Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u9eLhEAhEQe9Etmxakm57puXm0A.roa
File: u9eLhEAhEQe9Etmxakm57puXm0A.roa (raw, json)
Hash identifier: F7FNwvEJoKyBbjTE0nxRQe/BOUpzwjV7kc2F7fjj2kU=
Subject key identifier: BB:D7:8B:84:40:21:11:07:BD:12:D9:B1:6A:49:B9:EE:9B:97:9B:40
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018F28CEF43888C97F487089821897E132F8
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u9eLhEAhEQe9Etmxakm57puXm0A.roa
Signing time: Mon 29 Apr 2024 07:43:22 +0000
ROA not before: Mon 29 Apr 2024 07:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.156.0/24 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 30 Apr 2024 14:19:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:ce:f4:38:88:c9:7f:48:70:89:82:18:97:e1:32:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Apr 29 07:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd78b8440211107bd12d9b16a49b9ee9b979b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:04:20:23:3c:79:80:43:65:95:16:3f:06:d5:
88:05:f3:36:ac:8b:e8:aa:ea:52:b9:6d:ac:e2:27:
22:1f:2e:df:58:b4:e8:42:c2:5e:3d:a8:f0:a9:fb:
66:18:4f:2f:b4:55:e2:4b:fd:8e:08:0b:19:f4:70:
fe:d6:22:54:73:23:72:31:44:49:77:29:e3:e2:3e:
11:08:67:7e:2e:1e:d1:0d:49:f7:da:24:99:2b:e1:
dc:f0:69:d1:01:ac:7e:be:f9:05:68:d1:83:2c:52:
3f:d2:53:f7:b2:0c:c1:17:57:38:87:71:80:21:97:
ec:2b:d5:5e:98:0f:93:f1:8e:49:51:6d:c6:6b:c4:
b8:8d:8c:10:74:56:a7:82:f3:37:23:64:fd:b1:1c:
a5:58:22:b6:6f:6f:32:7a:ba:bb:0c:08:8f:55:3b:
b6:90:d2:a0:d7:00:aa:e2:88:9f:87:ca:ac:32:ca:
e4:d8:78:6b:25:c4:b2:3c:46:87:cd:a0:34:ca:a1:
e8:a7:e4:ab:e1:74:8c:70:fc:62:91:89:16:ed:f3:
5f:31:31:4a:d6:2e:63:a0:a7:2a:94:1b:43:a8:69:
d5:cf:9c:52:62:e4:3b:8a:2a:ed:48:8e:fe:a0:ea:
d0:e2:7c:fb:28:10:55:94:66:96:ca:5c:54:1f:e7:
71:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D7:8B:84:40:21:11:07:BD:12:D9:B1:6A:49:B9:EE:9B:97:9B:40
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/u9eLhEAhEQe9Etmxakm57puXm0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/24
185.143.56.0/22
195.178.144.0/23
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:de:9c:81:b9:31:fc:b7:38:19:e7:d7:74:8c:b9:f6:f5:5d:
0a:ed:6a:ca:92:5a:19:44:c6:a6:9f:6f:f2:92:e8:3c:4d:a1:
d5:56:ea:92:46:13:73:a7:be:b5:36:7f:c9:54:b2:77:b2:c2:
49:33:ad:03:04:a4:5b:cd:62:c2:eb:f7:19:97:8c:81:83:4b:
1d:85:f1:ec:ee:45:b5:97:98:6c:18:e9:2f:74:1e:33:ff:51:
a7:02:05:89:0c:a7:09:3b:98:64:88:8f:96:9a:c2:0d:a4:45:
fe:0c:55:e2:e5:13:8d:6f:f0:dd:25:e5:88:2d:13:b5:9d:3f:
b0:f3:6c:9f:b8:9d:56:89:d7:e5:21:53:91:a4:e6:b9:63:69:
e8:87:1c:7b:ae:8e:e1:8b:e2:26:60:e3:5a:8a:fe:c6:7a:da:
2c:f4:7b:46:32:97:c4:6b:bc:3a:31:87:15:40:a6:82:25:97:
e8:c7:32:39:58:68:3a:04:2f:a1:28:08:04:bb:8c:3c:96:a5:
d0:d5:4d:9a:2f:8e:b5:7e:70:34:0c:96:7d:d1:5c:cd:c1:f2:
f9:d9:29:7e:a7:37:db:dd:e7:5b:46:24:92:b7:2f:a5:51:4d:
14:98:e1:ca:4c:dc:c5:b0:c8:b3:6a:d1:27:4c:09:7b:d5:92:
6a:14:8e:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8ozvQ4iMl/SHCJghiX4TL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwNDI5MDc0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ3OGI4NDQwMjExMTA3YmQxMmQ5YjE2YTQ5YjllZTliOTc5YjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwQgIzx5gENllRY/BtWIBfM2rIvo
qupSuW2s4iciHy7fWLToQsJePajwqftmGE8vtFXiS/2OCAsZ9HD+1iJUcyNyMURJ
dynj4j4RCGd+Lh7RDUn32iSZK+Hc8GnRAax+vvkFaNGDLFI/0lP3sgzBF1c4h3GA
IZfsK9VemA+T8Y5JUW3Ga8S4jYwQdFangvM3I2T9sRylWCK2b28yerq7DAiPVTu2
kNKg1wCq4oifh8qsMsrk2HhrJcSyPEaHzaA0yqHop+Sr4XSMcPxikYkW7fNfMTFK
1i5joKcqlBtDqGnVz5xSYuQ7iirtSI7+oOrQ4nz7KBBVlGaWylxUH+dxWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLvXi4RAIREHvRLZsWpJue6bl5tAMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvdTllTGhFQWhFUWU5RXRteGFrbTU3cHVYbTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATS+PAwQA
TS+cAwQCuY84AwQBw7KQAwQCw7KYMA0GCSqGSIb3DQEBCwUAA4IBAQDF3pyBuTH8
tzgZ59d0jLn29V0K7WrKkloZRMamn2/ykug8TaHVVuqSRhNzp761Nn/JVLJ3ssJJ
M60DBKRbzWLC6/cZl4yBg0sdhfHs7kW1l5hsGOkvdB4z/1GnAgWJDKcJO5hkiI+W
msINpEX+DFXi5RONb/DdJeWILRO1nT+w82yfuJ1WidflIVORpOa5Y2nohxx7ro7h
i+ImYONaiv7Getos9HtGMpfEa7w6MYcVQKaCJZfoxzI5WGg6BC+hKAgEu4w8lqXQ
1U2aL461fnA0DJZ90VzNwfL52Sl+pzfb3edbRiSSty+lUU0UmOHKTNzFsMizatEn
TAl71ZJqFI6m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org