Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/tPAAoSbjpvwP6XekZ9vTsi9c9R4.roa
File: tPAAoSbjpvwP6XekZ9vTsi9c9R4.roa (raw, json)
Hash identifier: x8baVuQmLCL6d5YCt2bJmjkCy1G6mXdYt5lOqxSenUE=
Subject key identifier: B4:F0:00:A1:26:E3:A6:FC:0F:E9:77:A4:67:DB:D3:B2:2F:5C:F5:1E
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018C11C5729382F52AC2E9212F8DF2B100D0
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/tPAAoSbjpvwP6XekZ9vTsi9c9R4.roa
Signing time: Mon 27 Nov 2023 17:13:21 +0000
ROA not before: Mon 27 Nov 2023 17:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 212.111.211.0/24 maxlen: 24
212.111.218.0/23 maxlen: 23
195.178.128.0/22 maxlen: 24
77.47.252.0/22 maxlen: 24
77.47.248.0/22 maxlen: 24
77.47.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:c5:72:93:82:f5:2a:c2:e9:21:2f:8d:f2:b1:00:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Nov 27 17:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4f000a126e3a6fc0fe977a467dbd3b22f5cf51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2f:a1:0c:ab:43:0c:95:a2:eb:8e:15:4b:44:
72:eb:ab:3c:a7:72:75:2d:62:4f:9a:d8:1c:5b:28:
a2:92:e0:0b:94:21:24:c4:24:8f:c7:72:55:13:c8:
e0:9c:8d:c8:1f:d5:e8:07:e9:f0:a3:ab:ff:24:f9:
d8:08:b5:3f:c0:43:e8:7b:22:23:d5:bb:a4:16:34:
6e:66:e9:f7:52:eb:08:df:e4:23:9c:4b:26:ea:67:
d6:92:02:27:b6:d6:f4:54:02:23:78:c0:1c:e3:2a:
61:7a:9e:4d:e4:66:e2:f1:0c:d8:cc:cb:3c:66:c1:
3d:bd:fe:8b:9b:76:3f:7b:ad:2d:59:fe:dc:a1:12:
d8:64:18:76:51:a8:e8:ed:04:4b:56:18:9f:dd:c5:
29:58:b5:7d:3c:03:42:e1:01:31:f2:2a:45:9e:2b:
bc:da:19:84:35:1f:11:45:6a:d3:21:fc:81:3f:2d:
40:4b:e9:fe:b1:9c:8f:8e:ce:2e:ea:d9:28:44:ef:
fe:b0:ec:33:dd:9f:6e:38:6d:6a:ab:b5:0f:46:fe:
45:6f:33:7e:d1:67:fe:55:e2:2c:94:81:41:a6:f4:
63:2f:3f:09:16:e8:48:ec:b9:f6:13:79:4c:4d:7b:
e2:4d:10:c1:03:04:e8:d0:30:d7:9a:41:f8:4e:16:
cf:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F0:00:A1:26:E3:A6:FC:0F:E9:77:A4:67:DB:D3:B2:2F:5C:F5:1E
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/tPAAoSbjpvwP6XekZ9vTsi9c9R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.180.0/22
77.47.248.0/21
195.178.128.0/22
212.111.211.0/24
212.111.218.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:1b:d5:e9:bc:62:00:24:ec:7d:01:35:df:b1:10:c1:68:88:
f8:dd:f4:33:bb:99:d3:23:68:a0:4d:9e:49:3d:7f:cb:42:85:
80:df:fd:0c:ed:c7:2c:26:6d:91:c5:32:5b:ef:68:45:9e:0f:
01:49:16:97:20:2d:6a:48:eb:c0:4c:44:3c:2e:e8:df:c2:a3:
68:c4:65:9a:d7:30:a9:00:cc:a3:d7:65:41:3a:33:16:75:b1:
f7:96:ac:e0:b7:35:3a:3c:02:d5:d9:86:d2:1b:86:58:4b:12:
49:8f:8d:21:30:f0:9b:56:60:b8:e8:44:b5:b2:da:39:54:f1:
bb:60:76:28:2c:e9:b5:52:91:38:95:5a:f1:15:1e:08:97:9b:
b7:be:a0:f0:31:eb:97:c6:e8:54:ae:6d:3d:57:70:4b:31:fc:
a3:03:e6:6f:6b:0e:e9:72:2c:91:4d:e1:53:bc:73:0e:51:4e:
60:ea:58:99:42:fb:8c:77:a2:08:66:e2:d7:96:80:be:a0:14:
ce:cd:75:4a:8c:71:7c:09:67:32:39:dc:0f:c1:8d:66:7f:25:
80:ee:04:32:7f:db:7f:cc:26:ef:08:c0:4e:7e:27:d1:60:2a:
18:6f:ca:3f:c3:7f:84:b2:90:a3:ce:35:4c:9e:f2:03:1a:dd:
54:9e:fc:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwRxXKTgvUqwukhL43ysQDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMxMTI3MTcxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYwMDBhMTI2ZTNhNmZjMGZlOTc3YTQ2N2RiZDNiMjJmNWNmNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS+hDKtDDJWi644VS0Ry66s8p3J1
LWJPmtgcWyiikuALlCEkxCSPx3JVE8jgnI3IH9XoB+nwo6v/JPnYCLU/wEPoeyIj
1bukFjRuZun3UusI3+QjnEsm6mfWkgInttb0VAIjeMAc4yphep5N5Gbi8QzYzMs8
ZsE9vf6Lm3Y/e60tWf7coRLYZBh2Uajo7QRLVhif3cUpWLV9PANC4QEx8ipFniu8
2hmENR8RRWrTIfyBPy1AS+n+sZyPjs4u6tkoRO/+sOwz3Z9uOG1qq7UPRv5FbzN+
0Wf+VeIslIFBpvRjLz8JFuhI7Ln2E3lMTXviTRDBAwTo0DDXmkH4ThbPaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLTwAKEm46b8D+l3pGfb07IvXPUeMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvdFBBQW9TYmpwdndQNlhla1o5dlRzaTljOVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTS+0AwQD
TS/4AwQCw7KAAwQA1G/TAwQB1G/aMA0GCSqGSIb3DQEBCwUAA4IBAQAuG9XpvGIA
JOx9ATXfsRDBaIj43fQzu5nTI2igTZ5JPX/LQoWA3/0M7ccsJm2RxTJb72hFng8B
SRaXIC1qSOvATEQ8LujfwqNoxGWa1zCpAMyj12VBOjMWdbH3lqzgtzU6PALV2YbS
G4ZYSxJJj40hMPCbVmC46ES1sto5VPG7YHYoLOm1UpE4lVrxFR4Il5u3vqDwMeuX
xuhUrm09V3BLMfyjA+Zvaw7pciyRTeFTvHMOUU5g6liZQvuMd6IIZuLXloC+oBTO
zXVKjHF8CWcyOdwPwY1mfyWA7gQyf9t/zCbvCMBOfifRYCoYb8o/w3+EspCjzjVM
nvIDGt1UnvzP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org