Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/MC2d4vWmpW2pH_WBJdgcudwiZpM.roa
File: MC2d4vWmpW2pH_WBJdgcudwiZpM.roa (raw, json)
Hash identifier: Q643q4pmRlLUqmP6Gh1TcfD4MIQ3BvtjgmCYj09x+NI=
Subject key identifier: 30:2D:9D:E2:F5:A6:A5:6D:A9:1F:F5:81:25:D8:1C:B9:DC:22:66:93
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018D36D16FA72BDB5D6EA5BE5FAF3920218C
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/MC2d4vWmpW2pH_WBJdgcudwiZpM.roa
Signing time: Tue 23 Jan 2024 14:55:11 +0000
ROA not before: Tue 23 Jan 2024 14:55:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.156.0/24 maxlen: 24
77.47.157.0/24 maxlen: 24
212.111.216.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:37:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:d1:6f:a7:2b:db:5d:6e:a5:be:5f:af:39:20:21:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 23 14:55:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=302d9de2f5a6a56da91ff58125d81cb9dc226693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:b9:33:2c:c6:3b:25:25:54:ec:b5:52:20:
bd:65:ac:8b:c0:3f:bc:ee:5f:bc:b9:6b:da:fc:d2:
ba:60:db:b8:be:b4:e7:48:b0:1c:3e:a3:68:32:03:
50:e5:69:4b:91:d6:4d:d9:80:08:e8:6a:16:01:28:
67:86:74:db:4f:b6:41:1a:5a:fc:06:c7:a9:9a:2b:
81:5c:9d:35:7a:13:1e:74:0f:40:19:66:43:06:fe:
15:7b:25:f8:70:6b:24:7b:19:99:c2:2b:73:43:27:
81:a2:5f:00:7a:38:a5:2a:94:3c:a4:51:7a:eb:ab:
40:88:68:62:c6:9c:30:4e:c5:c8:5f:47:a0:32:32:
0c:30:9d:30:c7:7e:ec:2a:f6:0e:d4:4a:03:e7:2e:
c7:23:fe:2b:2f:00:61:de:e5:d3:81:88:fe:14:d9:
19:23:c7:a1:0a:f5:88:18:5e:1e:89:e1:44:48:ab:
5b:ed:81:40:0e:9c:bc:09:fd:46:c2:a8:a0:95:23:
9f:b3:83:5d:3b:ab:31:d6:b2:4f:32:c4:30:b6:71:
64:11:6f:b5:6d:18:87:c9:27:c0:7e:48:c1:4d:d9:
78:94:d6:36:c6:83:a3:b2:01:7b:de:f2:e7:41:8a:
41:f8:50:59:d9:57:2a:f4:ec:79:cd:39:48:b7:ac:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2D:9D:E2:F5:A6:A5:6D:A9:1F:F5:81:25:D8:1C:B9:DC:22:66:93
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/MC2d4vWmpW2pH_WBJdgcudwiZpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/23
212.111.216.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:fe:db:9e:4e:dd:ca:47:fd:68:ba:14:27:5a:5c:16:14:39:
e0:22:4f:49:d8:1d:fb:5c:cd:f2:be:ab:c8:b3:6b:88:e5:06:
2a:88:e2:ad:5b:09:e3:ba:91:26:91:c8:ab:fb:c7:84:33:5c:
88:94:34:36:d8:87:41:bb:50:35:89:1a:ff:b8:77:9f:e1:62:
c8:33:d6:22:6d:98:d5:e7:f3:42:f8:90:07:e9:81:5e:b4:63:
5b:04:69:73:8a:ae:3b:bf:43:14:45:b4:92:fe:04:16:74:17:
62:c1:87:3a:5f:78:13:bb:6e:1b:a1:d1:3c:37:56:fb:d9:9d:
9c:2c:64:0b:7c:60:e9:20:14:73:8e:9d:54:c8:bc:1a:5e:70:
b6:ce:3a:b3:dd:87:ef:e6:52:0d:f4:47:96:f4:10:38:30:b8:
0e:87:7e:97:be:2c:21:17:67:53:d7:c1:2b:d4:17:1d:a4:fc:
8c:46:bc:8a:b1:29:b3:fd:ef:99:e2:54:68:83:f9:3e:b9:02:
1e:fe:1f:eb:c8:b6:6d:a2:31:ee:56:dc:91:d8:2a:32:83:b6:
72:93:ff:46:dc:dd:c5:45:9c:fb:30:cd:eb:0f:a9:6e:fd:69:
26:09:71:f9:45:68:96:78:a6:b2:16:d1:c3:0e:c8:7d:ef:12:
f7:70:e2:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY020W+nK9tdbqW+X685ICGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTIzMTQ1NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJkOWRlMmY1YTZhNTZkYTkxZmY1ODEyNWQ4MWNiOWRjMjI2NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm65MyzGOyUlVOy1UiC9ZayLwD+8
7l+8uWva/NK6YNu4vrTnSLAcPqNoMgNQ5WlLkdZN2YAI6GoWAShnhnTbT7ZBGlr8
BsepmiuBXJ01ehMedA9AGWZDBv4VeyX4cGskexmZwitzQyeBol8AejilKpQ8pFF6
66tAiGhixpwwTsXIX0egMjIMMJ0wx37sKvYO1EoD5y7HI/4rLwBh3uXTgYj+FNkZ
I8ehCvWIGF4eieFESKtb7YFADpy8Cf1GwqiglSOfs4NdO6sx1rJPMsQwtnFkEW+1
bRiHySfAfkjBTdl4lNY2xoOjsgF73vLnQYpB+FBZ2Vcq9Ox5zTlIt6z7IQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDAtneL1pqVtqR/1gSXYHLncImaTMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvTUMyZDR2V21wVzJwSF9XQkpkZ2N1ZHdpWnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATS+PAwQB
TS+cAwQB1G/YMA0GCSqGSIb3DQEBCwUAA4IBAQAt/tueTt3KR/1ouhQnWlwWFDng
Ik9J2B37XM3yvqvIs2uI5QYqiOKtWwnjupEmkcir+8eEM1yIlDQ22IdBu1A1iRr/
uHef4WLIM9YibZjV5/NC+JAH6YFetGNbBGlziq47v0MURbSS/gQWdBdiwYc6X3gT
u24bodE8N1b72Z2cLGQLfGDpIBRzjp1UyLwaXnC2zjqz3Yfv5lIN9EeW9BA4MLgO
h36XviwhF2dT18Er1BcdpPyMRryKsSmz/e+Z4lRog/k+uQIe/h/ryLZtojHuVtyR
2Coyg7Zyk/9G3N3FRZz7MM3rD6lu/WkmCXH5RWiWeKayFtHDDsh97xL3cOLf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org