Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/khxjA5p9o_yRYBilX6NJ4GrYG-c.roa
File: khxjA5p9o_yRYBilX6NJ4GrYG-c.roa (raw, json)
Hash identifier: UxfoyKqSekPd1pViTvOXsMsFsOFduAe/rI/F/fr8Bok=
Subject key identifier: 92:1C:63:03:9A:7D:A3:FC:91:60:18:A5:5F:A3:49:E0:6A:D8:1B:E7
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0185D3A979BD0A3D89D8BFDB2DDBE59EA89E
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/khxjA5p9o_yRYBilX6NJ4GrYG-c.roa
Signing time: Sat 21 Jan 2023 09:29:37 +0000
ROA not before: Sat 21 Jan 2023 09:29:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 212.111.211.0/24 maxlen: 24
212.111.216.0/23 maxlen: 24
212.111.218.0/23 maxlen: 23
185.143.56.0/22 maxlen: 24
77.47.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 20:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d3:a9:79:bd:0a:3d:89:d8:bf:db:2d:db:e5:9e:a8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 21 09:29:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=921c63039a7da3fc916018a55fa349e06ad81be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8a:cf:57:47:da:e0:57:18:4f:cd:95:01:00:
e2:20:9a:84:cd:5b:9c:47:1a:46:5c:c2:f8:db:d0:
1e:67:e1:c0:f6:c8:33:27:78:23:4a:f5:33:35:c1:
0f:f3:73:81:b8:e2:e2:cf:57:97:b2:c1:d3:97:65:
27:56:f5:4b:29:fe:12:8e:f6:8e:4b:e4:50:76:35:
35:29:44:f1:52:ea:87:7e:17:76:8e:d9:5d:c5:78:
d8:73:47:99:fc:94:00:56:0d:98:f1:b4:14:e0:5e:
2e:12:9b:57:95:d2:7c:eb:4e:fd:ba:16:39:78:3d:
d8:10:38:1d:12:02:95:3e:61:5c:c0:9d:65:05:98:
8e:07:74:9d:d0:71:56:87:dc:31:d5:28:ef:89:b6:
c1:62:67:08:d6:83:de:10:00:44:30:b6:ba:5e:b8:
13:8d:b6:28:a7:12:d9:79:8a:8c:77:55:b2:e0:c9:
b8:ce:43:41:80:33:ff:ea:f3:c3:16:df:4e:1e:c8:
af:21:03:c0:79:82:b0:04:b1:97:37:be:44:64:60:
66:6a:d6:a6:16:80:29:40:76:01:5d:e5:ba:0f:ec:
e3:e7:c4:3d:72:8b:dd:b8:22:f4:52:9b:ed:30:70:
aa:31:69:ac:8c:f4:ae:a2:fa:e5:2f:b6:6d:41:fc:
f9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1C:63:03:9A:7D:A3:FC:91:60:18:A5:5F:A3:49:E0:6A:D8:1B:E7
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/khxjA5p9o_yRYBilX6NJ4GrYG-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.180.0/22
185.143.56.0/22
212.111.211.0/24
212.111.216.0/22
Signature Algorithm: sha256WithRSAEncryption
24:d5:43:64:0e:0e:53:e7:e1:2a:e5:96:da:7a:c1:b1:3b:a9:
26:ed:73:16:7e:ed:ed:89:1c:48:3f:65:2d:11:03:98:3e:41:
4b:e3:c5:c0:90:ad:79:b4:64:6f:d8:57:fc:29:fc:fd:6a:e7:
b0:1a:e7:c2:1d:44:81:d1:ef:22:3b:6d:a9:e9:3f:10:6d:d4:
1c:80:7d:39:d6:95:8d:86:39:86:3b:98:05:b1:b7:17:fe:87:
6d:dd:ea:04:94:1a:a1:8a:12:9c:29:c4:97:8b:e8:6f:58:f3:
5e:af:02:3b:63:51:22:1b:44:49:be:e0:4d:5e:9c:b2:8f:06:
ec:ea:27:ab:f9:40:33:42:29:a4:56:7b:71:fa:43:38:a6:3c:
50:95:36:81:f1:b3:e2:f4:24:6b:cc:bf:c5:64:95:dd:15:60:
a0:cf:08:cf:8e:86:6f:8a:a4:fc:0c:72:8b:8a:22:98:0b:11:
51:e5:34:ce:10:e0:14:77:d6:4d:6e:c2:27:c3:14:95:0f:dc:
80:72:f4:37:2c:1e:08:48:0f:2d:12:93:a4:07:99:7c:4a:df:
4b:32:c6:76:0d:8e:b9:28:68:f4:40:7c:3d:78:c6:23:fa:fa:
6c:f2:60:53:4f:a7:5f:38:0c:ab:7c:08:85:6c:91:b5:8a:e2:
b4:ed:89:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXTqXm9Cj2J2L/bLdvlnqieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTIxMDkyOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFjNjMwMzlhN2RhM2ZjOTE2MDE4YTU1ZmEzNDllMDZhZDgxYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkorPV0fa4FcYT82VAQDiIJqEzVuc
RxpGXML429AeZ+HA9sgzJ3gjSvUzNcEP83OBuOLiz1eXssHTl2UnVvVLKf4SjvaO
S+RQdjU1KUTxUuqHfhd2jtldxXjYc0eZ/JQAVg2Y8bQU4F4uEptXldJ86079uhY5
eD3YEDgdEgKVPmFcwJ1lBZiOB3Sd0HFWh9wx1SjvibbBYmcI1oPeEABEMLa6XrgT
jbYopxLZeYqMd1Wy4Mm4zkNBgDP/6vPDFt9OHsivIQPAeYKwBLGXN75EZGBmatam
FoApQHYBXeW6D+zj58Q9covduCL0UpvtMHCqMWmsjPSuovrlL7ZtQfz5NwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJIcYwOafaP8kWAYpV+jSeBq2BvnMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEva2h4akE1cDlvX3lSWUJpbFg2Tko0R3JZRy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTS+0AwQC
uY84AwQA1G/TAwQC1G/YMA0GCSqGSIb3DQEBCwUAA4IBAQAk1UNkDg5T5+Eq5Zba
esGxO6km7XMWfu3tiRxIP2UtEQOYPkFL48XAkK15tGRv2Ff8Kfz9auewGufCHUSB
0e8iO22p6T8QbdQcgH051pWNhjmGO5gFsbcX/odt3eoElBqhihKcKcSXi+hvWPNe
rwI7Y1EiG0RJvuBNXpyyjwbs6ier+UAzQimkVntx+kM4pjxQlTaB8bPi9CRrzL/F
ZJXdFWCgzwjPjoZviqT8DHKLiiKYCxFR5TTOEOAUd9ZNbsInwxSVD9yAcvQ3LB4I
SA8tEpOkB5l8St9LMsZ2DY65KGj0QHw9eMYj+vps8mBTT6dfOAyrfAiFbJG1iuK0
7YnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org