Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/nEsjgRFgt15xedpuQOkAvAtgtNM.roa
File: nEsjgRFgt15xedpuQOkAvAtgtNM.roa (raw, json)
Hash identifier: BDD9e8RQJofZUx/ojpYI5h+NlHN1XyDEy06pMS+TOC0=
Subject key identifier: 9C:4B:23:81:11:60:B7:5E:71:79:DA:6E:40:E9:00:BC:0B:60:B4:D3
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018CC94D472FCB7E40411F77D3E6B9BB6EBB
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/nEsjgRFgt15xedpuQOkAvAtgtNM.roa
Signing time: Tue 02 Jan 2024 08:32:14 +0000
ROA not before: Tue 02 Jan 2024 08:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399587
IP address blocks: 77.47.252.0/22 maxlen: 24
77.47.248.0/22 maxlen: 24
195.178.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 09:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:47:2f:cb:7e:40:41:1f:77:d3:e6:b9:bb:6e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 08:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4b23811160b75e7179da6e40e900bc0b60b4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d3:7f:4c:f1:c3:da:ee:53:15:26:f8:fa:7c:
16:de:56:49:f0:f1:18:46:26:b0:33:1b:35:14:3a:
a1:be:da:46:9e:bf:b5:b7:e4:bc:b1:d7:f4:5f:0f:
83:66:7b:b7:2b:41:c8:88:5b:c2:14:35:17:50:e0:
4c:2f:6b:69:a6:f7:2d:e8:b5:cc:fe:a3:20:15:b0:
a0:ad:6f:c4:ca:c1:e6:fc:05:14:b4:eb:15:a5:88:
99:6d:07:8c:06:ef:82:1c:b6:92:4b:4e:46:1d:f3:
bb:f9:c9:86:9c:1d:5a:bb:1c:06:fd:9b:f4:95:39:
ef:95:a1:09:c1:d4:04:15:85:00:9f:9b:0a:5b:c5:
30:c5:e0:38:9f:f4:1c:f1:62:20:06:a2:5e:84:59:
50:3e:93:94:9d:e8:fc:b1:99:ac:6c:75:6a:e9:b7:
6b:f5:81:bf:93:52:e4:94:83:e1:c6:52:92:4c:ec:
4c:0e:8e:16:5f:05:d0:99:d5:2a:66:78:9b:42:ba:
46:27:97:95:d5:9f:a6:e0:ec:19:70:a5:cf:aa:69:
60:c7:3a:f1:e9:a6:52:a6:07:41:79:29:b6:1a:da:
3c:09:a1:14:39:27:50:49:c7:e4:7c:86:ae:a4:a6:
c3:53:b8:d3:ce:83:8d:2c:33:00:44:b0:3f:0d:4c:
89:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4B:23:81:11:60:B7:5E:71:79:DA:6E:40:E9:00:BC:0B:60:B4:D3
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/nEsjgRFgt15xedpuQOkAvAtgtNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.248.0/21
195.178.128.0/22
Signature Algorithm: sha256WithRSAEncryption
08:d1:b0:48:7c:91:6f:09:4e:1b:68:48:9d:be:0b:dd:0e:6b:
24:7e:74:7e:31:53:1b:6d:22:f6:e6:ec:1d:ac:65:a2:bb:2b:
e8:14:0b:0e:92:8c:d1:73:c5:2b:05:a4:ff:9c:7c:e5:15:e5:
8a:c6:62:3d:08:a0:81:96:cd:70:6e:be:6f:16:fd:ae:7c:e3:
d0:60:e1:c5:20:c9:40:26:2b:57:7b:50:b1:7e:84:ce:b1:5c:
a1:57:30:3d:6f:6f:2a:67:32:40:0f:ef:69:84:9f:36:2e:a2:
50:96:55:e8:bd:03:1d:a0:b7:fe:b4:30:b5:1f:c2:e0:93:c1:
b8:d0:22:e4:ff:f0:f8:4a:90:ff:de:9f:0c:9a:a4:cf:2a:2d:
35:35:9c:8e:54:a2:63:d3:74:aa:18:2b:24:f5:51:1e:3e:47:
f6:4a:6f:3f:31:46:bb:0c:cd:99:f6:81:d6:cb:4d:72:36:b1:
e0:9f:bd:4c:d8:d0:ee:1a:e9:02:8b:59:9e:98:a9:44:c1:73:
b2:0c:be:ad:0c:59:8a:7d:2f:0c:d2:75:c5:42:8a:13:bb:be:
cb:06:57:d5:8c:65:9b:fb:36:55:4e:49:c9:79:3f:c6:f4:b2:
cf:99:aa:b8:29:58:a6:97:f3:7c:43:5d:be:bf:1b:55:c3:bc:
7f:0a:96:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTUcvy35AQR930+a5u267MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTAyMDgzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRiMjM4MTExNjBiNzVlNzE3OWRhNmU0MGU5MDBiYzBiNjBiNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9tN/TPHD2u5TFSb4+nwW3lZJ8PEY
RiawMxs1FDqhvtpGnr+1t+S8sdf0Xw+DZnu3K0HIiFvCFDUXUOBML2tppvct6LXM
/qMgFbCgrW/EysHm/AUUtOsVpYiZbQeMBu+CHLaSS05GHfO7+cmGnB1auxwG/Zv0
lTnvlaEJwdQEFYUAn5sKW8UwxeA4n/Qc8WIgBqJehFlQPpOUnej8sZmsbHVq6bdr
9YG/k1LklIPhxlKSTOxMDo4WXwXQmdUqZnibQrpGJ5eV1Z+m4OwZcKXPqmlgxzrx
6aZSpgdBeSm2Gto8CaEUOSdQScfkfIaupKbDU7jTzoONLDMARLA/DUyJNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxLI4ERYLdecXnabkDpALwLYLTTMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvbkVzamdSRmd0MTV4ZWRwdVFPa0F2QXRndE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTS/4AwQC
w7KAMA0GCSqGSIb3DQEBCwUAA4IBAQAI0bBIfJFvCU4baEidvgvdDmskfnR+MVMb
bSL25uwdrGWiuyvoFAsOkozRc8UrBaT/nHzlFeWKxmI9CKCBls1wbr5vFv2ufOPQ
YOHFIMlAJitXe1CxfoTOsVyhVzA9b28qZzJAD+9phJ82LqJQllXovQMdoLf+tDC1
H8Lgk8G40CLk//D4SpD/3p8MmqTPKi01NZyOVKJj03SqGCsk9VEePkf2Sm8/MUa7
DM2Z9oHWy01yNrHgn71M2NDuGukCi1memKlEwXOyDL6tDFmKfS8M0nXFQooTu77L
BlfVjGWb+zZVTknJeT/G9LLPmaq4KViml/N8Q12+vxtVw7x/Cpax
-----END CERTIFICATE-----
Generated at Mon Oct 21 11:47:02 2024 by rpki-client on console-fra.rpki-client.org