6:5b:da:7b:87:88:9e:0e:0b:f1:6f:33:
ae:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:24:09:72:03:D8:E3:CE:08:1C:6C:1D:BA:CD:87:F8:BE:A9:E4:30
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/yCQJcgPY484IHGwdus2H-L6p5DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/24
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
40:a7:50:c6:3d:08:52:e8:55:be:d6:c6:af:ba:28:a0:d9:7d:
32:53:90:0d:96:73:1b:7c:e7:52:b2:e1:cc:d3:a1:14:ec:4c:
d9:de:49:9a:51:63:a7:42:9f:64:ac:5f:af:26:7a:5a:aa:44:
da:91:1a:c3:7a:20:3f:ad:d9:e9:ee:9d:c6:85:52:d2:be:6c:
f9:8e:e5:44:29:d4:02:ea:eb:1f:9a:0f:6d:8d:0d:bb:ed:8a:
8b:68:cc:db:75:db:bd:eb:49:56:b4:de:a3:07:07:bd:04:b6:
f4:6a:89:d5:cb:65:42:14:2f:7b:d3:91:41:05:d4:fa:fe:65:
e6:96:0b:79:5a:83:48:b3:c0:13:ba:02:7f:02:c7:f6:fe:1e:
d2:42:c6:a0:1e:57:15:c1:73:cf:3e:19:1c:80:44:ed:b2:82:
96:60:65:7f:99:81:14:04:29:35:ef:1b:e6:48:be:2e:d9:22:
11:05:a9:97:a0:a8:6a:3e:e7:35:85:7b:fa:ee:35:45:c0:9d:
bc:5f:b0:b2:dd:0e:ff:51:0a:95:c5:1a:3a:d8:a5:9b:52:ef:
6d:aa:e0:e8:e5:af:03:a9:0f:76:cc:a2:7e:34:42:8c:4d:7a:
db:1d:4e:4a:e2:96:ea:bf:9b:2b:d1:2d:ca:07:78:e4:27:e5:
eb:d9:b9:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5bjblrq1MbjBi5I6+8U5K1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzIwMTEwOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI0MDk3MjAzZDhlM2NlMDgxYzZjMWRiYWNkODdmOGJlYTllNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxNzdPJgQZUT3QtgFtcikYJsJ1AU
+riB3NpMphDkymnQ4gKmZU5d0xvIrsYY8917ZF56EipejXzSeJ7PfF1Lzgy2eClS
NDeI3hGNPFOGxiMPcAGUu0D+NOryBa/8LgS68I2BzJ5NaglGuuRcuEVpchAWIPN9
06I4BpmYfiJCQDJLfYpgzfczTzPHAis32vaHbAERQqHwDt12jRkyQlEYuo7/YcLg
gq8I8nymzl1i/ytOQ/NAT2shCLnt4uxB1X6Ax79HJEB/dQ1vOOpQADfGF40jBev0
LkyPASP/n9XbY8myt8pLP0JXezXHRsLAS+zsfQz2W9p7h4ieDgvxbzOuoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMgkCXID2OPOCBxsHbrNh/i+qeQwMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEveUNRSmNnUFk0ODRJSEd3ZHVzMkgtTDZwNURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTd2IAwQA
Td2UAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQBAp1DGPQhS6FW+1savuiig2X0y
U5ANlnMbfOdSsuHM06EU7EzZ3kmaUWOnQp9krF+vJnpaqkTakRrDeiA/rdnp7p3G
hVLSvmz5juVEKdQC6usfmg9tjQ277YqLaMzbddu960lWtN6jBwe9BLb0aonVy2VC
FC9705FBBdT6/mXmlgt5WoNIs8ATugJ/Asf2/h7SQsagHlcVwXPPPhkcgETtsoKW
YGV/mYEUBCk17xvmSL4u2SIRBamXoKhqPuc1hXv67jVFwJ28X7Cy3Q7/UQqVxRo6
2KWbUu9tquDo5a8DqQ92zKJ+NEKMTXrbHU5K4pbqv5sr0S3KB3jkJ+Xr2bki
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org