Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ay_va4Vxu7HVKJxPu_QXTEcPxsY.roa
File: ay_va4Vxu7HVKJxPu_QXTEcPxsY.roa (raw, json)
Hash identifier: hAapLFmalKFD+u53TSCClXprjtWG7uHJdfaApTcZmLc=
Subject key identifier: 6B:2F:EF:6B:85:71:BB:B1:D5:28:9C:4F:BB:F4:17:4C:47:0F:C6:C6
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018F61CB7CF6BD2BA51D8FC09EF091CD51D5
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ay_va4Vxu7HVKJxPu_QXTEcPxsY.roa
Signing time: Fri 10 May 2024 09:17:56 +0000
ROA not before: Fri 10 May 2024 09:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.148.0/24 maxlen: 24
77.47.149.0/24 maxlen: 24
77.47.150.0/24 maxlen: 24
77.47.151.0/24 maxlen: 24
77.47.156.0/24 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.147.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 13 May 2024 16:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:cb:7c:f6:bd:2b:a5:1d:8f:c0:9e:f0:91:cd:51:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: May 10 09:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b2fef6b8571bbb1d5289c4fbbf4174c470fc6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:19:82:4e:0f:22:74:c5:7a:04:1f:35:63:01:
37:f0:44:7e:26:ea:5c:e9:8a:a6:c8:c0:f1:04:90:
8a:2a:0f:c8:3c:52:39:33:7b:f7:50:49:7b:9a:85:
dd:7a:bb:fd:fa:e4:44:af:f4:e8:15:31:21:32:95:
38:83:5f:91:f7:6a:ca:a9:a4:71:0e:4a:06:e8:09:
1c:02:5f:e9:d3:1d:69:e5:d1:0b:d8:7e:a8:69:f9:
d0:9b:d7:28:4a:fc:de:2a:cb:2f:7c:25:d4:c3:21:
1e:95:cb:3c:28:cb:5d:4f:58:ad:6b:3b:a9:6e:a1:
c0:15:20:27:33:49:ec:39:69:60:a9:f4:c4:3f:f2:
db:0b:9f:ee:7e:0d:7c:e2:2a:ef:2c:1b:68:46:8c:
61:f5:f5:f0:06:ec:b4:8e:12:0b:cd:66:c6:7c:df:
65:0a:b8:20:13:c9:2a:57:cb:85:f2:69:37:3c:54:
3f:48:ea:bf:52:30:cc:c2:cf:5f:71:e3:81:9d:16:
c7:8f:c3:61:0c:2c:43:b0:29:c4:8a:a0:48:65:d8:
ce:76:00:8b:68:16:8b:7f:3e:72:6d:5c:33:ff:1d:
96:5a:a3:fd:38:c8:2a:ed:bf:e6:fd:d0:b2:b3:22:
98:04:18:03:71:92:c2:86:0c:11:41:ea:cc:55:76:
fe:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2F:EF:6B:85:71:BB:B1:D5:28:9C:4F:BB:F4:17:4C:47:0F:C6:C6
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ay_va4Vxu7HVKJxPu_QXTEcPxsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.148.0/22
77.47.156.0/24
185.143.56.0/22
195.178.144.0/23
195.178.147.0/24
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:e1:ad:fe:00:f5:97:d8:26:90:cc:08:f5:7d:41:83:b2:8b:
7f:e4:80:dd:04:a6:dc:3d:03:74:68:95:c8:86:28:ca:89:75:
99:f5:66:5f:d5:2d:99:68:18:5d:07:2a:0f:67:08:7a:23:89:
84:0b:44:41:13:9f:48:a6:eb:5a:d4:21:a5:55:cd:cb:54:3a:
24:1e:ae:1d:8e:b1:44:12:ac:27:41:85:0f:79:da:90:3e:38:
b7:71:da:5f:66:47:61:2b:27:9f:93:0d:52:36:bd:02:e3:86:
f8:55:79:ed:98:88:9c:0f:bb:e1:48:ff:ca:5f:82:8e:19:9d:
97:04:e8:e8:7d:e6:da:4b:c6:8f:3a:b1:0c:01:b5:c8:0d:94:
83:cb:d3:6c:16:1e:da:22:e6:d7:3f:1e:7d:a7:fe:0d:75:6b:
51:75:eb:d2:bd:85:73:13:4f:89:1c:ee:2a:b5:c4:e5:5f:d2:
eb:e7:fd:b7:62:96:74:65:b6:9d:cf:3e:53:4d:10:9d:46:a4:
78:ea:95:ba:2e:7e:4a:51:8b:dc:6a:cf:1c:01:b0:41:a3:b9:
ed:8d:93:a8:31:82:c8:07:14:69:86:e4:2f:19:fa:37:e6:79:
d4:f1:f0:59:c3:11:9f:ec:81:cf:ba:21:36:f5:e0:4f:36:af:
a7:e8:60:8f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY9hy3z2vSulHY/AnvCRzVHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwNTEwMDkxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjJmZWY2Yjg1NzFiYmIxZDUyODljNGZiYmY0MTc0YzQ3MGZjNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxmCTg8idMV6BB81YwE38ER+Jupc
6YqmyMDxBJCKKg/IPFI5M3v3UEl7moXderv9+uREr/ToFTEhMpU4g1+R92rKqaRx
DkoG6AkcAl/p0x1p5dEL2H6oafnQm9coSvzeKssvfCXUwyEelcs8KMtdT1itazup
bqHAFSAnM0nsOWlgqfTEP/LbC5/ufg184irvLBtoRoxh9fXwBuy0jhILzWbGfN9l
CrggE8kqV8uF8mk3PFQ/SOq/UjDMws9fceOBnRbHj8NhDCxDsCnEiqBIZdjOdgCL
aBaLfz5ybVwz/x2WWqP9OMgq7b/m/dCysyKYBBgDcZLChgwRQerMVXb+dwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGsv72uFcbux1SicT7v0F0xHD8bGMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvYXlfdmE0Vnh1N0hWS0p4UHVfUVhURWNQeHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATS+PAwQC
TS+UAwQATS+cAwQCuY84AwQBw7KQAwQAw7KTAwQCw7KYMA0GCSqGSIb3DQEBCwUA
A4IBAQDC4a3+APWX2CaQzAj1fUGDsot/5IDdBKbcPQN0aJXIhijKiXWZ9WZf1S2Z
aBhdByoPZwh6I4mEC0RBE59Iputa1CGlVc3LVDokHq4djrFEEqwnQYUPedqQPji3
cdpfZkdhKyefkw1SNr0C44b4VXntmIicD7vhSP/KX4KOGZ2XBOjofebaS8aPOrEM
AbXIDZSDy9NsFh7aIubXPx59p/4NdWtRdevSvYVzE0+JHO4qtcTlX9Lr5/23YpZ0
Zbadzz5TTRCdRqR46pW6Ln5KUYvcas8cAbBBo7ntjZOoMYLIBxRphuQvGfo35nnU
8fBZwxGf7IHPuiE29eBPNq+n6GCP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org