Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/oFxeNkILLERjuGrnaTwD-JguBN0.roa
File: oFxeNkILLERjuGrnaTwD-JguBN0.roa (raw, json)
Hash identifier: tUojrxXaOV96lCOnq8xyxywExRzOznBAYra7ibqdTDg=
Subject key identifier: A0:5C:5E:36:42:0B:2C:44:63:B8:6A:E7:69:3C:03:F8:98:2E:04:DD
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018CC94D4406BD759FF2487803FEFEFCF980
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/oFxeNkILLERjuGrnaTwD-JguBN0.roa
Signing time: Tue 02 Jan 2024 08:32:13 +0000
ROA not before: Tue 02 Jan 2024 08:32:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211936
IP address blocks: 212.111.215.0/24 maxlen: 24
195.178.132.0/22 maxlen: 24
77.47.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 16:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:44:06:bd:75:9f:f2:48:78:03:fe:fe:fc:f9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 08:32:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a05c5e36420b2c4463b86ae7693c03f8982e04dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:18:0e:08:a6:b5:12:fe:e4:3d:a1:4c:47:
dd:48:98:f9:dc:af:4b:ed:31:27:d4:a7:c2:5c:0d:
65:76:3d:66:c8:e6:35:cf:23:1c:c0:3b:af:c1:aa:
39:6f:3c:5a:3f:fd:fb:b6:17:5e:92:75:e1:8f:ee:
af:5b:10:04:49:81:40:05:f5:24:b5:87:49:0e:1b:
fa:6c:e4:5a:de:78:2c:97:29:d2:fc:cc:2d:2c:75:
8e:3c:70:ed:29:b0:68:86:ce:3f:8d:51:25:57:6d:
76:47:17:46:74:85:28:1f:ef:07:8e:de:88:6e:23:
eb:79:4c:f2:d1:0e:38:b6:73:81:54:36:83:97:b8:
35:f2:2c:cc:1a:e1:29:cd:9a:96:c2:03:18:79:b2:
c9:81:cd:fc:b0:2a:18:31:9d:6c:45:b0:a4:f7:54:
a0:a1:31:db:b0:8c:e7:13:b4:a3:ad:46:28:13:f0:
46:bc:fc:de:f0:d0:0d:94:b2:19:3c:7b:03:16:8d:
ce:e9:cb:c9:08:8d:80:12:af:07:4c:93:74:cc:8c:
dc:db:ea:24:0d:e6:18:ed:8d:ec:90:41:47:23:d5:
b4:67:e6:9d:cf:4e:cd:5e:a2:4c:15:bb:b3:67:e1:
9a:8b:85:14:96:e6:9e:85:30:6f:d3:81:b3:7f:92:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5C:5E:36:42:0B:2C:44:63:B8:6A:E7:69:3C:03:F8:98:2E:04:DD
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/oFxeNkILLERjuGrnaTwD-JguBN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.152.0/22
195.178.132.0/22
212.111.215.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:31:c1:6b:aa:99:ac:7d:43:89:98:f2:0e:29:c8:4d:3e:87:
89:77:ea:61:af:98:fb:0f:35:ef:c3:55:df:3b:50:25:59:26:
8d:87:f8:c2:14:d1:cb:e3:f1:71:7b:dd:5d:ab:7c:dc:27:7e:
5e:13:54:fa:62:0c:1e:86:32:25:03:a5:0b:53:7f:7a:91:44:
b7:e7:97:d8:1e:89:01:51:4e:2c:97:5a:3a:bf:11:a2:4b:1b:
6b:cf:82:35:16:55:ae:c6:c9:0b:8f:57:74:42:79:77:43:80:
66:52:9c:d1:85:90:24:a6:85:95:a1:67:2e:f9:de:6b:75:ad:
4b:64:0c:b8:70:36:68:ba:3e:a2:3c:b5:31:fc:29:20:af:0b:
4f:b4:1f:bf:e0:10:02:34:df:f0:47:9e:b2:35:fd:6b:2e:dd:
7a:0c:09:13:4d:e3:1d:c0:e8:de:1a:a7:94:ef:b6:76:76:08:
f6:e0:52:a4:ce:e0:cb:9d:a3:a9:f2:38:8a:db:4e:f0:30:31:
5b:0e:78:a2:35:8e:96:dd:c5:72:6d:4b:2b:cd:a1:d4:16:7a:
b0:e1:45:d2:77:31:0e:2b:04:88:d0:be:f2:13:15:e5:0e:ed:
5c:e3:1d:34:fc:bb:4e:d1:2d:8a:ff:e8:cc:82:11:e0:cd:48:
53:a4:30:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTUQGvXWf8kh4A/7+/PmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTAyMDgzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDVjNWUzNjQyMGIyYzQ0NjNiODZhZTc2OTNjMDNmODk4MmUwNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+gYDgimtRL+5D2hTEfdSJj53K9L
7TEn1KfCXA1ldj1myOY1zyMcwDuvwao5bzxaP/37thdeknXhj+6vWxAESYFABfUk
tYdJDhv6bORa3ngslynS/MwtLHWOPHDtKbBohs4/jVElV212RxdGdIUoH+8Hjt6I
biPreUzy0Q44tnOBVDaDl7g18izMGuEpzZqWwgMYebLJgc38sCoYMZ1sRbCk91Sg
oTHbsIznE7SjrUYoE/BGvPze8NANlLIZPHsDFo3O6cvJCI2AEq8HTJN0zIzc2+ok
DeYY7Y3skEFHI9W0Z+adz07NXqJMFbuzZ+Gai4UUluaehTBv04Gzf5KTuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKBcXjZCCyxEY7hq52k8A/iYLgTdMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvb0Z4ZU5rSUxMRVJqdUdybmFUd0QtSmd1Qk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTS+YAwQC
w7KEAwQA1G/XMA0GCSqGSIb3DQEBCwUAA4IBAQArMcFrqpmsfUOJmPIOKchNPoeJ
d+phr5j7DzXvw1XfO1AlWSaNh/jCFNHL4/Fxe91dq3zcJ35eE1T6YgwehjIlA6UL
U396kUS355fYHokBUU4sl1o6vxGiSxtrz4I1FlWuxskLj1d0Qnl3Q4BmUpzRhZAk
poWVoWcu+d5rda1LZAy4cDZouj6iPLUx/CkgrwtPtB+/4BACNN/wR56yNf1rLt16
DAkTTeMdwOjeGqeU77Z2dgj24FKkzuDLnaOp8jiK207wMDFbDniiNY6W3cVybUsr
zaHUFnqw4UXSdzEOKwSI0L7yExXlDu1c4x00/LtO0S2K/+jMghHgzUhTpDAu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org