Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ESVbtOnpsDFrG3HmVgJBtYX2Bvg.roa
File: ESVbtOnpsDFrG3HmVgJBtYX2Bvg.roa (raw, json)
Hash identifier: JAJnjTSECcSRWBHlOBz5KI1H5g/FFOdspM3rPUJGnSY=
Subject key identifier: 11:25:5B:B4:E9:E9:B0:31:6B:1B:71:E6:56:02:41:B5:85:F6:06:F8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018C635B22A74E9EFFC7413DEEF7467A2CFD
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ESVbtOnpsDFrG3HmVgJBtYX2Bvg.roa
Signing time: Wed 13 Dec 2023 13:26:06 +0000
ROA not before: Wed 13 Dec 2023 13:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 77.92.146.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
77.92.153.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
188.132.185.0/24 maxlen: 24
78.135.66.0/24 maxlen: 24
188.132.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Dec 2023 18:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:5b:22:a7:4e:9e:ff:c7:41:3d:ee:f7:46:7a:2c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 13 13:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11255bb4e9e9b0316b1b71e6560241b585f606f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d5:4f:c7:a8:26:c4:39:cb:2f:bd:09:1e:d3:
a9:92:47:38:9a:f1:14:d2:8f:4d:f7:fa:10:bb:b6:
35:70:06:3f:20:b5:6e:cf:f9:e8:5c:46:10:88:4d:
e2:92:2b:35:28:be:44:53:d5:04:13:0c:7e:90:35:
10:1b:f4:c7:6c:5c:0f:38:69:d9:d4:65:a2:a2:7a:
dc:3f:b3:1b:a8:d2:0c:83:95:e7:2a:c5:5b:b1:8e:
74:b2:e0:3d:8c:25:8b:45:db:e6:a0:44:d4:ca:7d:
c0:d2:60:ba:60:89:11:ad:e6:cf:43:c7:99:cc:dd:
12:37:f2:85:38:38:c1:49:5e:df:5a:e0:61:df:de:
6f:a1:bf:d3:10:42:7b:af:4d:73:9e:49:d7:51:3f:
63:ae:34:4c:82:60:74:f8:4f:8c:aa:a9:b0:f3:bd:
77:97:07:e2:57:33:d9:2e:4b:33:df:3d:cc:88:77:
36:94:84:11:f0:c2:c4:b6:75:d9:07:e5:51:ac:9d:
90:b2:39:48:ba:78:20:26:b7:a6:af:f8:22:5a:e0:
5f:99:39:25:03:85:ff:bf:71:f7:48:19:47:2d:38:
3f:d5:38:bf:0a:21:33:d2:15:41:a5:0a:c1:bb:4d:
3e:4a:23:fd:1f:fc:3b:ce:08:26:53:39:93:54:2c:
2f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:25:5B:B4:E9:E9:B0:31:6B:1B:71:E6:56:02:41:B5:85:F6:06:F8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ESVbtOnpsDFrG3HmVgJBtYX2Bvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
31.210.50.0/24
77.92.146.0/24
77.92.153.0/24
78.135.66.0/24
188.132.153.0/24
188.132.185.0/24
188.132.201.0/24
Signature Algorithm: sha256WithRSAEncryption
38:57:f3:7c:a8:32:a4:ae:f1:a4:01:63:7b:3b:fd:c5:b0:c7:
fb:1e:a1:16:88:84:0a:2e:04:c1:5c:d2:b5:c7:36:36:aa:54:
37:01:49:00:c4:f9:59:f9:c4:d2:69:ac:31:15:df:ee:d8:8a:
fe:ba:40:02:96:61:0b:75:3f:08:3b:28:a6:fc:6b:ce:e0:8e:
1f:7f:c6:f7:51:cc:3d:50:67:cc:7f:1d:53:69:71:aa:dc:97:
92:c9:b4:58:7d:cb:14:7a:9c:16:2d:4f:7f:b5:c4:9f:d3:17:
7b:87:08:ce:71:78:8a:e9:e2:b2:a5:07:54:a0:bf:2f:3d:0c:
b2:7d:8c:2e:b1:2e:0d:d3:6d:79:f5:dc:2c:3c:83:cd:fa:53:
9d:5b:63:2a:47:25:29:21:35:98:16:fa:14:f6:84:c8:c1:cf:
fb:2a:31:36:e5:91:13:39:3d:09:eb:ec:51:ee:a2:83:93:c4:
b4:86:87:cd:17:56:e8:d3:8e:d2:ad:42:a5:6c:44:9e:38:2f:
c1:c3:10:57:ed:e3:06:54:8a:47:f3:00:b7:a5:d9:2d:64:24:
97:f4:22:1a:03:d1:06:90:11:f6:b9:9d:1a:9e:fc:40:9c:e6:
77:22:28:1c:8b:5f:7c:4a:b1:48:cf:76:7e:e8:75:84:2a:66:
d3:0e:45:13
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYxjWyKnTp7/x0E97vdGeiz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMxMjEzMTMyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI1NWJiNGU5ZTliMDMxNmIxYjcxZTY1NjAyNDFiNTg1ZjYwNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdVPx6gmxDnLL70JHtOpkkc4mvEU
0o9N9/oQu7Y1cAY/ILVuz/noXEYQiE3ikis1KL5EU9UEEwx+kDUQG/THbFwPOGnZ
1GWionrcP7MbqNIMg5XnKsVbsY50suA9jCWLRdvmoETUyn3A0mC6YIkRrebPQ8eZ
zN0SN/KFODjBSV7fWuBh395vob/TEEJ7r01znknXUT9jrjRMgmB0+E+Mqqmw8713
lwfiVzPZLksz3z3MiHc2lIQR8MLEtnXZB+VRrJ2QsjlIunggJremr/giWuBfmTkl
A4X/v3H3SBlHLTg/1Ti/CiEz0hVBpQrBu00+SiP9H/w7zggmUzmTVCwvMwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBElW7Tp6bAxaxtx5lYCQbWF9gb4MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvRVNWYnRPbnBzREZyRzNIbVZnSkJ0WVgyQnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH9IwAwQA
H9IyAwQATVySAwQATVyZAwQATodCAwQAvISZAwQAvIS5AwQAvITJMA0GCSqGSIb3
DQEBCwUAA4IBAQA4V/N8qDKkrvGkAWN7O/3FsMf7HqEWiIQKLgTBXNK1xzY2qlQ3
AUkAxPlZ+cTSaawxFd/u2Ir+ukAClmELdT8IOyim/GvO4I4ff8b3Ucw9UGfMfx1T
aXGq3JeSybRYfcsUepwWLU9/tcSf0xd7hwjOcXiK6eKypQdUoL8vPQyyfYwusS4N
02159dwsPIPN+lOdW2MqRyUpITWYFvoU9oTIwc/7KjE25ZETOT0J6+xR7qKDk8S0
hofNF1bo047SrUKlbESeOC/BwxBX7eMGVIpH8wC3pdktZCSX9CIaA9EGkBH2uZ0a
nvxAnOZ3Iigci198SrFIz3Z+6HWEKmbTDkUT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org