Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kdW1ssrmbFUeAWRb7v2WMuOk2fI.roa
File: kdW1ssrmbFUeAWRb7v2WMuOk2fI.roa (raw, json)
Hash identifier: 0nelsVfEGqwuCieNwPy9n0CGo0gVbyitMlldpW9u8fE=
Subject key identifier: 91:D5:B5:B2:CA:E6:6C:55:1E:01:64:5B:EE:FD:96:32:E3:A4:D9:F2
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01890BFC66DCDD227F12AB86E3D7500F1860
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kdW1ssrmbFUeAWRb7v2WMuOk2fI.roa
Signing time: Fri 30 Jun 2023 11:07:17 +0000
ROA not before: Fri 30 Jun 2023 11:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.143.0/24 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.142.0/23 maxlen: 24
195.178.144.0/23 maxlen: 23
77.47.156.0/22 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.152.0/22 maxlen: 22
77.47.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 13:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:fc:66:dc:dd:22:7f:12:ab:86:e3:d7:50:0f:18:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jun 30 11:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91d5b5b2cae66c551e01645beefd9632e3a4d9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:89:1e:7e:6d:9b:a2:a2:ac:a4:f8:dd:5c:
77:ae:e7:8e:be:30:f5:bc:dc:fe:74:bc:db:01:c0:
8b:5f:7d:bd:3b:f9:9e:4e:f8:09:7e:87:a5:ce:c5:
f8:2f:76:ef:00:ea:dc:2d:9e:b3:a0:6c:20:be:da:
30:54:54:f1:1c:10:57:f2:37:ca:2c:46:b7:02:66:
19:20:7d:2e:cf:6b:dc:a4:e5:d8:32:ee:b3:90:92:
a7:99:eb:0f:76:a0:7c:2d:2c:d7:f9:3f:4d:73:10:
ce:37:28:c3:8c:d2:3c:0e:9c:19:66:cd:6a:06:36:
d6:d0:44:b1:e6:83:f7:e3:eb:4d:65:bf:71:d8:1b:
bb:62:eb:5a:2e:a3:b2:f7:9f:29:a5:c7:e6:e4:bd:
f7:7e:5f:ca:70:05:96:a3:29:94:0a:92:b7:7d:5f:
46:78:47:07:68:76:34:57:31:ea:f9:73:71:d9:93:
ed:80:6d:c7:96:2f:45:c4:df:13:2c:9e:44:8d:6b:
b7:b8:b7:e2:f1:74:39:41:18:eb:66:c0:56:f2:3b:
a7:f8:55:66:d3:a1:f4:02:e9:4d:b4:7d:3e:bd:7e:
20:3f:c0:0d:ec:56:c3:53:4f:4d:4c:fc:24:58:38:
2b:12:09:84:ae:8c:0b:19:2d:ef:e6:a5:b1:21:fa:
4b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D5:B5:B2:CA:E6:6C:55:1E:01:64:5B:EE:FD:96:32:E3:A4:D9:F2
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kdW1ssrmbFUeAWRb7v2WMuOk2fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/22
77.47.178.0/24
185.143.56.0/22
195.178.140.0/24
195.178.142.0-195.178.145.255
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
27:b7:f5:40:e2:e3:d7:bb:74:56:60:f9:bb:73:a5:b4:f8:b5:
0e:72:78:6e:64:7c:3a:8b:23:97:fd:fa:dd:59:94:49:80:4c:
d3:7f:72:2d:0f:4c:b8:03:4c:12:f5:69:fa:59:92:30:4c:f0:
d1:81:11:fd:c0:b1:97:d3:66:1a:97:ca:a7:51:f8:bd:c6:ac:
49:9d:4f:b2:6c:78:37:01:3f:14:7e:09:a7:5f:4a:4f:9a:65:
5f:7a:ab:aa:60:28:6a:52:29:35:07:62:f6:61:d1:c9:bd:b3:
b0:13:15:3d:9e:b1:95:93:cc:18:fa:53:3a:37:1c:78:1a:db:
18:56:68:6c:f0:cf:9e:ec:50:d9:66:07:91:20:ba:b8:ee:90:
a0:a2:a8:ad:05:c5:01:cf:f7:d9:e1:97:3f:19:29:92:d3:d8:
6d:87:8c:c7:8d:29:b4:07:45:64:2d:09:85:75:e9:6b:40:db:
45:a8:fd:54:2e:31:62:97:ce:37:8b:73:e8:ec:9f:63:6e:73:
21:5e:0f:0c:23:fb:a7:9d:87:6e:bf:8a:27:e7:62:da:fa:bd:
41:d5:f4:c1:77:f4:a7:4a:85:22:13:1f:bd:ab:56:14:a8:20:
45:59:eb:4b:07:e4:c4:4a:cd:6a:19:73:d6:40:fa:17:39:80:
9c:e0:8b:14
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYkL/Gbc3SJ/EquG49dQDxhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwNjMwMTEwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ1YjViMmNhZTY2YzU1MWUwMTY0NWJlZWZkOTYzMmUzYTRkOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTiJHn5tm6KirKT43Vx3rueOvjD1
vNz+dLzbAcCLX329O/meTvgJfoelzsX4L3bvAOrcLZ6zoGwgvtowVFTxHBBX8jfK
LEa3AmYZIH0uz2vcpOXYMu6zkJKnmesPdqB8LSzX+T9NcxDONyjDjNI8DpwZZs1q
BjbW0ESx5oP34+tNZb9x2Bu7YutaLqOy958ppcfm5L33fl/KcAWWoymUCpK3fV9G
eEcHaHY0VzHq+XNx2ZPtgG3Hli9FxN8TLJ5EjWu3uLfi8XQ5QRjrZsBW8jun+FVm
06H0AulNtH0+vX4gP8AN7FbDU09NTPwkWDgrEgmErowLGS3v5qWxIfpLjQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJHVtbLK5mxVHgFkW+79ljLjpNnyMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEva2RXMXNzcm1iRlVlQVdSYjd2MldNdU9rMmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATS+PAwQC
TS+cAwQATS+yAwQCuY84AwQAw7KMMAwDBAHDso4DBAHDspADBALDspgwDQYJKoZI
hvcNAQELBQADggEBACe39UDi49e7dFZg+btzpbT4tQ5yeG5kfDqLI5f9+t1ZlEmA
TNN/ci0PTLgDTBL1afpZkjBM8NGBEf3AsZfTZhqXyqdR+L3GrEmdT7JseDcBPxR+
CadfSk+aZV96q6pgKGpSKTUHYvZh0cm9s7ATFT2esZWTzBj6Uzo3HHga2xhWaGzw
z57sUNlmB5EgurjukKCiqK0FxQHP99nhlz8ZKZLT2G2HjMeNKbQHRWQtCYV16WtA
20Wo/VQuMWKXzjeLc+jsn2NucyFeDwwj+6edh26/iifnYtr6vUHV9MF39KdKhSIT
H72rVhSoIEVZ60sH5MRKzWoZc9ZA+hc5gJzgixQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org