Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/sGBCIP46xt2TExadUVTHIvaFXUM.roa
File: sGBCIP46xt2TExadUVTHIvaFXUM.roa (raw, json)
Hash identifier: QRSSwSf0tYBVrTI7+Mr1Ehtc3N4VOhUZrsfIi7cKRco=
Subject key identifier: B0:60:42:20:FE:3A:C6:DD:93:13:16:9D:51:54:C7:22:F6:85:5D:43
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 01856C65E3F465530952F698640B9C2AA21F
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/sGBCIP46xt2TExadUVTHIvaFXUM.roa
Signing time: Sun 01 Jan 2023 08:14:54 +0000
ROA not before: Sun 01 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200964
IP address blocks: 77.221.36.0/24 maxlen: 24
77.221.37.0/24 maxlen: 24
77.221.38.0/24 maxlen: 24
77.221.42.0/24 maxlen: 24
77.221.39.0/24 maxlen: 24
77.221.40.0/24 maxlen: 24
77.221.41.0/24 maxlen: 24
77.221.50.0/24 maxlen: 24
2a10:4941:10::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e3:f4:65:53:09:52:f6:98:64:0b:9c:2a:a2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0604220fe3ac6dd9313169d5154c722f6855d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:9a:13:86:db:87:38:90:bb:4c:60:26:f6:
9d:a2:53:8c:89:bc:fd:18:c6:d4:50:9c:09:50:c0:
8c:cf:d0:51:44:d4:4b:2c:d2:2d:76:bf:26:01:b6:
31:b4:a0:b8:68:3c:6e:18:60:c4:ff:35:64:71:c0:
1b:bb:b5:ad:64:a7:ab:55:b2:ac:03:26:9a:b4:01:
5e:c0:ea:11:a4:81:86:24:88:4b:5e:57:16:1f:78:
59:e3:bf:f8:61:a7:01:f5:9c:a8:f3:1d:2a:b2:1e:
62:0c:6d:4f:d9:79:75:c3:3d:b7:db:bd:32:5b:43:
43:e2:42:c1:15:39:6c:65:1e:a3:cb:a3:ef:35:43:
e4:4e:03:30:14:a3:47:81:85:78:b7:6e:c7:ef:62:
14:a9:fc:21:92:5f:64:9f:65:1f:1e:67:96:89:b2:
de:82:0a:be:ea:c1:a1:22:86:63:ea:99:71:d7:0c:
2e:af:87:d6:4b:bf:d6:c0:ee:76:6a:bd:52:c6:16:
5b:91:6c:e9:fd:db:c3:f0:33:42:c8:ce:eb:a6:95:
af:b3:ff:95:72:6e:19:48:cf:49:5f:48:c5:44:ac:
41:a9:1d:d1:36:da:57:ef:38:1a:b3:2a:a3:62:61:
bc:ab:a6:8e:20:a4:1c:f0:ac:aa:a5:06:d6:b4:17:
e9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:60:42:20:FE:3A:C6:DD:93:13:16:9D:51:54:C7:22:F6:85:5D:43
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/sGBCIP46xt2TExadUVTHIvaFXUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.36.0-77.221.42.255
77.221.50.0/24
IPv6:
2a10:4941:10::/44
Signature Algorithm: sha256WithRSAEncryption
25:21:b8:67:ec:6a:31:f7:aa:1c:b1:1d:b7:11:b0:e4:4d:da:
a6:24:58:7a:d3:00:1e:23:57:1c:ca:cc:b5:c0:ca:89:0a:06:
f3:78:4c:e8:ab:5f:d5:13:8d:08:7d:fd:aa:d6:40:d1:07:29:
87:1e:2e:69:bb:2a:d0:1b:20:a9:d0:7d:5e:6d:64:28:a6:2f:
62:d3:e8:71:d1:56:d8:1a:bf:ff:f1:92:6b:03:3f:69:e8:4d:
45:bf:8c:1c:dc:ea:46:1c:7c:b7:6a:13:af:59:00:76:01:dd:
a7:eb:7c:7c:91:03:1c:94:e1:f6:c1:6f:c1:38:2d:67:98:d9:
3a:62:b4:e3:21:75:9e:7a:79:8e:71:6f:9a:89:1a:e8:50:d6:
42:97:ed:d0:b5:5a:f6:d2:d4:d0:5c:84:55:c2:b7:c1:6c:93:
c9:95:2f:01:97:06:c2:18:13:23:eb:67:d5:2c:90:de:c5:00:
cd:e1:6e:88:1e:03:d9:c4:95:a9:ac:90:dc:fd:a2:61:fe:66:
47:6d:13:14:f2:f3:b6:80:f9:78:cd:44:4b:c8:b6:ea:a4:90:
22:46:54:b8:6b:bf:23:d9:12:e9:82:8e:6e:2c:64:0b:44:6f:
b4:3e:bb:6d:d7:f8:4b:6d:3b:88:19:56:2c:19:1c:24:78:20:
38:ce:92:ef
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVsZeP0ZVMJUvaYZAucKqIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYwNDIyMGZlM2FjNmRkOTMxMzE2OWQ1MTU0YzcyMmY2ODU1ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnSaE4bbhziQu0xgJvadolOMibz9
GMbUUJwJUMCMz9BRRNRLLNItdr8mAbYxtKC4aDxuGGDE/zVkccAbu7WtZKerVbKs
AyaatAFewOoRpIGGJIhLXlcWH3hZ47/4YacB9Zyo8x0qsh5iDG1P2Xl1wz23270y
W0ND4kLBFTlsZR6jy6PvNUPkTgMwFKNHgYV4t27H72IUqfwhkl9kn2UfHmeWibLe
ggq+6sGhIoZj6plx1wwur4fWS7/WwO52ar1SxhZbkWzp/dvD8DNCyM7rppWvs/+V
cm4ZSM9JX0jFRKxBqR3RNtpX7zgasyqjYmG8q6aOIKQc8KyqpQbWtBfpAQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLBgQiD+OsbdkxMWnVFUxyL2hV1DMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvc0dCQ0lQNDZ4dDJURXhhZFVWVEhJdmFGWFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAJN3SQD
BABN3SoDBABN3TIwDwQCAAIwCQMHBCoQSUEAEDANBgkqhkiG9w0BAQsFAAOCAQEA
JSG4Z+xqMfeqHLEdtxGw5E3apiRYetMAHiNXHMrMtcDKiQoG83hM6Ktf1RONCH39
qtZA0Qcphx4uabsq0BsgqdB9Xm1kKKYvYtPocdFW2Bq///GSawM/aehNRb+MHNzq
Rhx8t2oTr1kAdgHdp+t8fJEDHJTh9sFvwTgtZ5jZOmK04yF1nnp5jnFvmoka6FDW
Qpft0LVa9tLU0FyEVcK3wWyTyZUvAZcGwhgTI+tn1SyQ3sUAzeFuiB4D2cSVqayQ
3P2iYf5mR20TFPLztoD5eM1ES8i26qSQIkZUuGu/I9kS6YKObixkC0RvtD67bdf4
S207iBlWLBkcJHggOM6S7w==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:31 2024 by rpki-client on console.sobornost.net