Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jfXnwoMCcVedOr5JrL841lqqX-g.roa
File: jfXnwoMCcVedOr5JrL841lqqX-g.roa (raw, json)
Hash identifier: TOCWXzUvurQsId160AUrKa0ngNUqC6yl9Y33aHayiVc=
Subject key identifier: 8D:F5:E7:C2:83:02:71:57:9D:3A:BE:49:AC:BF:38:D6:5A:AA:5F:E8
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 019205E188F551430E095159448315A9524C
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jfXnwoMCcVedOr5JrL841lqqX-g.roa
Signing time: Wed 18 Sep 2024 16:05:19 +0000
ROA not before: Wed 18 Sep 2024 16:05:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 77.47.142.0/24 maxlen: 24
77.47.143.0/24 maxlen: 24
77.47.148.0/24 maxlen: 24
77.47.149.0/24 maxlen: 24
77.47.150.0/24 maxlen: 24
77.47.151.0/24 maxlen: 24
77.47.212.0/24 maxlen: 24
77.47.213.0/24 maxlen: 24
77.47.243.0/24 maxlen: 24
212.111.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 06:42:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:e1:88:f5:51:43:0e:09:51:59:44:83:15:a9:52:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Sep 18 16:05:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8df5e7c2830271579d3abe49acbf38d65aaa5fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:da:d9:01:fa:a1:ad:50:b2:bb:9d:0d:16:b4:
11:23:4e:89:be:7a:b5:25:6f:b2:6b:15:8e:ec:24:
91:7e:51:4e:d7:6c:6d:46:65:25:28:8e:dc:12:e4:
5f:3d:41:4c:99:b6:2a:cf:78:49:44:8c:72:c4:46:
50:0d:16:b2:91:5a:12:06:a3:c3:7a:fa:e3:b3:d9:
60:1e:df:a3:4a:05:09:b7:58:d4:51:b6:55:f7:a4:
fb:1c:94:94:05:bb:3f:90:45:a1:17:f1:9f:a1:e3:
cc:65:7d:7e:be:e7:fe:40:7d:7f:4c:1a:fa:84:33:
18:cb:f0:83:71:07:34:7a:3c:4b:78:8d:00:01:27:
8c:89:1d:7a:75:e6:21:17:9b:8c:9a:cc:4b:a7:2d:
7d:56:ea:25:26:e7:9b:93:9c:f9:c6:e0:fd:52:3a:
aa:25:29:e2:dd:72:31:1f:66:a5:ab:bf:58:b4:b8:
ec:4d:fe:8b:bd:ee:e9:de:fd:4c:c3:84:44:1a:c4:
cb:9e:cf:35:28:98:25:02:c0:57:d0:6a:62:37:4d:
e0:f2:d9:d2:83:e9:92:32:65:db:50:1e:eb:fb:a4:
0d:40:70:b9:a5:b1:34:7d:63:70:51:90:e0:ac:53:
09:7c:53:2a:e7:91:25:7b:a2:0a:d0:70:85:85:92:
66:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F5:E7:C2:83:02:71:57:9D:3A:BE:49:AC:BF:38:D6:5A:AA:5F:E8
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jfXnwoMCcVedOr5JrL841lqqX-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/23
77.47.148.0/22
77.47.212.0/23
77.47.243.0/24
212.111.217.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f1:fa:a5:0a:98:03:25:96:93:48:19:cd:5b:6e:64:c0:19:
a7:45:7c:23:2b:15:ed:fc:cc:20:ea:4e:9e:bf:1e:d6:d9:96:
4c:f4:bd:ef:39:41:b0:f4:60:e3:0f:7c:99:90:44:57:c0:f5:
87:da:f7:cf:2e:23:10:11:ee:cb:54:1b:3c:df:f7:d9:c2:f2:
a0:7e:2e:8e:30:73:f1:df:7e:7a:86:c0:73:39:82:56:2e:f7:
dc:ea:4a:6c:fb:14:be:cf:a1:0d:1c:95:78:20:e0:ad:9c:ee:
bf:cc:ae:ea:77:2e:16:fc:7f:27:f1:39:12:61:29:99:ee:80:
80:f4:5f:96:88:8e:7b:01:fd:7a:cd:a1:a1:c0:15:92:b3:d5:
52:1b:bd:e7:16:f5:ba:28:25:65:4d:b6:6c:2c:3a:ca:84:ac:
59:8f:da:49:31:6c:1d:71:85:ab:78:ef:2d:49:46:e5:a2:dd:
60:2d:28:8b:91:26:a7:ab:ca:1f:0a:a0:8a:17:a9:8d:f4:40:
67:0b:1d:b5:84:73:ca:2b:a7:71:f2:ad:a6:cf:cc:2d:c6:5a:
5e:0f:8a:c4:72:b4:9d:4e:95:ec:ed:64:ad:7a:94:a0:f6:f3:
c6:72:39:1d:c3:d6:14:b7:8b:42:33:dc:e7:25:5a:ab:db:3b:
00:89:cc:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZIF4Yj1UUMOCVFZRIMVqVJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwOTE4MTYwNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY1ZTdjMjgzMDI3MTU3OWQzYWJlNDlhY2JmMzhkNjVhYWE1ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9rZAfqhrVCyu50NFrQRI06Jvnq1
JW+yaxWO7CSRflFO12xtRmUlKI7cEuRfPUFMmbYqz3hJRIxyxEZQDRaykVoSBqPD
evrjs9lgHt+jSgUJt1jUUbZV96T7HJSUBbs/kEWhF/GfoePMZX1+vuf+QH1/TBr6
hDMYy/CDcQc0ejxLeI0AASeMiR16deYhF5uMmsxLpy19VuolJuebk5z5xuD9Ujqq
JSni3XIxH2alq79YtLjsTf6Lve7p3v1Mw4REGsTLns81KJglAsBX0GpiN03g8tnS
g+mSMmXbUB7r+6QNQHC5pbE0fWNwUZDgrFMJfFMq55Ele6IK0HCFhZJmOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI3158KDAnFXnTq+Say/ONZaql/oMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvamZYbndvTUNjVmVkT3I1SnJMODQxbHFxWC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTS+OAwQC
TS+UAwQBTS/UAwQATS/zAwQA1G/ZMA0GCSqGSIb3DQEBCwUAA4IBAQBx8fqlCpgD
JZaTSBnNW25kwBmnRXwjKxXt/Mwg6k6evx7W2ZZM9L3vOUGw9GDjD3yZkERXwPWH
2vfPLiMQEe7LVBs83/fZwvKgfi6OMHPx3356hsBzOYJWLvfc6kps+xS+z6ENHJV4
IOCtnO6/zK7qdy4W/H8n8TkSYSmZ7oCA9F+WiI57Af16zaGhwBWSs9VSG73nFvW6
KCVlTbZsLDrKhKxZj9pJMWwdcYWreO8tSUblot1gLSiLkSanq8ofCqCKF6mN9EBn
Cx21hHPKK6dx8q2mz8wtxlpeD4rEcrSdTpXs7WStepSg9vPGcjkdw9YUt4tCM9zn
JVqr2zsAiczE
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:07:16 2024 by rpki-client on console-ams.rpki-client.org