Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u7iJckrxtAJIJeaar_0C-DbsKMY.roa
File: u7iJckrxtAJIJeaar_0C-DbsKMY.roa (raw, json)
Hash identifier: f+d3ZySocbKXtA/udidNclCWPw7ZGrg7DcuYTsGBslY=
Subject key identifier: BB:B8:89:72:4A:F1:B4:02:48:25:E6:9A:AF:FD:02:F8:36:EC:28:C6
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018B7FF57A89B0A10F10F43ED69A7C9FBF41
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u7iJckrxtAJIJeaar_0C-DbsKMY.roa
Signing time: Mon 30 Oct 2023 09:41:15 +0000
ROA not before: Mon 30 Oct 2023 09:41:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 212.111.207.0/24 maxlen: 24
195.178.140.0/24 maxlen: 24
185.143.57.0/24 maxlen: 24
185.143.58.0/24 maxlen: 24
185.143.56.0/24 maxlen: 24
185.143.56.0/22 maxlen: 22
185.143.59.0/24 maxlen: 24
77.47.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:f5:7a:89:b0:a1:0f:10:f4:3e:d6:9a:7c:9f:bf:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Oct 30 09:41:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbb889724af1b4024825e69aaffd02f836ec28c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4f:4b:d1:79:96:58:ca:85:b1:b7:aa:d1:2b:
c9:05:71:b6:a0:c0:33:36:de:40:80:57:ca:35:a3:
99:f7:35:42:f1:9b:2e:82:07:0b:12:51:21:de:30:
d7:38:cc:5d:ff:d7:52:06:a2:8d:c6:eb:de:b2:c4:
17:8c:77:ef:a2:2d:c1:c3:ec:2c:17:05:49:cf:e4:
75:12:a5:91:df:56:70:df:96:05:63:e1:57:ab:e6:
9a:0f:33:42:b4:6e:1a:cd:63:07:4f:7a:b7:11:8b:
2d:18:1a:96:8e:e6:9f:e3:1a:6d:dd:8e:a9:e9:5c:
e6:99:7f:f6:be:86:c7:57:b9:b9:f6:98:c8:d4:78:
97:36:61:81:72:82:21:89:a7:4c:a7:ea:e3:a2:90:
09:99:4c:0a:0c:a0:ff:6f:a4:fe:03:a2:2f:52:f1:
c3:84:63:f6:5b:13:ed:52:cb:cc:48:6b:27:3c:1a:
80:56:6a:cf:4f:63:07:c7:0a:d6:93:7b:9c:a2:92:
d8:78:97:99:0e:65:55:0e:b7:c7:6a:72:46:19:20:
c4:92:cb:5c:df:e5:f5:a1:4f:82:ee:7f:df:23:dc:
fc:51:75:0f:c9:f9:15:ca:7c:ce:ad:65:64:9d:49:
95:b3:f9:ed:e1:5e:6d:68:ac:a4:03:80:60:e1:5b:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B8:89:72:4A:F1:B4:02:48:25:E6:9A:AF:FD:02:F8:36:EC:28:C6
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u7iJckrxtAJIJeaar_0C-DbsKMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.178.0/24
185.143.56.0/22
195.178.140.0/24
212.111.207.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:8e:99:89:b0:2a:aa:c4:32:ce:96:70:a2:72:cb:07:41:5c:
e6:2a:20:0a:1f:e0:c0:50:db:86:65:91:fb:ad:ef:58:12:36:
36:ca:fd:ac:90:a0:5d:59:a0:0a:34:a7:15:c0:97:40:03:5e:
1f:fa:17:33:1d:a7:f9:af:e7:03:df:77:ae:9a:bb:66:0c:33:
1d:0b:50:5a:13:2e:58:ea:26:6f:d5:3b:81:78:d3:ee:6b:ef:
6d:69:93:ae:1c:b5:1e:8e:0b:32:e0:28:ed:2f:67:47:17:de:
d0:4f:8e:33:fb:61:0d:53:ae:c9:ba:bb:3c:8e:a8:a2:7d:bc:
7c:8f:c6:26:40:fe:8a:3d:bb:f0:3f:3f:06:ca:15:03:c1:b5:
a0:c5:18:e3:d5:4f:c2:56:d3:52:3d:fc:3c:6f:d1:63:ec:5d:
e2:a2:7d:69:ce:43:b8:31:e4:50:21:96:88:0d:fd:7e:00:fd:
95:a8:fe:d4:f7:d7:43:3c:3b:e0:67:53:07:7e:38:94:1c:6a:
35:a7:26:f2:d2:66:30:00:b2:62:f7:03:0f:23:67:0c:67:12:
c7:8b:eb:a2:23:2c:bf:fe:80:2b:a2:49:37:dc:79:8e:89:b4:
bd:05:cf:16:e2:12:63:31:8b:45:0a:43:27:32:2d:78:fa:91:
04:64:67:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYt/9XqJsKEPEPQ+1pp8n79BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMxMDMwMDk0MTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI4ODk3MjRhZjFiNDAyNDgyNWU2OWFhZmZkMDJmODM2ZWMyOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU9L0XmWWMqFsbeq0SvJBXG2oMAz
Nt5AgFfKNaOZ9zVC8ZsuggcLElEh3jDXOMxd/9dSBqKNxuvessQXjHfvoi3Bw+ws
FwVJz+R1EqWR31Zw35YFY+FXq+aaDzNCtG4azWMHT3q3EYstGBqWjuaf4xpt3Y6p
6VzmmX/2vobHV7m59pjI1HiXNmGBcoIhiadMp+rjopAJmUwKDKD/b6T+A6IvUvHD
hGP2WxPtUsvMSGsnPBqAVmrPT2MHxwrWk3ucopLYeJeZDmVVDrfHanJGGSDEkstc
3+X1oU+C7n/fI9z8UXUPyfkVynzOrWVknUmVs/nt4V5taKykA4Bg4Vs6xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLu4iXJK8bQCSCXmmq/9Avg27CjGMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvdTdpSmNrcnh0QUpJSmVhYXJfMEMtRGJzS01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATS+yAwQC
uY84AwQAw7KMAwQA1G/PMA0GCSqGSIb3DQEBCwUAA4IBAQCxjpmJsCqqxDLOlnCi
cssHQVzmKiAKH+DAUNuGZZH7re9YEjY2yv2skKBdWaAKNKcVwJdAA14f+hczHaf5
r+cD33eumrtmDDMdC1BaEy5Y6iZv1TuBeNPua+9taZOuHLUejgsy4CjtL2dHF97Q
T44z+2ENU67Jurs8jqiifbx8j8YmQP6KPbvwPz8GyhUDwbWgxRjj1U/CVtNSPfw8
b9Fj7F3ion1pzkO4MeRQIZaIDf1+AP2VqP7U99dDPDvgZ1MHfjiUHGo1pyby0mYw
ALJi9wMPI2cMZxLHi+uiIyy//oArokk33HmOibS9Bc8W4hJjMYtFCkMnMi14+pEE
ZGdV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org