Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/J8BcAcIcgnswfDiuemieqh3zyxw.roa
File: J8BcAcIcgnswfDiuemieqh3zyxw.roa (raw, json)
Hash identifier: /DR9iSg863l2Owrz5/rDQ3ZzM+Am0RQ+K7QoSpJQId8=
Subject key identifier: 27:C0:5C:01:C2:1C:82:7B:30:7C:38:AE:7A:68:9E:AA:1D:F3:CB:1C
Certificate issuer: /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial: 0187BD948A926C241C3B449CC369E301AC38
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/J8BcAcIcgnswfDiuemieqh3zyxw.roa
Signing time: Wed 26 Apr 2023 12:40:41 +0000
ROA not before: Wed 26 Apr 2023 12:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19806
IP address blocks: 77.247.9.0/24 maxlen: 24
77.247.11.0/24 maxlen: 24
77.247.10.0/24 maxlen: 24
212.11.84.0/24 maxlen: 24
212.11.83.0/24 maxlen: 24
212.11.82.0/24 maxlen: 24
212.11.81.0/24 maxlen: 24
212.11.85.0/24 maxlen: 24
212.11.87.0/24 maxlen: 24
212.11.86.0/24 maxlen: 24
46.235.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 13:26:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:94:8a:92:6c:24:1c:3b:44:9c:c3:69:e3:01:ac:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Validity
Not Before: Apr 26 12:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27c05c01c21c827b307c38ae7a689eaa1df3cb1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:15:d7:ca:c1:a0:69:c9:90:8e:6c:bf:cd:d2:
cb:c8:a9:78:be:27:be:3c:e2:9e:8d:60:da:3b:af:
b0:f8:de:00:92:2f:04:dc:77:2c:81:31:84:37:de:
68:4d:b5:ba:82:8c:67:9f:1a:e8:fc:67:8f:f1:20:
a8:6f:49:c5:ac:e1:5d:d7:c6:66:06:8a:2d:a2:ed:
e9:0e:88:b2:7e:1c:f0:0b:88:07:0a:2a:78:f6:de:
15:f3:c8:c3:e8:8b:fb:37:da:1b:9c:57:75:f2:2e:
42:b1:37:33:d4:86:ff:00:12:0b:38:7b:7e:d7:63:
e3:cd:0b:9f:33:2b:96:75:2d:99:ad:95:d0:34:a5:
44:2b:7e:cd:ef:31:55:51:09:9c:d2:80:f8:98:90:
1b:29:86:49:94:31:05:66:2a:f2:98:70:bb:50:bc:
25:e9:b1:b6:f0:94:83:4c:9b:b7:c9:97:53:22:82:
19:4e:ac:aa:a6:91:82:e8:c1:45:78:66:71:3e:71:
88:bc:b1:ad:e4:08:4d:87:2f:8f:62:09:39:e5:3d:
0a:66:4a:63:7e:3b:87:17:63:b8:b2:0e:90:96:4e:
90:a4:a6:94:cb:e1:8b:6b:13:97:f4:94:9c:5f:d1:
07:1d:06:29:62:85:40:f6:fe:9e:e9:98:7a:aa:12:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C0:5C:01:C2:1C:82:7B:30:7C:38:AE:7A:68:9E:AA:1D:F3:CB:1C
X509v3 Authority Key Identifier:
keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/J8BcAcIcgnswfDiuemieqh3zyxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.108.0/24
77.247.9.0-77.247.11.255
212.11.81.0-212.11.87.255
Signature Algorithm: sha256WithRSAEncryption
90:06:8f:23:5c:11:3d:21:88:0e:ac:47:62:45:06:2b:21:d6:
dd:72:04:33:7d:36:0c:9f:c3:f5:14:d0:5b:ea:74:3c:eb:f9:
71:42:ac:6b:d9:e0:4d:3a:73:55:6c:58:3e:c9:f6:25:40:37:
5a:4c:a9:5f:ff:7e:06:56:8a:41:ab:b1:a3:3e:b4:d5:33:9e:
99:5b:fb:8a:15:21:8a:3c:82:85:87:b8:65:1a:4a:fa:40:00:
a1:8e:7a:d8:f9:d9:b1:2c:4a:bd:65:8b:c1:d7:e5:b7:4b:95:
b8:80:fa:4d:32:11:4d:d9:1e:d2:3c:71:00:88:16:d9:5a:f1:
a7:2e:c7:42:78:a7:57:8c:c9:66:cb:c4:dd:24:1a:c0:78:ec:
d5:99:56:d9:2b:2b:42:e6:52:23:56:0d:2c:77:60:9b:e6:c7:
57:51:7e:1a:08:bc:9e:74:6e:3d:91:84:5f:9c:28:5c:e7:3c:
fc:30:d5:c0:75:02:35:40:b7:62:65:a3:e6:42:bb:e7:86:0c:
ff:f8:b1:9a:11:6f:9f:1b:a2:0b:1a:c1:a0:22:f3:56:6c:86:
aa:1c:f8:3b:29:e3:be:9f:ea:55:9c:85:83:c9:eb:b7:d6:34:
fd:36:46:d6:6a:f9:c5:6c:6e:a3:98:b2:e2:17:0d:55:b5:e3:
ea:36:48:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYe9lIqSbCQcO0Scw2njAaw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjMwNDI2MTI0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2MwNWMwMWMyMWM4MjdiMzA3YzM4YWU3YTY4OWVhYTFkZjNjYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRXXysGgacmQjmy/zdLLyKl4vie+
POKejWDaO6+w+N4Aki8E3HcsgTGEN95oTbW6goxnnxro/GeP8SCob0nFrOFd18Zm
Bootou3pDoiyfhzwC4gHCip49t4V88jD6Iv7N9obnFd18i5CsTcz1Ib/ABILOHt+
12PjzQufMyuWdS2ZrZXQNKVEK37N7zFVUQmc0oD4mJAbKYZJlDEFZirymHC7ULwl
6bG28JSDTJu3yZdTIoIZTqyqppGC6MFFeGZxPnGIvLGt5AhNhy+PYgk55T0KZkpj
fjuHF2O4sg6Qlk6QpKaUy+GLaxOX9JScX9EHHQYpYoVA9v6e6Zh6qhK6pQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCfAXAHCHIJ7MHw4rnponqod88scMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvSjhCY0FjSWNnbnN3ZkRpdWVtaWVxaDN6eXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQALutsMAwD
BABN9wkDBAJN9wgwDAMEANQLUQMEA9QLUDANBgkqhkiG9w0BAQsFAAOCAQEAkAaP
I1wRPSGIDqxHYkUGKyHW3XIEM302DJ/D9RTQW+p0POv5cUKsa9ngTTpzVWxYPsn2
JUA3WkypX/9+BlaKQauxoz601TOemVv7ihUhijyChYe4ZRpK+kAAoY562PnZsSxK
vWWLwdflt0uVuID6TTIRTdke0jxxAIgW2Vrxpy7HQninV4zJZsvE3SQawHjs1ZlW
2SsrQuZSI1YNLHdgm+bHV1F+Ggi8nnRuPZGEX5woXOc8/DDVwHUCNUC3YmWj5kK7
54YM//ixmhFvnxuiCxrBoCLzVmyGqhz4Oynjvp/qVZyFg8nrt9Y0/TZG1mr5xWxu
o5iy4hcNVbXj6jZIKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:13 2024 by rpki-client on console-ams.rpki-client.org