Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3lUtTQFw62oE6Vp34gLIQ7UwDiI.roa
File: 3lUtTQFw62oE6Vp34gLIQ7UwDiI.roa (raw, json)
Hash identifier: YdS4oP6fy/x7OykScpKLMgkS/bHjKRYRhU8hdqx93QY=
Subject key identifier: DE:55:2D:4D:01:70:EB:6A:04:E9:5A:77:E2:02:C8:43:B5:30:0E:22
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01867AE25075315D9A10818419D31908F892
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3lUtTQFw62oE6Vp34gLIQ7UwDiI.roa
Signing time: Wed 22 Feb 2023 20:48:17 +0000
ROA not before: Wed 22 Feb 2023 20:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 212.111.211.0/24 maxlen: 24
212.111.216.0/23 maxlen: 24
212.111.218.0/23 maxlen: 23
195.178.128.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.248.0/22 maxlen: 24
185.143.56.0/22 maxlen: 24
77.47.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 08:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:e2:50:75:31:5d:9a:10:81:84:19:d3:19:08:f8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 22 20:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de552d4d0170eb6a04e95a77e202c843b5300e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fc:0a:4f:81:82:3d:7e:fd:23:a8:57:50:50:
bf:a4:38:d3:26:e5:a1:87:e6:d1:24:ad:18:e1:b6:
84:09:e0:05:cc:2f:d2:6a:af:6f:8c:ff:d5:ed:fd:
20:48:78:36:10:41:22:59:4e:c9:bf:13:d7:46:9a:
0a:a0:c6:59:ec:df:d4:07:f1:d0:9a:b6:66:af:34:
7d:e3:16:ab:99:d3:f3:57:63:3e:4d:c4:a9:41:72:
16:15:48:94:a9:bd:47:8b:5a:3e:2b:2b:c1:d1:3c:
87:b2:3d:ed:8c:e9:18:36:49:4f:ae:94:2c:1d:72:
b6:8c:3c:5d:cb:af:01:1c:1b:79:d2:a6:ae:f5:1a:
e8:de:9c:d8:3a:84:16:fe:e6:3e:3b:a2:0e:a9:81:
bd:7c:7e:b1:b5:1e:cc:11:85:5a:42:be:83:47:5b:
33:02:3b:e3:79:52:de:ce:a5:d8:a9:22:9f:da:63:
ba:70:72:15:0c:2d:e5:31:83:d1:90:07:e1:3b:18:
c4:61:c9:2c:4c:2d:05:88:7c:72:d7:43:fd:c5:c7:
5a:ab:c4:f9:39:8a:e8:82:40:ca:58:08:19:2f:8b:
16:e0:9e:b1:e1:c4:16:25:50:b0:28:c2:bc:c6:f4:
55:ee:4c:01:a3:39:1f:ac:ab:4c:e3:a6:f8:af:94:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:55:2D:4D:01:70:EB:6A:04:E9:5A:77:E2:02:C8:43:B5:30:0E:22
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3lUtTQFw62oE6Vp34gLIQ7UwDiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.180.0/22
77.47.248.0/21
185.143.56.0/22
195.178.128.0/22
212.111.211.0/24
212.111.216.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:c5:eb:f2:ec:bd:60:a8:15:97:68:f8:33:2b:10:d8:bb:8e:
f3:9f:86:72:06:36:1e:88:f7:b9:e7:fb:f3:a9:da:60:da:91:
ea:df:ca:03:75:a9:3e:44:da:ee:77:2e:5b:7e:f1:19:b2:2f:
7b:29:7d:ce:79:39:ed:83:f7:b1:8c:e3:0c:ed:54:9b:3f:6c:
f0:ab:9f:7c:f6:cb:56:70:aa:bf:51:07:51:2d:84:40:a2:cb:
ec:ba:0d:f2:74:e4:e9:56:34:e1:36:3d:63:f6:65:3b:ff:d5:
18:33:11:9c:d9:9f:b8:b7:57:ad:5f:66:bb:6f:a8:f2:03:c2:
b6:85:76:4d:b8:97:d9:aa:34:5f:1e:c8:ce:44:29:78:e9:c7:
d8:14:c9:f7:fe:59:0a:54:e0:25:f3:70:10:b9:ab:e2:04:1b:
53:11:99:0d:15:5a:dc:95:50:8d:47:dc:4c:3f:7a:48:f1:b4:
41:cf:43:6a:4e:69:74:49:6c:80:dc:0b:d3:7e:3e:e1:1d:60:
78:62:6e:89:73:9b:8c:29:85:00:0f:b4:4d:0b:30:f7:9b:5c:
f5:00:c2:f1:d1:22:51:65:67:3c:82:d7:23:c8:23:7c:f8:ed:
9a:b3:0a:da:7d:ae:d1:0d:28:c7:30:e9:b9:b9:9a:d3:05:3f:
8e:50:bb:6f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZ64lB1MV2aEIGEGdMZCPiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMjIyMjA0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU1MmQ0ZDAxNzBlYjZhMDRlOTVhNzdlMjAyYzg0M2I1MzAwZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvwKT4GCPX79I6hXUFC/pDjTJuWh
h+bRJK0Y4baECeAFzC/Saq9vjP/V7f0gSHg2EEEiWU7JvxPXRpoKoMZZ7N/UB/HQ
mrZmrzR94xarmdPzV2M+TcSpQXIWFUiUqb1Hi1o+KyvB0TyHsj3tjOkYNklPrpQs
HXK2jDxdy68BHBt50qau9Rro3pzYOoQW/uY+O6IOqYG9fH6xtR7MEYVaQr6DR1sz
AjvjeVLezqXYqSKf2mO6cHIVDC3lMYPRkAfhOxjEYcksTC0FiHxy10P9xcdaq8T5
OYrogkDKWAgZL4sW4J6x4cQWJVCwKMK8xvRV7kwBozkfrKtM46b4r5To0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN5VLU0BcOtqBOlad+ICyEO1MA4iMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvM2xVdFRRRnc2Mm9FNlZwMzRnTElRN1V3RGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCTS+0AwQD
TS/4AwQCuY84AwQCw7KAAwQA1G/TAwQC1G/YMA0GCSqGSIb3DQEBCwUAA4IBAQCu
xevy7L1gqBWXaPgzKxDYu47zn4ZyBjYeiPe55/vzqdpg2pHq38oDdak+RNrudy5b
fvEZsi97KX3OeTntg/exjOMM7VSbP2zwq5989stWcKq/UQdRLYRAosvsug3ydOTp
VjThNj1j9mU7/9UYMxGc2Z+4t1etX2a7b6jyA8K2hXZNuJfZqjRfHsjORCl46cfY
FMn3/lkKVOAl83AQuaviBBtTEZkNFVrclVCNR9xMP3pI8bRBz0NqTml0SWyA3AvT
fj7hHWB4Ym6Jc5uMKYUAD7RNCzD3m1z1AMLx0SJRZWc8gtcjyCN8+O2aswrafa7R
DSjHMOm5uZrTBT+OULtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org