Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HBNAupwLs59sw3PTCXya42YCNmg.roa
File: HBNAupwLs59sw3PTCXya42YCNmg.roa (raw, json)
Hash identifier: VHQIv937BEyR6aVrcsRapOQj3ZJU6J/G12PZPL0FAFo=
Subject key identifier: 1C:13:40:BA:9C:0B:B3:9F:6C:C3:73:D3:09:7C:9A:E3:66:02:36:68
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0187B42BCB53ED0CE6F9350D2DBB1D297DC6
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HBNAupwLs59sw3PTCXya42YCNmg.roa
Signing time: Mon 24 Apr 2023 16:49:41 +0000
ROA not before: Mon 24 Apr 2023 16:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.240.0/23 maxlen: 24
77.47.244.0/22 maxlen: 24
77.47.143.0/24 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.142.0/23 maxlen: 24
195.178.144.0/23 maxlen: 23
77.47.156.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
77.47.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 10:18:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:2b:cb:53:ed:0c:e6:f9:35:0d:2d:bb:1d:29:7d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Apr 24 16:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c1340ba9c0bb39f6cc373d3097c9ae366023668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:78:64:1a:6a:09:ff:ce:87:25:02:89:7b:1b:
d5:84:68:82:91:6f:93:e4:be:2c:7b:77:82:67:ac:
d5:93:df:13:36:8b:07:66:83:aa:b8:5d:d0:08:71:
3c:f7:01:ee:3e:ca:95:6e:6b:58:1e:c5:83:5a:9c:
09:6f:fc:ea:d1:2f:fe:fd:b1:f8:6f:91:a5:89:57:
29:f2:b1:c3:0e:97:5d:2a:92:38:9d:fa:f2:3f:8b:
a3:92:0b:21:c8:f0:4b:2a:50:35:87:8c:12:d6:a8:
e8:7a:04:e6:27:15:71:b1:8f:a8:ec:2c:97:de:54:
12:a3:b1:83:6e:e6:c8:dd:26:08:ac:19:9e:70:38:
ee:81:20:aa:0e:43:09:58:5b:1d:71:a1:1f:c9:30:
4e:21:e7:99:ac:f6:02:5d:cc:e9:d7:22:ca:2d:e9:
97:11:b6:4f:7b:cf:6a:66:76:36:80:4e:3c:31:2f:
51:30:fa:06:ee:fa:fc:10:af:cf:94:c7:92:e6:7d:
25:5a:27:f7:e9:70:88:46:53:aa:a6:9d:f4:06:37:
a9:93:be:a4:57:01:d7:b7:1b:fd:d5:46:89:93:68:
4c:02:61:d3:17:de:83:63:e4:c7:28:ac:59:4a:de:
37:66:0e:0d:6b:30:16:46:6e:d8:57:4a:3e:e2:ba:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:13:40:BA:9C:0B:B3:9F:6C:C3:73:D3:09:7C:9A:E3:66:02:36:68
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HBNAupwLs59sw3PTCXya42YCNmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/22
77.47.178.0/24
77.47.240.0/23
77.47.244.0/22
195.178.140.0/24
195.178.142.0-195.178.145.255
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
61:fc:e6:05:19:81:14:b2:01:9b:cc:50:06:ce:33:84:80:8d:
40:bf:d1:be:7e:08:17:cc:78:c3:00:30:96:7d:ed:13:cd:a6:
1b:58:e3:14:ea:3f:ba:a6:ac:4d:50:4d:89:47:58:a3:58:0d:
cd:5e:6b:1f:cc:40:f3:79:33:53:95:c1:f3:2b:0e:85:3e:4a:
f8:3c:d8:93:8a:63:21:72:6c:7e:81:f9:ce:25:67:16:51:87:
ba:01:da:58:7d:de:41:02:6d:fc:0f:78:2b:66:79:b1:0d:ba:
c7:cc:bc:21:25:a8:ca:29:62:68:33:1c:1b:91:07:19:d7:bf:
ff:a6:12:3e:b7:92:68:7d:ad:e6:2e:5e:09:a7:13:bb:b5:f0:
8d:fc:52:e2:2e:e8:a4:85:a8:77:24:37:2e:52:b2:b3:57:0c:
76:31:ab:18:a2:f6:9e:f1:0f:e1:42:3c:21:59:28:a3:cf:5a:
40:9c:d2:07:6d:a5:c8:32:67:72:bd:55:fd:a9:6a:db:af:cc:
41:43:ee:f0:64:6a:18:70:eb:62:69:17:90:84:ba:f3:ab:20:
84:88:c7:24:7d:6c:c8:96:d9:a6:1e:2f:09:1f:4f:e2:f2:fb:
91:af:a6:5e:62:12:a6:24:90:08:58:80:1a:24:7d:3f:4b:15:
6d:4e:8e:4e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYe0K8tT7Qzm+TUNLbsdKX3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwNDI0MTY0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzEzNDBiYTljMGJiMzlmNmNjMzczZDMwOTdjOWFlMzY2MDIzNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHhkGmoJ/86HJQKJexvVhGiCkW+T
5L4se3eCZ6zVk98TNosHZoOquF3QCHE89wHuPsqVbmtYHsWDWpwJb/zq0S/+/bH4
b5GliVcp8rHDDpddKpI4nfryP4ujkgshyPBLKlA1h4wS1qjoegTmJxVxsY+o7CyX
3lQSo7GDbubI3SYIrBmecDjugSCqDkMJWFsdcaEfyTBOIeeZrPYCXczp1yLKLemX
EbZPe89qZnY2gE48MS9RMPoG7vr8EK/PlMeS5n0lWif36XCIRlOqpp30Bjepk76k
VwHXtxv91UaJk2hMAmHTF96DY+THKKxZSt43Zg4NazAWRm7YV0o+4rqPNwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBwTQLqcC7OfbMNz0wl8muNmAjZoMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvSEJOQXVwd0xzNTlzdzNQVENYeWE0MllDTm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATS+PAwQC
TS+cAwQATS+yAwQBTS/wAwQCTS/0AwQAw7KMMAwDBAHDso4DBAHDspADBALDspgw
DQYJKoZIhvcNAQELBQADggEBAGH85gUZgRSyAZvMUAbOM4SAjUC/0b5+CBfMeMMA
MJZ97RPNphtY4xTqP7qmrE1QTYlHWKNYDc1eax/MQPN5M1OVwfMrDoU+Svg82JOK
YyFybH6B+c4lZxZRh7oB2lh93kECbfwPeCtmebENusfMvCElqMopYmgzHBuRBxnX
v/+mEj63kmh9reYuXgmnE7u18I38UuIu6KSFqHckNy5SsrNXDHYxqxii9p7xD+FC
PCFZKKPPWkCc0gdtpcgyZ3K9Vf2patuvzEFD7vBkahhw62JpF5CEuvOrIISIxyR9
bMiW2aYeLwkfT+Ly+5Gvpl5iEqYkkAhYgBokfT9LFW1Ojk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org