Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/vJ2Ip5WhVPBnM-f96-UBvu9h7L4.roa
File: vJ2Ip5WhVPBnM-f96-UBvu9h7L4.roa (raw, json)
Hash identifier: ZgnQ7sqwG98oJpAWtMCto0hJEE0uv+JqsONmvswGc+0=
Subject key identifier: BC:9D:88:A7:95:A1:54:F0:67:33:E7:FD:EB:E5:01:BE:EF:61:EC:BE
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018682CA81D4315300AB3EF60C796CF0CDFC
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/vJ2Ip5WhVPBnM-f96-UBvu9h7L4.roa
Signing time: Fri 24 Feb 2023 09:39:14 +0000
ROA not before: Fri 24 Feb 2023 09:39:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.47.212.0/23 maxlen: 24
77.47.210.0/23 maxlen: 24
77.47.240.0/24 maxlen: 24
77.47.244.0/22 maxlen: 24
77.47.156.0/22 maxlen: 24
195.178.140.0/24 maxlen: 24
195.178.141.0/24 maxlen: 24
195.178.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 18:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:ca:81:d4:31:53:00:ab:3e:f6:0c:79:6c:f0:cd:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 24 09:39:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc9d88a795a154f06733e7fdebe501beef61ecbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:8d:94:02:08:ae:ac:b8:da:a3:09:09:7e:
da:d7:05:ec:20:47:f4:f6:f5:b5:88:f1:2b:18:75:
f5:dc:86:d1:ba:21:2e:7e:22:b9:5c:c3:13:57:33:
e7:ec:53:f3:90:c9:f7:d7:38:8b:9f:d3:60:30:26:
e9:58:fb:c9:05:00:1e:ef:fd:ea:78:05:39:cb:fe:
f6:8f:74:85:01:d5:f0:c2:5b:cc:b2:6b:f3:23:a9:
1c:fb:23:15:12:54:56:b7:c5:66:13:db:5e:37:2a:
8f:49:21:b3:55:18:78:df:1b:e2:36:49:f7:3c:0c:
ea:20:63:f4:38:c8:46:dc:a1:ea:a1:e9:86:49:97:
0e:7b:7f:27:81:21:3a:9a:e6:19:e2:94:75:cd:9e:
c6:82:07:6a:c9:23:59:25:91:78:e2:0d:74:78:56:
c0:75:5a:ef:df:e3:84:75:87:08:be:2c:c1:db:ce:
d4:e0:7c:24:85:b8:fb:f1:53:34:1e:29:b0:9a:d3:
62:39:b6:03:29:bc:a4:ad:db:75:58:4d:e1:dc:07:
4c:b6:c7:b7:48:6f:16:fd:3e:4e:5b:13:fc:5f:4a:
bb:f4:72:30:73:d5:96:bc:65:1f:de:71:93:13:0d:
d7:ec:78:7e:53:a2:10:e7:07:0b:68:c1:7e:07:f1:
d7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9D:88:A7:95:A1:54:F0:67:33:E7:FD:EB:E5:01:BE:EF:61:EC:BE
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/vJ2Ip5WhVPBnM-f96-UBvu9h7L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.156.0/22
77.47.210.0-77.47.213.255
77.47.240.0/24
77.47.244.0/22
195.178.140.0/23
195.178.146.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ad:22:90:66:e3:62:6e:67:b8:2c:46:ea:50:65:26:ac:27:
0a:39:fa:e3:fb:5a:22:19:a9:1f:6b:3e:53:7d:af:8b:c7:36:
a4:f3:ca:b8:b4:c6:1b:ff:20:6b:0f:1d:d8:bf:b8:2b:a1:08:
20:45:55:32:78:f4:d1:0c:64:96:ce:72:21:ad:36:e3:0e:c6:
bd:33:1b:f0:1d:f7:b5:e6:35:50:f3:d1:83:54:66:84:16:78:
8e:e0:ff:a2:e4:0e:19:72:17:f7:79:3d:61:df:55:20:14:3a:
01:30:0d:1e:2b:89:53:aa:e7:28:c4:fb:01:1a:c3:a8:d0:7d:
0e:a3:63:a0:36:a4:58:47:d9:86:4b:27:22:56:c7:a1:18:91:
86:13:bc:96:22:38:34:96:c7:bb:18:9c:77:40:dc:bb:c5:95:
55:ea:0e:c0:0c:ff:bb:65:da:7e:4a:e4:54:64:94:33:81:28:
3d:39:19:13:5f:b8:a2:73:af:78:7a:fb:b6:af:5a:7d:74:71:
4b:2c:24:81:29:64:d6:13:78:59:01:b6:db:a4:25:1b:fb:87:
5f:8d:22:20:5b:4f:e7:15:90:1e:2d:77:07:ec:7b:c2:e4:16:
4a:47:58:b3:49:af:da:96:6a:f2:3e:1f:93:54:d9:4a:dd:12:
c5:0f:8b:26
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYaCyoHUMVMAqz72DHls8M38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMjI0MDkzOTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzlkODhhNzk1YTE1NGYwNjczM2U3ZmRlYmU1MDFiZWVmNjFlY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7ONlAIIrqy42qMJCX7a1wXsIEf0
9vW1iPErGHX13IbRuiEufiK5XMMTVzPn7FPzkMn31ziLn9NgMCbpWPvJBQAe7/3q
eAU5y/72j3SFAdXwwlvMsmvzI6kc+yMVElRWt8VmE9teNyqPSSGzVRh43xviNkn3
PAzqIGP0OMhG3KHqoemGSZcOe38ngSE6muYZ4pR1zZ7GggdqySNZJZF44g10eFbA
dVrv3+OEdYcIvizB287U4Hwkhbj78VM0HimwmtNiObYDKbykrdt1WE3h3AdMtse3
SG8W/T5OWxP8X0q79HIwc9WWvGUf3nGTEw3X7Hh+U6IQ5wcLaMF+B/HXYwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLydiKeVoVTwZzPn/evlAb7vYey+MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvdkoySXA1V2hWUEJuTS1mOTYtVUJ2dTloN0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCTS+cMAwD
BAFNL9IDBAFNL9QDBABNL/ADBAJNL/QDBAHDsowDBADDspIwDQYJKoZIhvcNAQEL
BQADggEBAG6tIpBm42JuZ7gsRupQZSasJwo5+uP7WiIZqR9rPlN9r4vHNqTzyri0
xhv/IGsPHdi/uCuhCCBFVTJ49NEMZJbOciGtNuMOxr0zG/Ad97XmNVDz0YNUZoQW
eI7g/6LkDhlyF/d5PWHfVSAUOgEwDR4riVOq5yjE+wEaw6jQfQ6jY6A2pFhH2YZL
JyJWx6EYkYYTvJYiODSWx7sYnHdA3LvFlVXqDsAM/7tl2n5K5FRklDOBKD05GRNf
uKJzr3h6+7avWn10cUssJIEpZNYTeFkBttukJRv7h1+NIiBbT+cVkB4tdwfse8Lk
FkpHWLNJr9qWavI+H5NU2UrdEsUPiyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org