Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/P28piDmDcDDcDeohSqSTd6zEQmw.roa
File: P28piDmDcDDcDeohSqSTd6zEQmw.roa (raw, json)
Hash identifier: pkvmXylyUSwfV7o7kyHYQ3NjEDQHGS4DfWGkvkvcwGQ=
Subject key identifier: 3F:6F:29:88:39:83:70:30:DC:0D:EA:21:4A:A4:93:77:AC:C4:42:6C
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0195247A31A7FBF2FE6FD015A0036D670538
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/P28piDmDcDDcDeohSqSTd6zEQmw.roa
Signing time: Thu 20 Feb 2025 17:49:02 +0000
ROA not before: Thu 20 Feb 2025 17:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 77.47.142.0/24 maxlen: 24
195.178.148.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 15:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:7a:31:a7:fb:f2:fe:6f:d0:15:a0:03:6d:67:05:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 20 17:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f6f298839837030dc0dea214aa49377acc4426c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:78:ee:4b:79:8f:da:da:a2:a9:d1:ee:a7:1d:
24:dd:16:2f:af:57:bb:8b:d7:11:9d:89:da:d8:ad:
c0:7c:02:c2:25:eb:5a:39:c3:4a:62:40:82:85:d9:
a5:d0:59:81:6e:5f:7d:1c:f4:37:37:19:d6:6a:5e:
b2:2d:5f:50:fb:f6:2b:21:0e:01:41:8d:e1:e8:b1:
d4:76:ec:08:fc:2a:98:6c:f3:59:39:b7:1f:dc:ac:
4a:65:d2:4c:af:fe:fe:36:1a:53:9b:c6:7c:f3:58:
06:0b:aa:69:6e:48:8f:67:5e:d2:4e:c0:9f:5d:f4:
bf:b2:de:99:7f:b7:5b:92:b9:22:39:be:9c:d8:20:
23:0c:dd:09:a8:6f:72:92:9c:45:48:3b:c5:4e:0a:
61:23:12:a3:84:d0:68:66:0e:06:0c:9b:9e:b3:33:
db:6c:c4:41:be:d0:b7:84:18:a9:77:a7:34:df:5d:
fd:8c:f5:ef:be:0a:59:7c:7d:6f:53:15:b0:3c:74:
00:2d:33:56:b1:a6:69:ea:f2:c3:e7:88:d7:70:2b:
58:18:ea:eb:7a:80:7e:db:19:89:b9:c3:bc:dc:03:
0c:1d:d4:b3:19:5e:a2:4b:4e:1a:1e:7e:74:8f:20:
20:fc:63:21:83:44:64:05:7e:cc:a7:77:3f:6e:51:
63:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6F:29:88:39:83:70:30:DC:0D:EA:21:4A:A4:93:77:AC:C4:42:6C
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/P28piDmDcDDcDeohSqSTd6zEQmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/24
195.178.148.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:8f:e0:f6:62:6a:43:7c:c1:78:42:74:e8:b3:33:fd:4d:2f:
40:1d:4c:44:7f:56:66:f7:02:fa:fe:e3:98:15:17:30:12:11:
9f:40:d4:26:d6:44:60:a1:8f:c0:5f:1d:11:af:71:d5:86:74:
ed:d9:31:61:ca:20:51:58:68:f0:f7:2d:e2:74:40:21:76:36:
a6:96:17:a7:0f:1e:21:93:55:a1:40:6e:dd:c2:ac:c7:b9:47:
81:b4:ba:b9:aa:9f:2e:b9:86:4a:28:51:af:ab:25:4f:f2:72:
fc:cc:9d:8d:51:43:49:c8:9d:c5:40:a8:36:d1:06:ba:21:6a:
9a:e3:5b:ad:f8:ef:98:24:01:a7:5f:5e:6f:12:9b:63:3b:93:
d9:3f:1b:28:86:4f:6d:9e:5d:8e:d8:84:19:a9:67:0a:ad:54:
07:90:df:af:69:0b:5c:cc:b6:c0:9a:1e:37:e3:05:35:f1:32:
cb:dd:fe:bd:53:16:b5:8e:7e:14:1e:a5:2c:48:88:c3:53:f3:
67:3e:43:4b:c4:cd:af:b0:ba:95:49:cd:5c:5d:6e:75:e5:f4:
38:c7:f2:9d:96:03:4a:a6:e6:d2:56:a4:c0:6e:1c:ba:eb:f1:
92:7d:77:2d:c7:dd:d7:6d:26:33:e2:5f:67:c4:a7:90:c9:bc:
ca:99:cc:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUkejGn+/L+b9AVoANtZwU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMjIwMTc0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZmMjk4ODM5ODM3MDMwZGMwZGVhMjE0YWE0OTM3N2FjYzQ0MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXjuS3mP2tqiqdHupx0k3RYvr1e7
i9cRnYna2K3AfALCJetaOcNKYkCChdml0FmBbl99HPQ3NxnWal6yLV9Q+/YrIQ4B
QY3h6LHUduwI/CqYbPNZObcf3KxKZdJMr/7+NhpTm8Z881gGC6ppbkiPZ17STsCf
XfS/st6Zf7dbkrkiOb6c2CAjDN0JqG9ykpxFSDvFTgphIxKjhNBoZg4GDJueszPb
bMRBvtC3hBipd6c03139jPXvvgpZfH1vUxWwPHQALTNWsaZp6vLD54jXcCtYGOrr
eoB+2xmJucO83AMMHdSzGV6iS04aHn50jyAg/GMhg0RkBX7Mp3c/blFjdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD9vKYg5g3Aw3A3qIUqkk3esxEJsMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUDI4cGlEbURjRERjRGVvaFNxU1RkNnpFUW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATS+OAwQB
w7KUMA0GCSqGSIb3DQEBCwUAA4IBAQCMj+D2YmpDfMF4QnToszP9TS9AHUxEf1Zm
9wL6/uOYFRcwEhGfQNQm1kRgoY/AXx0Rr3HVhnTt2TFhyiBRWGjw9y3idEAhdjam
lhenDx4hk1WhQG7dwqzHuUeBtLq5qp8uuYZKKFGvqyVP8nL8zJ2NUUNJyJ3FQKg2
0Qa6IWqa41ut+O+YJAGnX15vEptjO5PZPxsohk9tnl2O2IQZqWcKrVQHkN+vaQtc
zLbAmh434wU18TLL3f69Uxa1jn4UHqUsSIjDU/NnPkNLxM2vsLqVSc1cXW515fQ4
x/KdlgNKpubSVqTAbhy66/GSfXctx93XbSYz4l9nxKeQybzKmcxK
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:24:41 2025 by rpki-client