Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PEv638ll7T128QqWRgcQTLtb1x0.roa
File: PEv638ll7T128QqWRgcQTLtb1x0.roa (raw, json)
Hash identifier: rKvlUacCC63hdc7YcaWSETzyEmu9PbryUtQDojAVF28=
Subject key identifier: 3C:4B:FA:DF:C9:65:ED:3D:76:F1:0A:96:46:07:10:4C:BB:5B:D7:1D
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0195055B4697E5F8CF8CB820D57B86CA5C48
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PEv638ll7T128QqWRgcQTLtb1x0.roa
Signing time: Fri 14 Feb 2025 16:47:02 +0000
ROA not before: Fri 14 Feb 2025 16:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.148.0/22 maxlen: 24
77.47.156.0/22 maxlen: 24
77.47.212.0/23 maxlen: 24
77.47.240.0/23 maxlen: 24
77.47.243.0/24 maxlen: 24
77.47.244.0/22 maxlen: 24
195.178.140.0/23 maxlen: 24
195.178.146.0/24 maxlen: 24
212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 16:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:05:5b:46:97:e5:f8:cf:8c:b8:20:d5:7b:86:ca:5c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 14 16:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c4bfadfc965ed3d76f10a964607104cbb5bd71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:c9:1e:be:0d:2d:8c:ed:a7:1f:71:d9:19:
05:44:fd:16:28:05:3b:fb:6b:8f:35:13:3f:bd:af:
c6:27:72:e9:d2:e3:e7:fe:e6:60:1b:4c:95:ca:ad:
3d:91:56:3b:a9:4a:0f:8d:9e:d3:1f:33:1c:6c:67:
51:6c:fe:b3:8a:5e:10:5b:02:84:1e:25:5c:67:c6:
82:7f:8b:e0:fc:23:45:ba:a1:ca:f7:a6:c6:a5:b0:
e0:76:d6:ec:9c:17:c9:21:2b:c0:cc:98:01:15:76:
6f:12:48:38:0f:00:93:1f:8e:6c:f5:e8:8f:eb:51:
7c:ef:ac:17:3c:52:60:f2:74:f2:57:fe:94:d2:54:
50:16:20:81:69:ea:69:40:83:8a:64:cd:80:cb:eb:
ee:ce:42:e6:7e:f3:00:6c:8d:6d:23:94:d7:09:5f:
a7:b4:55:9b:3c:32:69:11:c3:a4:68:a4:51:41:66:
3e:2e:f4:bf:6e:1b:52:43:a2:78:02:4b:05:98:39:
bb:57:c3:65:5b:c5:a6:1d:91:2f:1a:84:84:09:39:
f6:56:01:99:f3:c4:dc:78:9b:db:fb:93:40:70:43:
64:06:e1:2e:d0:26:56:a3:f8:47:6b:1e:c2:ca:ac:
49:ce:c2:e3:59:5a:81:6c:9d:e7:a6:2f:6b:d4:c6:
0a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4B:FA:DF:C9:65:ED:3D:76:F1:0A:96:46:07:10:4C:BB:5B:D7:1D
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/PEv638ll7T128QqWRgcQTLtb1x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.148.0/22
77.47.156.0/22
77.47.212.0/23
77.47.240.0/23
77.47.243.0-77.47.247.255
195.178.140.0/23
195.178.146.0/24
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
42:06:02:4a:0f:7d:3a:a2:c8:9e:9f:6e:e1:6a:d9:e0:5e:0d:
b5:fb:0d:a0:e4:e0:84:43:c1:fc:65:9b:a9:d1:23:32:5f:ef:
c0:0e:04:1d:cf:de:1b:b5:89:39:e6:93:7c:92:6c:2f:d8:f5:
b4:76:cc:9f:e8:41:7f:3f:4f:ac:7d:c1:83:e3:b7:3f:78:04:
d5:21:af:8d:26:1b:0c:8b:50:d6:a1:b4:50:8b:49:ac:bc:4a:
2c:47:34:5e:d1:fa:e6:dc:81:f0:96:bb:dc:e6:85:83:d6:e7:
4a:e5:01:06:e4:e2:61:e6:c8:2b:c1:72:e5:a6:54:06:63:e4:
4c:84:c9:1f:b2:ef:9a:12:77:8e:28:52:8e:7e:b2:57:62:32:
41:4a:5f:ca:66:1b:c0:41:51:b3:69:85:55:6e:30:d6:c3:20:
06:47:0b:9a:cd:09:17:3f:7e:96:b4:d0:0c:8d:69:ab:06:f0:
2b:fb:9f:7f:db:58:50:40:d6:22:5b:da:c6:60:4a:ee:66:76:
07:7d:d5:85:8f:7f:84:8c:0a:33:e7:cc:b8:e4:6a:be:d9:b0:
7f:d9:5d:1c:f7:ae:20:57:60:2d:b6:f6:ec:de:54:22:32:f1:
72:24:d1:51:15:4c:d5:f7:7c:f9:a0:31:8b:9f:db:50:5b:63:
54:e4:e8:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZUFW0aX5fjPjLgg1XuGylxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMjE0MTY0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRiZmFkZmM5NjVlZDNkNzZmMTBhOTY0NjA3MTA0Y2JiNWJkNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiTJHr4NLYztpx9x2RkFRP0WKAU7
+2uPNRM/va/GJ3Lp0uPn/uZgG0yVyq09kVY7qUoPjZ7THzMcbGdRbP6zil4QWwKE
HiVcZ8aCf4vg/CNFuqHK96bGpbDgdtbsnBfJISvAzJgBFXZvEkg4DwCTH45s9eiP
61F876wXPFJg8nTyV/6U0lRQFiCBaeppQIOKZM2Ay+vuzkLmfvMAbI1tI5TXCV+n
tFWbPDJpEcOkaKRRQWY+LvS/bhtSQ6J4AksFmDm7V8NlW8WmHZEvGoSECTn2VgGZ
88TceJvb+5NAcENkBuEu0CZWo/hHax7CyqxJzsLjWVqBbJ3npi9r1MYKdQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDxL+t/JZe09dvEKlkYHEEy7W9cdMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUEV2NjM4bGw3VDEyOFFxV1JnY1FUTHRiMXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATS+PAwQC
TS+UAwQCTS+cAwQBTS/UAwQBTS/wMAwDBABNL/MDBANNL/ADBAHDsowDBADDspID
BALUb9wwDQYJKoZIhvcNAQELBQADggEBAEIGAkoPfTqiyJ6fbuFq2eBeDbX7DaDk
4IRDwfxlm6nRIzJf78AOBB3P3hu1iTnmk3ySbC/Y9bR2zJ/oQX8/T6x9wYPjtz94
BNUhr40mGwyLUNahtFCLSay8SixHNF7R+ubcgfCWu9zmhYPW50rlAQbk4mHmyCvB
cuWmVAZj5EyEyR+y75oSd44oUo5+sldiMkFKX8pmG8BBUbNphVVuMNbDIAZHC5rN
CRc/fpa00AyNaasG8Cv7n3/bWFBA1iJb2sZgSu5mdgd91YWPf4SMCjPnzLjkar7Z
sH/ZXRz3riBXYC229uzeVCIy8XIk0VEVTNX3fPmgMYuf21BbY1Tk6PI=
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:20:14 2025 by rpki-client