Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s3zAnh-vdc7pxgr5IRa9kX86wvQ.roa
File: s3zAnh-vdc7pxgr5IRa9kX86wvQ.roa (raw, json)
Hash identifier: 04vvwhYvEy/j5HOElehzd1WIWFLTUeL2DboSJLKYI1A=
Subject key identifier: B3:7C:C0:9E:1F:AF:75:CE:E9:C6:0A:F9:21:16:BD:91:7F:3A:C2:F4
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38D5DF6E40550806FB9B0514C1A158
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s3zAnh-vdc7pxgr5IRa9kX86wvQ.roa
Signing time: Sun 01 Jan 2023 16:44:56 +0000
ROA not before: Sun 01 Jan 2023 16:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397423
IP address blocks: 195.178.128.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:d5:df:6e:40:55:08:06:fb:9b:05:14:c1:a1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b37cc09e1faf75cee9c60af92116bd917f3ac2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:14:84:bd:56:79:97:6a:fd:01:78:66:bf:88:
be:83:69:0d:ef:76:f6:01:a7:46:72:28:e0:2f:f4:
39:f3:bf:3e:db:1f:73:b3:d3:63:11:f3:43:98:2f:
a5:25:8b:59:69:87:09:cf:d6:9b:e2:40:1b:38:bb:
cd:7c:63:53:55:55:b6:9f:87:58:5b:85:81:07:0b:
76:e9:a0:d5:e3:75:15:b5:7b:bf:0d:42:d3:fb:d2:
4e:73:db:17:53:4e:50:18:98:1d:e4:50:df:8f:9c:
95:1f:af:5f:0b:4a:c4:1e:9d:d0:bc:f3:47:c1:d9:
2f:ab:b7:fe:d1:15:65:a3:53:e6:f3:00:21:28:af:
d1:08:9e:e0:d2:33:bc:a2:c9:25:ab:3c:d1:08:8e:
96:52:b0:bb:d0:e9:e9:b1:89:76:b1:fe:42:e2:fe:
49:0e:c3:d2:bf:47:f1:31:41:3a:ab:d7:eb:8e:d4:
0e:64:c7:71:5f:f7:4d:9a:ed:6b:e0:bc:94:3d:73:
11:45:5b:13:95:a0:bb:71:0c:83:50:94:b2:d6:b7:
13:b6:5c:ae:fb:55:55:54:b4:f0:57:2f:57:d4:25:
f9:b9:78:86:f1:93:e0:ed:38:13:83:59:c7:57:f7:
5c:1a:68:3e:b4:74:93:61:12:9c:27:3e:25:ef:09:
b7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7C:C0:9E:1F:AF:75:CE:E9:C6:0A:F9:21:16:BD:91:7F:3A:C2:F4
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/s3zAnh-vdc7pxgr5IRa9kX86wvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.248.0/21
195.178.128.0/22
Signature Algorithm: sha256WithRSAEncryption
53:03:05:44:e8:7c:4e:8a:2c:28:d3:50:34:3c:7d:bf:ae:2d:
b6:c0:93:98:4b:9e:4e:d7:44:b3:ed:a3:84:e1:3f:02:3c:ac:
dd:49:db:9c:fb:0a:cb:96:19:7d:6e:1e:67:7a:67:b5:9b:e6:
05:fb:e1:71:19:79:b8:88:71:30:b1:74:43:98:b4:a6:76:e7:
b1:ed:a1:f7:9d:07:3b:10:66:78:ce:2c:74:43:b9:c4:3f:9f:
59:a3:31:ec:26:f3:23:d6:d7:8c:a5:61:19:ae:97:b2:8d:e4:
dd:a9:ff:ed:9d:e6:9e:f2:c5:3c:c4:ef:a7:46:92:be:b8:5d:
d5:28:d3:d9:62:4e:44:cc:b9:88:f0:b7:eb:fb:e6:8c:7d:91:
30:78:20:ea:01:7f:41:cc:0c:20:64:bd:01:d9:73:fe:25:f1:
38:a4:01:2a:75:a7:85:f5:4c:87:19:e7:df:e8:07:8b:dc:7d:
a1:89:12:70:ab:f7:4f:17:b5:15:04:74:12:32:af:80:23:f3:
8d:75:82:95:a3:d8:b9:32:ce:55:a4:5e:2a:09:2a:bb:f0:f2:
e7:d9:5e:86:bf:bf:c9:25:2d:70:fc:66:b9:d9:7c:58:26:9c:
10:5d:ee:12:c9:fc:c8:59:bb:7b:d0:50:4c:fe:73:ad:2c:c1:
96:e8:fb:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuONXfbkBVCAb7mwUUwaFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzdjYzA5ZTFmYWY3NWNlZTljNjBhZjkyMTE2YmQ5MTdmM2FjMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBSEvVZ5l2r9AXhmv4i+g2kN73b2
AadGcijgL/Q5878+2x9zs9NjEfNDmC+lJYtZaYcJz9ab4kAbOLvNfGNTVVW2n4dY
W4WBBwt26aDV43UVtXu/DULT+9JOc9sXU05QGJgd5FDfj5yVH69fC0rEHp3QvPNH
wdkvq7f+0RVlo1Pm8wAhKK/RCJ7g0jO8osklqzzRCI6WUrC70OnpsYl2sf5C4v5J
DsPSv0fxMUE6q9frjtQOZMdxX/dNmu1r4LyUPXMRRVsTlaC7cQyDUJSy1rcTtlyu
+1VVVLTwVy9X1CX5uXiG8ZPg7TgTg1nHV/dcGmg+tHSTYRKcJz4l7wm3NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLN8wJ4fr3XO6cYK+SEWvZF/OsL0MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvczN6QW5oLXZkYzdweGdyNUlSYTlrWDg2d3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTS/4AwQC
w7KAMA0GCSqGSIb3DQEBCwUAA4IBAQBTAwVE6HxOiiwo01A0PH2/ri22wJOYS55O
10Sz7aOE4T8CPKzdSduc+wrLlhl9bh5neme1m+YF++FxGXm4iHEwsXRDmLSmduex
7aH3nQc7EGZ4zix0Q7nEP59ZozHsJvMj1teMpWEZrpeyjeTdqf/tneae8sU8xO+n
RpK+uF3VKNPZYk5EzLmI8Lfr++aMfZEweCDqAX9BzAwgZL0B2XP+JfE4pAEqdaeF
9UyHGeff6AeL3H2hiRJwq/dPF7UVBHQSMq+AI/ONdYKVo9i5Ms5VpF4qCSq78PLn
2V6Gv7/JJS1w/Ga52XxYJpwQXe4SyfzIWbt70FBM/nOtLMGW6Pum
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org