Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hIKBv-wR2guz7RIqRze9q8lrrto.roa
File: hIKBv-wR2guz7RIqRze9q8lrrto.roa (raw, json)
Hash identifier: pZWjjUkhwjNUXtVxqOt2v9gdGcSmW9ULjUm0kEQ5zEQ=
Subject key identifier: 84:82:81:BF:EC:11:DA:0B:B3:ED:12:2A:47:37:BD:AB:C9:6B:AE:DA
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0195390C5087A5A550074CD3ECD4BC5189C9
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hIKBv-wR2guz7RIqRze9q8lrrto.roa
Signing time: Mon 24 Feb 2025 17:41:03 +0000
ROA not before: Mon 24 Feb 2025 17:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 77.47.148.0/22 maxlen: 24
77.47.156.0/22 maxlen: 24
77.47.243.0/24 maxlen: 24
77.47.244.0/22 maxlen: 24
195.178.140.0/23 maxlen: 24
195.178.146.0/24 maxlen: 24
212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 16:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:39:0c:50:87:a5:a5:50:07:4c:d3:ec:d4:bc:51:89:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 24 17:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=848281bfec11da0bb3ed122a4737bdabc96baeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:df:87:b6:f9:4a:3f:48:3d:d5:e0:71:e2:
d8:cd:01:3c:bc:32:59:f7:b6:fe:33:07:37:68:c0:
06:a1:40:23:84:34:a2:7a:2e:10:4f:32:44:ea:e8:
74:66:c6:38:34:d6:d0:f5:6e:01:cb:32:13:28:ff:
e3:bd:11:0e:24:47:2c:aa:ca:7a:3c:2b:51:35:b7:
65:57:ca:16:5e:af:b2:58:16:5e:6f:89:60:98:a6:
47:0e:34:02:36:4b:97:72:01:30:08:82:35:3d:72:
02:9f:b8:6b:73:f9:d6:4e:1f:9f:9d:c3:15:11:6a:
08:3a:50:0b:31:d6:c4:e2:b4:77:f4:72:e5:22:ef:
7a:82:b9:af:50:3e:d1:8f:18:9a:a2:72:b7:83:64:
08:51:c4:8f:ba:2d:ca:1a:79:d2:46:16:0d:bc:29:
f8:da:7c:2b:00:14:4c:af:e8:c3:15:6f:75:18:51:
9c:e8:43:b7:97:de:94:29:12:f9:7b:5d:9d:24:74:
c1:4f:23:15:b7:ae:7e:94:e4:68:0f:20:63:0e:04:
14:da:22:3a:cd:04:5b:10:db:b6:68:13:76:67:19:
14:34:74:f7:fd:ce:39:f8:fc:8d:a9:45:88:ae:3d:
0c:55:d5:53:59:aa:5a:9f:ac:8f:54:83:02:1e:48:
49:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:82:81:BF:EC:11:DA:0B:B3:ED:12:2A:47:37:BD:AB:C9:6B:AE:DA
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/hIKBv-wR2guz7RIqRze9q8lrrto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.148.0/22
77.47.156.0/22
77.47.243.0-77.47.247.255
195.178.140.0/23
195.178.146.0/24
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
07:11:a5:d5:49:24:56:17:b9:28:63:3a:81:39:38:28:85:c2:
03:98:57:36:98:bc:ca:4c:73:4a:86:1c:3e:21:09:40:6d:62:
f0:2b:e2:3e:92:e4:ad:88:86:17:6d:1c:b6:43:eb:70:85:3b:
e1:1d:4a:6c:25:c0:d1:94:a7:9c:5f:60:bf:a1:6a:2a:93:47:
67:b0:55:b7:d6:99:1d:d3:83:aa:9b:a8:af:67:6f:fb:0c:04:
b0:a0:12:b2:47:cb:b6:34:92:54:b1:ff:b9:5c:12:73:c8:b7:
d5:41:68:ea:38:d2:3e:6e:5d:9a:90:64:31:be:20:00:a6:9c:
ef:33:94:82:f6:f9:8a:e2:d1:93:8a:83:0f:ab:9a:cb:bc:68:
be:4d:41:0f:61:66:2b:24:3f:a8:1f:81:ce:c4:41:f5:9e:3a:
df:2c:aa:cf:c2:48:08:cc:d3:ac:a1:44:45:a1:fb:15:b0:97:
ed:2c:50:c5:cc:cb:72:41:6c:e7:29:ea:94:82:05:4b:ac:ad:
bd:a2:86:c6:f3:68:2b:f4:c0:ce:5b:5c:15:af:d3:f0:62:7e:
8b:75:3d:ce:28:cb:0a:20:5b:61:00:8f:b0:a0:3f:b1:cc:74:
4d:d7:ee:e7:5a:1c:bf:16:16:d5:c8:e7:e8:b5:ec:34:fe:bf:
8d:c0:18:28
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZU5DFCHpaVQB0zT7NS8UYnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMjI0MTc0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDgyODFiZmVjMTFkYTBiYjNlZDEyMmE0NzM3YmRhYmM5NmJhZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PHfh7b5Sj9IPdXgceLYzQE8vDJZ
97b+Mwc3aMAGoUAjhDSiei4QTzJE6uh0ZsY4NNbQ9W4ByzITKP/jvREOJEcsqsp6
PCtRNbdlV8oWXq+yWBZeb4lgmKZHDjQCNkuXcgEwCII1PXICn7hrc/nWTh+fncMV
EWoIOlALMdbE4rR39HLlIu96grmvUD7RjxiaonK3g2QIUcSPui3KGnnSRhYNvCn4
2nwrABRMr+jDFW91GFGc6EO3l96UKRL5e12dJHTBTyMVt65+lORoDyBjDgQU2iI6
zQRbENu2aBN2ZxkUNHT3/c45+PyNqUWIrj0MVdVTWapan6yPVIMCHkhJrQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFISCgb/sEdoLs+0SKkc3vavJa67aMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvaElLQnYtd1IyZ3V6N1JJcVJ6ZTlxOGxycnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCTS+UAwQC
TS+cMAwDBABNL/MDBANNL/ADBAHDsowDBADDspIDBALUb9wwDQYJKoZIhvcNAQEL
BQADggEBAAcRpdVJJFYXuShjOoE5OCiFwgOYVzaYvMpMc0qGHD4hCUBtYvAr4j6S
5K2IhhdtHLZD63CFO+EdSmwlwNGUp5xfYL+haiqTR2ewVbfWmR3Tg6qbqK9nb/sM
BLCgErJHy7Y0klSx/7lcEnPIt9VBaOo40j5uXZqQZDG+IACmnO8zlIL2+Yri0ZOK
gw+rmsu8aL5NQQ9hZiskP6gfgc7EQfWeOt8sqs/CSAjM06yhREWh+xWwl+0sUMXM
y3JBbOcp6pSCBUusrb2ihsbzaCv0wM5bXBWv0/Bifot1Pc4oywogW2EAj7CgP7HM
dE3X7udaHL8WFtXI5+i17DT+v43AGCg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:46:26 2025 by rpki-client