Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5ZPIixwj9JkG7i1Nvvp-Y--0kVE.roa
File: 5ZPIixwj9JkG7i1Nvvp-Y--0kVE.roa (raw, json)
Hash identifier: sM1b3UWO+LxbFT6d02oNXXIYE9c7iM0acVpeLjX3mAg=
Subject key identifier: E5:93:C8:8B:1C:23:F4:99:06:EE:2D:4D:BE:FA:7E:63:EF:B4:91:51
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018682739174F8CEDD9824CA876EE8661A69
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5ZPIixwj9JkG7i1Nvvp-Y--0kVE.roa
Signing time: Fri 24 Feb 2023 08:04:17 +0000
ROA not before: Fri 24 Feb 2023 08:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.47.212.0/23 maxlen: 24
77.47.210.0/23 maxlen: 24
77.47.240.0/24 maxlen: 24
77.47.244.0/22 maxlen: 24
77.47.142.0/24 maxlen: 24
77.47.156.0/22 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.141.0/24 maxlen: 24
195.178.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 09:39:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:73:91:74:f8:ce:dd:98:24:ca:87:6e:e8:66:1a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 24 08:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e593c88b1c23f49906ee2d4dbefa7e63efb49151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fd:fe:b4:09:45:14:cf:59:e6:67:59:e3:0a:
55:92:cf:3d:4f:ca:0d:ef:77:fb:1e:7d:ba:f7:cb:
3b:f2:20:c1:3c:96:4d:71:19:52:70:c4:a5:01:f1:
f7:3a:62:b7:9e:47:97:bc:b3:ff:be:fa:89:23:3a:
f3:4f:f7:6d:57:f3:1d:e7:d7:5c:aa:10:df:59:e2:
fe:b5:a0:65:78:4f:e2:ad:6d:95:19:44:58:eb:7f:
10:b8:64:b4:31:00:d9:eb:c9:2c:a2:e9:75:60:e7:
51:0f:24:8d:e2:c8:77:48:8f:61:fa:4c:9f:99:53:
80:ca:68:6f:81:09:53:f0:ec:0f:32:85:b4:1a:db:
11:ac:87:9a:45:95:14:a0:39:67:5c:df:5f:31:7d:
a6:ce:3d:b2:99:a2:0a:eb:db:71:83:90:75:97:23:
c2:60:f0:2d:7c:da:1f:e9:2f:0c:ab:d3:3a:ac:ec:
d5:5e:9e:77:4e:36:fd:45:e4:e6:a5:9f:45:47:4c:
24:bb:1c:c0:a6:26:d6:e3:58:8f:ce:92:0e:fe:52:
7b:49:e5:c0:02:a3:d0:b7:67:40:58:ca:1f:fa:87:
14:e0:98:67:ed:8b:70:0c:c8:4d:a9:e5:d8:5b:94:
b9:03:86:91:32:b9:c8:aa:f6:3f:e0:09:c0:89:fb:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:93:C8:8B:1C:23:F4:99:06:EE:2D:4D:BE:FA:7E:63:EF:B4:91:51
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5ZPIixwj9JkG7i1Nvvp-Y--0kVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/24
77.47.156.0/22
77.47.210.0-77.47.213.255
77.47.240.0/24
77.47.244.0/22
195.178.140.0/23
195.178.146.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:ec:f3:86:93:5b:d0:4e:cd:ad:96:01:9a:a8:9a:e5:b0:37:
82:09:e2:4b:07:b8:af:1d:48:eb:61:ff:88:97:88:fd:14:75:
02:4e:df:9b:a7:db:1e:f4:3c:06:4a:39:e0:83:33:fc:60:9e:
0e:71:16:b3:c6:fb:3d:00:b2:3b:0a:27:c3:82:4f:80:7e:57:
91:5d:32:3a:73:56:a0:cf:26:ad:b9:9d:b8:5b:1e:b4:d3:e7:
e1:f2:0d:ea:59:c6:7a:7b:5b:1c:19:b8:4a:af:a6:b5:ec:88:
05:d7:bc:11:e4:d8:f7:ac:55:d8:db:0d:21:b4:f2:01:85:9a:
11:d3:4a:7a:1e:b1:8e:47:5c:13:bc:5c:a4:88:78:07:85:a1:
27:4b:89:ee:7d:d2:2c:fb:c1:19:ec:a5:6c:ac:16:33:ba:78:
02:1d:02:8f:f9:47:23:99:08:40:31:29:bc:f1:8b:3c:1b:5d:
d1:8a:c1:b4:fb:6e:2e:13:1c:da:b9:62:63:5a:39:8d:2c:5e:
56:34:ba:eb:6a:3d:91:30:78:ef:10:e9:87:74:67:3d:d6:ff:
44:47:5f:10:49:24:6e:a4:57:5f:48:bb:f2:0c:02:24:65:25:
02:93:05:4b:f0:ff:4a:85:08:34:f7:61:ea:f3:bf:34:64:b4:
35:0d:fb:bf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYaCc5F0+M7dmCTKh27oZhppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMjI0MDgwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTkzYzg4YjFjMjNmNDk5MDZlZTJkNGRiZWZhN2U2M2VmYjQ5MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/3+tAlFFM9Z5mdZ4wpVks89T8oN
73f7Hn2698s78iDBPJZNcRlScMSlAfH3OmK3nkeXvLP/vvqJIzrzT/dtV/Md59dc
qhDfWeL+taBleE/irW2VGURY638QuGS0MQDZ68ksoul1YOdRDySN4sh3SI9h+kyf
mVOAymhvgQlT8OwPMoW0GtsRrIeaRZUUoDlnXN9fMX2mzj2ymaIK69txg5B1lyPC
YPAtfNof6S8Mq9M6rOzVXp53Tjb9ReTmpZ9FR0wkuxzApibW41iPzpIO/lJ7SeXA
AqPQt2dAWMof+ocU4Jhn7YtwDMhNqeXYW5S5A4aRMrnIqvY/4AnAifvJeQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOWTyIscI/SZBu4tTb76fmPvtJFRMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvNVpQSWl4d2o5SmtHN2kxTnZ2cC1ZLS0wa1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATS+OAwQC
TS+cMAwDBAFNL9IDBAFNL9QDBABNL/ADBAJNL/QDBAHDsowDBADDspIwDQYJKoZI
hvcNAQELBQADggEBALLs84aTW9BOza2WAZqomuWwN4IJ4ksHuK8dSOth/4iXiP0U
dQJO35un2x70PAZKOeCDM/xgng5xFrPG+z0AsjsKJ8OCT4B+V5FdMjpzVqDPJq25
nbhbHrTT5+HyDepZxnp7WxwZuEqvprXsiAXXvBHk2PesVdjbDSG08gGFmhHTSnoe
sY5HXBO8XKSIeAeFoSdLie590iz7wRnspWysFjO6eAIdAo/5RyOZCEAxKbzxizwb
XdGKwbT7bi4THNq5YmNaOY0sXlY0uutqPZEweO8Q6Yd0Zz3W/0RHXxBJJG6kV19I
u/IMAiRlJQKTBUvw/0qFCDT3YerzvzRktDUN+78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org