Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zj39-xQy7BQRDTIxEADRm8m0tYQ.roa
File: zj39-xQy7BQRDTIxEADRm8m0tYQ.roa (raw, json)
Hash identifier: nkG4TCnG3hmbCvol6dJqzK7dwj/jhjDetwYP0i+vKoo=
Subject key identifier: CE:3D:FD:FB:14:32:EC:14:11:0D:32:31:10:00:D1:9B:C9:B4:B5:84
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018CF965B2FFD434CECFF71C5148CC3E2D21
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zj39-xQy7BQRDTIxEADRm8m0tYQ.roa
Signing time: Thu 11 Jan 2024 16:40:40 +0000
ROA not before: Thu 11 Jan 2024 16:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 212.111.207.0/24 maxlen: 24
212.111.216.0/23 maxlen: 24
77.47.242.0/23 maxlen: 24
77.47.143.0/24 maxlen: 24
195.178.141.0/24 maxlen: 24
77.47.156.0/24 maxlen: 24
77.47.157.0/24 maxlen: 24
185.143.56.0/22 maxlen: 24
77.47.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 18:16:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:65:b2:ff:d4:34:ce:cf:f7:1c:51:48:cc:3e:2d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 11 16:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce3dfdfb1432ec14110d32311000d19bc9b4b584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:2f:dd:c6:00:20:96:67:d4:fb:08:61:c6:
35:34:c0:12:46:7c:4e:bc:fd:e2:d5:cb:df:b0:28:
39:73:96:b5:c4:84:cb:2a:ac:d9:c9:a3:dc:77:53:
1b:13:5b:3e:61:90:c8:c2:c0:b0:1f:f3:a2:63:cc:
a0:79:5d:ca:c2:ab:ae:3a:a9:1d:70:b3:33:97:81:
59:58:76:d6:27:93:e8:6f:0e:32:fb:0c:5e:96:5e:
96:d1:94:24:c9:8a:92:60:00:fa:71:73:ac:9c:fb:
fe:b0:80:71:4a:f2:d5:98:4b:30:b8:74:9a:d4:f2:
78:65:bb:84:fa:71:69:2f:22:99:2a:9c:4f:cc:7b:
6d:83:26:bd:53:1d:57:63:87:e2:3c:75:51:59:99:
6f:a0:28:ac:f1:09:4b:85:b7:49:d8:64:f1:f3:bd:
2e:23:7d:c8:a5:11:28:a3:b6:04:a6:90:23:7c:9f:
26:59:9e:77:a4:d2:0a:3c:79:83:6d:ad:45:bd:80:
8c:9c:53:f4:73:7f:34:d4:2a:52:40:b1:e9:a8:24:
97:c8:83:f1:6a:e7:bd:37:d5:39:75:07:6e:6b:d9:
2e:f5:fa:3f:e4:91:bf:40:fb:0c:95:8a:46:1e:90:
2d:65:4c:a4:a9:ee:9c:35:4c:90:1c:c6:a7:59:93:
ca:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3D:FD:FB:14:32:EC:14:11:0D:32:31:10:00:D1:9B:C9:B4:B5:84
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/zj39-xQy7BQRDTIxEADRm8m0tYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/23
77.47.178.0/24
77.47.242.0/23
185.143.56.0/22
195.178.141.0/24
212.111.207.0/24
212.111.216.0/23
Signature Algorithm: sha256WithRSAEncryption
35:c5:d0:93:c3:b6:86:c5:81:2c:77:ca:d9:20:ed:d8:64:f1:
14:3a:4a:a2:2c:de:a0:6f:10:9e:f9:5a:4c:96:53:c5:92:e8:
8f:86:5d:b8:ef:17:63:84:ca:10:54:f4:0e:bd:8e:85:21:27:
26:95:dc:f9:4e:4e:6a:82:00:f7:c6:1a:2a:bc:a0:29:f3:95:
45:3e:4f:4a:ac:09:ff:ed:5e:06:78:60:fd:c3:0a:ad:f6:97:
4f:e1:f2:10:3b:af:51:72:c6:cf:a0:5d:89:d8:5d:60:9d:65:
be:a9:3a:a1:22:87:82:86:5c:f9:4b:3f:12:0d:9f:c0:f5:17:
0d:e0:19:95:f4:3c:6a:4f:32:c3:f6:4e:6a:04:a7:0b:36:c7:
79:35:86:14:38:11:a0:d1:4e:53:f5:21:53:ea:5e:a7:09:ef:
5e:22:6f:76:be:6d:d5:40:cf:f2:45:8d:93:d3:e3:24:a0:fd:
a5:d7:b1:1e:75:6e:51:41:90:57:44:68:aa:de:01:dd:76:9a:
7c:4f:5d:07:37:5e:e8:ab:3b:1c:e5:84:1d:8a:4a:97:e8:b7:
af:ed:d2:cf:e9:13:54:02:ae:bf:25:5c:38:17:7f:12:f5:d5:
f9:db:81:a6:93:1e:f3:6f:91:5d:c5:d5:d7:89:0f:ef:42:db:
e7:c1:1c:44
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYz5ZbL/1DTOz/ccUUjMPi0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTExMTY0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNkZmRmYjE0MzJlYzE0MTEwZDMyMzExMDAwZDE5YmM5YjRiNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEcv3cYAIJZn1PsIYcY1NMASRnxO
vP3i1cvfsCg5c5a1xITLKqzZyaPcd1MbE1s+YZDIwsCwH/OiY8ygeV3KwquuOqkd
cLMzl4FZWHbWJ5Pobw4y+wxell6W0ZQkyYqSYAD6cXOsnPv+sIBxSvLVmEswuHSa
1PJ4ZbuE+nFpLyKZKpxPzHttgya9Ux1XY4fiPHVRWZlvoCis8QlLhbdJ2GTx870u
I33IpREoo7YEppAjfJ8mWZ53pNIKPHmDba1FvYCMnFP0c3801CpSQLHpqCSXyIPx
aue9N9U5dQdua9ku9fo/5JG/QPsMlYpGHpAtZUykqe6cNUyQHManWZPKDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFM49/fsUMuwUEQ0yMRAA0ZvJtLWEMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvemozOS14UXk3QlFSRFRJeEVBRFJtOG0wdFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATS+PAwQB
TS+cAwQATS+yAwQBTS/yAwQCuY84AwQAw7KNAwQA1G/PAwQB1G/YMA0GCSqGSIb3
DQEBCwUAA4IBAQA1xdCTw7aGxYEsd8rZIO3YZPEUOkqiLN6gbxCe+VpMllPFkuiP
hl247xdjhMoQVPQOvY6FIScmldz5Tk5qggD3xhoqvKAp85VFPk9KrAn/7V4GeGD9
wwqt9pdP4fIQO69RcsbPoF2J2F1gnWW+qTqhIoeChlz5Sz8SDZ/A9RcN4BmV9Dxq
TzLD9k5qBKcLNsd5NYYUOBGg0U5T9SFT6l6nCe9eIm92vm3VQM/yRY2T0+MkoP2l
17EedW5RQZBXRGiq3gHddpp8T10HN17oqzsc5YQdikqX6Lev7dLP6RNUAq6/JVw4
F38S9dX524Gmkx7zb5FdxdXXiQ/vQtvnwRxE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org