Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa
File: dRHsax7eaE5fUe713IKLLDo1nmA.roa (raw, json)
Hash identifier: BScjw6m0W5B/hTDUSKqghAw7ZoRudAsTGZbZS/2pYpc=
Subject key identifier: 75:11:EC:6B:1E:DE:68:4E:5F:51:EE:F5:DC:82:8B:2C:3A:35:9E:60
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0187FADE5D77647E291F4BC9A411BC72222B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa
Signing time: Mon 08 May 2023 10:18:09 +0000
ROA not before: Mon 08 May 2023 10:18:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.240.0/23 maxlen: 24
77.47.244.0/22 maxlen: 24
77.47.143.0/24 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.142.0/23 maxlen: 24
195.178.144.0/23 maxlen: 23
77.47.156.0/22 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
77.47.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 10:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:de:5d:77:64:7e:29:1f:4b:c9:a4:11:bc:72:22:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: May 8 10:18:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7511ec6b1ede684e5f51eef5dc828b2c3a359e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:17:22:db:64:05:91:40:0c:ec:2f:7f:6a:
48:24:f7:23:c1:1e:09:91:e4:ae:e3:fa:c8:96:11:
86:83:41:e3:72:57:05:97:1c:e0:f1:53:ad:fd:33:
51:df:60:ea:25:6d:34:1c:16:02:a2:1c:cf:0f:47:
3c:ed:c7:6c:5d:ce:80:fd:8f:95:50:2b:5b:1d:c3:
0b:71:41:87:70:39:af:de:87:55:58:bd:03:85:74:
73:c6:4d:4c:71:c6:0e:f0:6a:a9:ff:3e:7c:d2:71:
6d:74:bb:12:18:f8:2e:80:bd:0e:f3:a6:35:c9:3e:
90:06:6f:0f:95:35:45:8c:20:47:ba:c2:e1:ce:cf:
7e:4c:8c:d2:32:b5:68:1c:7f:ce:ee:91:e4:72:95:
6e:70:f2:6d:b5:f2:9f:3d:0b:08:91:5c:2c:25:1f:
7c:cf:f5:1e:cc:69:6a:b1:d7:be:a7:7b:8a:ba:d0:
37:f9:0d:d1:81:20:df:88:46:18:08:a0:82:00:81:
96:4e:74:ef:93:81:4a:a2:a5:44:65:60:b1:82:7e:
98:a1:fb:d9:7b:9e:8a:52:ea:67:1f:0c:03:71:9b:
10:d5:38:ac:e0:42:02:65:28:ca:e2:ef:c1:f8:41:
30:cc:9f:7d:02:56:1c:d5:d9:09:92:be:30:12:9d:
0c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:11:EC:6B:1E:DE:68:4E:5F:51:EE:F5:DC:82:8B:2C:3A:35:9E:60
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/dRHsax7eaE5fUe713IKLLDo1nmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/22
77.47.178.0/24
77.47.240.0/23
77.47.244.0/22
185.143.56.0/22
195.178.140.0/24
195.178.142.0-195.178.145.255
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
30:c1:6a:65:c6:86:7a:91:a6:b5:f9:f0:e0:87:48:42:17:68:
72:5b:c6:eb:52:fe:e4:d4:0b:49:81:ac:45:d2:d6:f9:13:05:
ad:15:66:f0:9a:50:ae:02:47:be:ad:1c:62:67:42:4b:d8:42:
d0:f6:43:57:2a:44:2a:4f:8e:95:8a:93:6b:6b:e1:1c:cb:5c:
2f:b3:b2:82:d1:8b:6e:dd:3e:4f:ca:d1:e9:3d:19:41:d2:4e:
5a:4b:2b:19:52:02:32:31:fa:34:6e:43:b5:a9:99:14:fb:a3:
b4:37:cf:9e:5e:d2:e3:04:e6:36:0b:60:d7:e4:00:ae:fe:75:
56:e3:85:c0:19:df:03:a2:88:e4:ec:25:9d:49:43:6d:bd:e8:
82:f1:3c:d5:9c:a6:c0:fd:30:48:b2:e1:f2:4a:19:01:89:eb:
4e:f3:71:4d:53:f0:7f:f6:bd:9a:23:14:12:02:7d:ff:70:18:
32:d9:38:73:a9:ce:6b:25:54:26:2e:77:13:07:d9:28:68:16:
87:7c:36:3c:70:29:cf:2b:3b:8f:66:fb:7f:6a:49:bf:be:c3:
40:47:a5:63:45:19:1e:3b:0b:46:c1:8c:c6:90:76:6b:19:87:
50:09:2e:6b:b6:48:f9:d8:5f:00:fc:ac:26:47:36:d3:8d:4e:
f1:fc:5e:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYf63l13ZH4pH0vJpBG8ciIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwNTA4MTAxODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTExZWM2YjFlZGU2ODRlNWY1MWVlZjVkYzgyOGIyYzNhMzU5ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmusXIttkBZFADOwvf2pIJPcjwR4J
keSu4/rIlhGGg0HjclcFlxzg8VOt/TNR32DqJW00HBYCohzPD0c87cdsXc6A/Y+V
UCtbHcMLcUGHcDmv3odVWL0DhXRzxk1MccYO8Gqp/z580nFtdLsSGPgugL0O86Y1
yT6QBm8PlTVFjCBHusLhzs9+TIzSMrVoHH/O7pHkcpVucPJttfKfPQsIkVwsJR98
z/UezGlqsde+p3uKutA3+Q3RgSDfiEYYCKCCAIGWTnTvk4FKoqVEZWCxgn6YofvZ
e56KUupnHwwDcZsQ1Tis4EICZSjK4u/B+EEwzJ99AlYc1dkJkr4wEp0MzQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHUR7Gse3mhOX1Hu9dyCiyw6NZ5gMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvZFJIc2F4N2VhRTVmVWU3MTNJS0xMRG8xbm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATS+PAwQC
TS+cAwQATS+yAwQBTS/wAwQCTS/0AwQCuY84AwQAw7KMMAwDBAHDso4DBAHDspAD
BALDspgwDQYJKoZIhvcNAQELBQADggEBADDBamXGhnqRprX58OCHSEIXaHJbxutS
/uTUC0mBrEXS1vkTBa0VZvCaUK4CR76tHGJnQkvYQtD2Q1cqRCpPjpWKk2tr4RzL
XC+zsoLRi27dPk/K0ek9GUHSTlpLKxlSAjIx+jRuQ7WpmRT7o7Q3z55e0uME5jYL
YNfkAK7+dVbjhcAZ3wOiiOTsJZ1JQ2296ILxPNWcpsD9MEiy4fJKGQGJ607zcU1T
8H/2vZojFBICff9wGDLZOHOpzmslVCYudxMH2ShoFod8NjxwKc8rO49m+39qSb++
w0BHpWNFGR47C0bBjMaQdmsZh1AJLmu2SPnYXwD8rCZHNtONTvH8XuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org