Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Dwx1tA2-AhxkjSBi1STK3SiTCM.roa
File: 7Dwx1tA2-AhxkjSBi1STK3SiTCM.roa (raw, json)
Hash identifier: spxtCPd4bN98bHEkGpBKdjjpCidJpU4J1+UvyFwrWM4=
Subject key identifier: EC:3C:31:D6:D0:36:F8:08:71:92:34:81:8B:54:93:2B:74:A2:4C:23
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018A40E773CAC70B704949E045A413FC9822
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Dwx1tA2-AhxkjSBi1STK3SiTCM.roa
Signing time: Tue 29 Aug 2023 10:47:04 +0000
ROA not before: Tue 29 Aug 2023 10:47:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
5.226.48.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 14:04:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:e7:73:ca:c7:0b:70:49:49:e0:45:a4:13:fc:98:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 29 10:47:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec3c31d6d036f808719234818b54932b74a24c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7c:71:2d:e5:f9:75:81:56:de:9c:74:07:9e:
7d:b2:02:e6:a7:42:e4:17:fc:8a:03:f8:45:c3:8e:
3b:86:2e:22:0b:2e:bd:c9:46:27:c1:bf:b5:d0:a1:
0e:fa:a4:2c:3f:e2:6d:f2:f9:7a:6c:72:62:1f:2b:
4c:0e:b2:01:13:40:54:f9:96:f5:f4:82:39:71:4d:
20:93:7a:8c:4b:6b:8e:36:2c:16:0f:00:7e:b4:db:
51:10:7d:ce:d1:a7:c6:bd:90:b1:d0:52:b3:97:c2:
5f:3a:0b:a9:98:77:9f:6e:ab:1b:b9:80:51:72:c4:
9f:e6:8a:93:e0:70:35:cd:2c:87:6f:91:7b:66:1d:
3d:bc:b4:e8:bc:a4:c0:9a:47:25:f0:02:72:12:da:
8d:f2:e1:13:b0:96:b7:6b:0d:22:8d:51:07:44:ce:
ac:6e:ce:1c:f8:fd:2e:66:94:71:bd:8a:3e:4d:e2:
96:a8:3d:ff:48:ff:42:b1:72:b4:8d:af:ae:d2:98:
30:56:f8:e4:ad:7b:f4:e1:c3:80:0f:df:d7:a8:48:
29:ee:22:b2:a4:a6:c6:b5:a3:5a:04:84:ec:7e:97:
99:e0:c8:fb:95:c0:4e:b9:52:a9:78:37:49:8d:32:
91:70:2c:5f:db:74:21:46:90:a7:ec:b0:e0:77:2e:
54:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3C:31:D6:D0:36:F8:08:71:92:34:81:8B:54:93:2B:74:A2:4C:23
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7Dwx1tA2-AhxkjSBi1STK3SiTCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.48.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:20:a8:68:c4:2d:02:44:7e:17:b6:da:77:db:36:77:c9:32:
3c:61:a6:e0:36:83:83:74:3b:3b:96:af:f9:28:d2:37:cf:37:
43:b0:92:85:92:21:eb:ef:50:0c:d5:a3:45:2b:6d:b1:80:3b:
c3:f3:39:66:9f:36:9f:37:c7:1d:d3:69:30:38:37:a9:a6:8b:
ac:94:11:59:96:21:27:55:60:58:17:6d:f2:ce:1c:c4:07:10:
a9:25:a4:8d:f4:87:6b:75:70:e7:d7:bd:12:95:f0:19:3d:91:
30:29:a3:2b:d1:7c:e2:ef:69:74:47:03:0d:45:25:7d:3d:b9:
23:60:ff:26:13:67:3b:a8:8a:55:c4:f0:89:9a:aa:52:32:36:
e2:67:34:cd:d7:c4:2d:a2:93:c2:f4:a8:de:d3:fa:a9:d3:b2:
9f:94:fa:c2:1b:20:bf:25:65:75:13:85:c4:96:c1:ea:9c:cc:
6b:0b:d5:c0:3a:c5:85:60:89:a0:2c:f0:f1:69:87:6a:2a:74:
46:c3:dd:6f:49:65:f6:ce:f9:8d:2e:87:0a:b4:f9:9a:25:e0:
a9:a0:f6:71:9d:9e:d2:ab:46:03:f1:08:8b:c3:fa:e9:70:71:
c4:46:69:79:ff:cc:95:ec:6e:91:ed:50:02:40:86:c6:3c:bb:
c5:31:9c:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpA53PKxwtwSUngRaQT/JgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODI5MTA0NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNjMzFkNmQwMzZmODA4NzE5MjM0ODE4YjU0OTMyYjc0YTI0YzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnxxLeX5dYFW3px0B559sgLmp0Lk
F/yKA/hFw447hi4iCy69yUYnwb+10KEO+qQsP+Jt8vl6bHJiHytMDrIBE0BU+Zb1
9II5cU0gk3qMS2uONiwWDwB+tNtREH3O0afGvZCx0FKzl8JfOgupmHefbqsbuYBR
csSf5oqT4HA1zSyHb5F7Zh09vLTovKTAmkcl8AJyEtqN8uETsJa3aw0ijVEHRM6s
bs4c+P0uZpRxvYo+TeKWqD3/SP9CsXK0ja+u0pgwVvjkrXv04cOAD9/XqEgp7iKy
pKbGtaNaBITsfpeZ4Mj7lcBOuVKpeDdJjTKRcCxf23QhRpCn7LDgdy5UUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOw8MdbQNvgIcZI0gYtUkyt0okwjMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvN0R3eDF0QTItQWh4a2pTQmkxU1RLM1NpVENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBeIwAwQC
uSTAAwQCudzsAwQCufi4AwQC1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQCkIKhoxC0C
RH4Xttp32zZ3yTI8YabgNoODdDs7lq/5KNI3zzdDsJKFkiHr71AM1aNFK22xgDvD
8zlmnzafN8cd02kwODeppouslBFZliEnVWBYF23yzhzEBxCpJaSN9IdrdXDn170S
lfAZPZEwKaMr0Xzi72l0RwMNRSV9PbkjYP8mE2c7qIpVxPCJmqpSMjbiZzTN18Qt
opPC9Kje0/qp07KflPrCGyC/JWV1E4XElsHqnMxrC9XAOsWFYImgLPDxaYdqKnRG
w91vSWX2zvmNLocKtPmaJeCpoPZxnZ7Sq0YD8QiLw/rpcHHERml5/8yV7G6R7VAC
QIbGPLvFMZxe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org