Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/G72u-sa5Y7TvSpufmm8CXw1L9m8.roa
File: G72u-sa5Y7TvSpufmm8CXw1L9m8.roa (raw, json)
Hash identifier: lzlIJAycaQYyA9ko0aHJkFXJeBEgIZUTnzY3IjXT+co=
Subject key identifier: 1B:BD:AE:FA:C6:B9:63:B4:EF:4A:9B:9F:9A:6F:02:5F:0D:4B:F6:6F
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 01856C65CE4113D4B2B06C18EEDE127540F9
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/G72u-sa5Y7TvSpufmm8CXw1L9m8.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.77.72.0/24 maxlen: 24
195.245.201.0/24 maxlen: 24
195.157.4.0/24 maxlen: 24
2001:67c:27dc::/48 maxlen: 48
2001:67c:1088::/48 maxlen: 48
2001:a88:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ce:41:13:d4:b2:b0:6c:18:ee:de:12:75:40:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bbdaefac6b963b4ef4a9b9f9a6f025f0d4bf66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e2:d4:c5:42:3b:51:58:10:f2:09:69:f5:52:
c5:2b:79:ca:09:45:2d:eb:1d:99:1c:cb:d4:1f:bc:
58:30:ef:a1:05:dc:66:ad:93:04:c8:af:38:c5:d4:
90:69:bc:f7:0c:f9:5a:23:95:9f:2e:31:9a:32:a2:
20:af:36:88:48:fb:7a:9c:5e:92:08:fb:d7:c2:56:
e3:eb:83:51:bc:42:71:ae:e6:3a:39:0f:dc:77:84:
c6:49:98:f9:d2:2e:bd:30:e9:72:54:7e:49:3a:b7:
61:93:e4:c3:21:8a:ae:9e:db:66:31:6e:ac:83:fe:
5a:a4:4a:4e:3f:27:45:2c:37:35:4f:53:45:08:4d:
47:0d:d7:54:25:8c:70:13:65:cb:97:94:26:c9:79:
57:5b:29:d3:6d:0e:55:3c:4a:e6:45:6d:88:ac:96:
b3:84:5a:9f:a7:f0:63:42:22:e0:7e:ed:1d:b3:ba:
d0:02:25:de:2f:c9:a7:76:7c:7b:e6:8c:ac:b5:a3:
5e:d1:56:41:e9:98:96:c1:5a:c5:ee:2f:f4:0a:ee:
93:23:85:21:1a:15:f7:eb:33:eb:ed:11:54:de:e1:
60:18:d7:3e:ba:69:c6:f2:ea:55:14:15:9b:bb:fd:
2d:25:4d:b5:fc:d5:17:e2:21:50:58:88:bb:f7:97:
fb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BD:AE:FA:C6:B9:63:B4:EF:4A:9B:9F:9A:6F:02:5F:0D:4B:F6:6F
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/G72u-sa5Y7TvSpufmm8CXw1L9m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.72.0/24
195.157.4.0/24
195.245.201.0/24
IPv6:
2001:67c:1088::/48
2001:67c:27dc::/48
2001:a88:8::/48
Signature Algorithm: sha256WithRSAEncryption
64:b2:f5:c1:c6:30:ce:5a:0c:f0:13:18:c4:00:1d:48:2e:e0:
ad:2c:4a:0c:e2:23:ad:46:0a:d5:49:8f:b1:8b:19:c2:71:c5:
c2:84:02:73:5d:72:3b:75:9a:af:ca:4e:40:e7:db:47:e0:af:
d1:3f:bc:d5:e4:b6:d5:f8:44:d8:23:2c:05:fb:10:e0:84:aa:
bc:b1:64:79:da:86:90:92:5d:5f:28:76:bd:54:4b:dd:4a:22:
04:ac:f8:6e:16:c0:ad:19:3e:59:6c:fb:44:45:d7:c3:64:b8:
04:3a:e2:bf:06:b6:4b:a6:ec:66:d2:c2:66:e8:d0:46:6d:d9:
b5:c0:21:07:c4:8a:eb:a2:13:b6:e3:b1:8a:11:f5:b5:2b:7e:
7b:d9:d6:8d:85:b6:aa:c0:23:b2:97:0f:29:f3:b7:7c:7b:4a:
9c:f3:5b:88:8f:9b:61:76:79:a6:92:19:86:28:17:53:b3:56:
5c:58:54:23:cc:75:5f:97:57:51:18:23:a1:da:3e:f2:ed:fb:
ec:b4:4f:7d:d0:d4:3f:31:d1:70:43:2f:43:12:88:a4:27:ad:
72:9d:f3:f1:2b:e0:be:48:fb:2e:2a:2b:2c:2c:1a:b1:b4:4d:
c2:39:b8:8d:65:35:f1:57:c9:57:34:4e:b9:3c:66:ad:9f:7a:
36:bf:5b:54
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVsZc5BE9SysGwY7t4SdUD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJkYWVmYWM2Yjk2M2I0ZWY0YTliOWY5YTZmMDI1ZjBkNGJmNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOLUxUI7UVgQ8glp9VLFK3nKCUUt
6x2ZHMvUH7xYMO+hBdxmrZMEyK84xdSQabz3DPlaI5WfLjGaMqIgrzaISPt6nF6S
CPvXwlbj64NRvEJxruY6OQ/cd4TGSZj50i69MOlyVH5JOrdhk+TDIYqunttmMW6s
g/5apEpOPydFLDc1T1NFCE1HDddUJYxwE2XLl5QmyXlXWynTbQ5VPErmRW2IrJaz
hFqfp/BjQiLgfu0ds7rQAiXeL8mndnx75oystaNe0VZB6ZiWwVrF7i/0Cu6TI4Uh
GhX36zPr7RFU3uFgGNc+umnG8upVFBWbu/0tJU21/NUX4iFQWIi795f7fwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBu9rvrGuWO070qbn5pvAl8NS/ZvMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvRzcydS1zYTVZN1R2U3B1Zm1tOENYdzFMOW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAuU1IAwQA
w50EAwQAw/XJMCEEAgACMBsDBwAgAQZ8EIgDBwAgAQZ8J9wDBwAgAQqIAAgwDQYJ
KoZIhvcNAQELBQADggEBAGSy9cHGMM5aDPATGMQAHUgu4K0sSgziI61GCtVJj7GL
GcJxxcKEAnNdcjt1mq/KTkDn20fgr9E/vNXkttX4RNgjLAX7EOCEqryxZHnahpCS
XV8odr1US91KIgSs+G4WwK0ZPlls+0RF18NkuAQ64r8Gtkum7GbSwmbo0EZt2bXA
IQfEiuuiE7bjsYoR9bUrfnvZ1o2FtqrAI7KXDynzt3x7SpzzW4iPm2F2eaaSGYYo
F1OzVlxYVCPMdV+XV1EYI6HaPvLt++y0T33Q1D8x0XBDL0MSiKQnrXKd8/Er4L5I
+y4qKywsGrG0TcI5uI1lNfFXyVc0Trk8Zq2feja/W1Q=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:36:14 2024 by rpki-client on console.sobornost.net