Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/WE5SE3BHTqmuwGb6L4x0GVDhwI4.roa
File: WE5SE3BHTqmuwGb6L4x0GVDhwI4.roa (raw, json)
Hash identifier: ad26Q9Q6D2OV9uUC8cioiY/F7IItf40Hm2T189OeeBU=
Subject key identifier: 58:4E:52:13:70:47:4E:A9:AE:C0:66:FA:2F:8C:74:19:50:E1:C0:8E
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018B013A5C4711DEB220F2BC5D2C6698C93D
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/WE5SE3BHTqmuwGb6L4x0GVDhwI4.roa
Signing time: Thu 05 Oct 2023 19:04:43 +0000
ROA not before: Thu 05 Oct 2023 19:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.148.0/22 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.147.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:3a:5c:47:11:de:b2:20:f2:bc:5d:2c:66:98:c9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Oct 5 19:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=584e521370474ea9aec066fa2f8c741950e1c08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:00:c0:3d:9a:34:4d:aa:07:7d:ba:79:3c:dc:
b5:2b:36:47:1b:25:05:92:a7:16:5e:51:c8:a1:16:
b5:ad:8f:f8:4d:5a:0c:e1:b2:b7:7c:0a:d4:49:da:
09:0d:c2:7d:e0:3b:a8:e2:b2:28:82:75:78:c2:64:
1c:c9:22:f4:cb:74:71:48:31:b3:cc:ba:e6:ee:c9:
75:f4:fb:99:9e:5c:9e:b9:b7:95:d9:e7:23:bd:0f:
91:5c:41:9a:51:9e:0f:49:5f:7b:af:d5:fa:e4:ad:
4c:ca:dd:e6:d8:1c:3b:a1:9a:76:3d:e5:b4:29:31:
b4:dd:f7:3d:5b:16:cf:37:99:51:36:d7:60:ca:8c:
5b:0f:de:62:10:a2:2e:ce:0d:c3:35:c9:36:c2:a2:
35:93:51:db:22:fa:a9:1d:3e:a0:d8:af:aa:e3:bf:
73:d4:83:91:ad:08:3f:b1:42:0f:c2:ef:01:29:fb:
9a:8e:63:9e:7d:f5:d4:11:66:67:4e:96:be:12:c4:
c2:3a:2a:8a:f8:db:09:94:2d:37:41:ca:82:68:4d:
17:db:95:05:57:37:79:f7:b4:ba:bc:2a:11:29:59:
8c:27:50:6d:4a:fa:13:f7:d2:87:74:cf:8b:1c:8e:
77:29:15:b8:7e:72:b8:2b:74:e9:92:f9:88:54:f9:
5f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4E:52:13:70:47:4E:A9:AE:C0:66:FA:2F:8C:74:19:50:E1:C0:8E
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/WE5SE3BHTqmuwGb6L4x0GVDhwI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.148.0/22
195.178.144.0/23
195.178.147.0/24
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:30:31:da:f2:0b:6d:84:50:8f:00:54:9f:55:35:ed:78:cf:
b4:fa:3f:72:1d:bf:19:fd:c0:91:32:c8:ce:79:91:c0:b1:f3:
70:e7:20:97:fe:0f:25:ce:2b:d3:d3:2d:7e:44:bd:3e:91:c8:
fb:fa:26:2c:cb:bb:7a:7a:d8:9c:5f:6d:a1:22:bf:0b:e7:88:
75:14:18:f4:5f:c7:01:ca:4b:1c:b1:02:b9:ec:aa:bc:af:8b:
ae:a8:99:67:04:c7:7e:dc:e2:04:85:8f:15:b8:02:94:79:6a:
4d:70:61:b3:da:04:15:12:f1:68:d7:87:14:fc:0d:2e:1b:0e:
fe:54:00:08:77:07:7f:32:51:9d:ec:fa:4d:62:49:27:35:6d:
70:67:87:7b:73:ac:e3:07:07:b6:c9:1e:09:df:69:1f:f9:da:
03:4c:56:ba:3b:cf:9d:fd:b5:b7:7a:d0:d1:15:18:32:55:da:
77:a3:fc:17:70:8c:e7:7c:93:57:c9:35:c8:c7:8f:cf:b8:73:
1b:d5:b0:04:57:34:f9:34:b8:30:ba:ae:58:57:ff:a2:9c:bc:
99:23:21:4c:c5:ba:02:38:73:c1:b0:50:6b:02:ad:9e:85:bf:
e8:cd:9c:d9:67:81:d8:96:02:e6:07:44:03:fb:e0:d0:5e:ec:
74:3c:d0:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsBOlxHEd6yIPK8XSxmmMk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMxMDA1MTkwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRlNTIxMzcwNDc0ZWE5YWVjMDY2ZmEyZjhjNzQxOTUwZTFjMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhADAPZo0TaoHfbp5PNy1KzZHGyUF
kqcWXlHIoRa1rY/4TVoM4bK3fArUSdoJDcJ94Duo4rIognV4wmQcySL0y3RxSDGz
zLrm7sl19PuZnlyeubeV2ecjvQ+RXEGaUZ4PSV97r9X65K1Myt3m2Bw7oZp2PeW0
KTG03fc9WxbPN5lRNtdgyoxbD95iEKIuzg3DNck2wqI1k1HbIvqpHT6g2K+q479z
1IORrQg/sUIPwu8BKfuajmOeffXUEWZnTpa+EsTCOiqK+NsJlC03QcqCaE0X25UF
Vzd597S6vCoRKVmMJ1BtSvoT99KHdM+LHI53KRW4fnK4K3TpkvmIVPlfSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFhOUhNwR06prsBm+i+MdBlQ4cCOMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvV0U1U0UzQkhUcW11d0diNkw0eDBHVkRod0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTS+UAwQB
w7KQAwQAw7KTAwQCw7KYMA0GCSqGSIb3DQEBCwUAA4IBAQBLMDHa8gtthFCPAFSf
VTXteM+0+j9yHb8Z/cCRMsjOeZHAsfNw5yCX/g8lzivT0y1+RL0+kcj7+iYsy7t6
eticX22hIr8L54h1FBj0X8cBykscsQK57Kq8r4uuqJlnBMd+3OIEhY8VuAKUeWpN
cGGz2gQVEvFo14cU/A0uGw7+VAAIdwd/MlGd7PpNYkknNW1wZ4d7c6zjBwe2yR4J
32kf+doDTFa6O8+d/bW3etDRFRgyVdp3o/wXcIznfJNXyTXIx4/PuHMb1bAEVzT5
NLgwuq5YV/+inLyZIyFMxboCOHPBsFBrAq2ehb/ozZzZZ4HYlgLmB0QD++DQXux0
PNCm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org