Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SoZ4lHyF32Nhc4GsjZ3hC_P5iV0.roa
File: SoZ4lHyF32Nhc4GsjZ3hC_P5iV0.roa (raw, json)
Hash identifier: T3HyskfSTwwuBAgYgWhypY8DgBaEJUCMmcJnZ58RKE8=
Subject key identifier: 4A:86:78:94:7C:85:DF:63:61:73:81:AC:8D:9D:E1:0B:F3:F9:89:5D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A4172EF0D474E7863C87DA6511B5D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SoZ4lHyF32Nhc4GsjZ3hC_P5iV0.roa
Signing time: Mon 02 Jan 2023 12:34:52 +0000
ROA not before: Mon 02 Jan 2023 12:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210542
IP address blocks: 188.214.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jul 2023 13:38:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:41:72:ef:0d:47:4e:78:63:c8:7d:a6:51:1b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8678947c85df63617381ac8d9de10bf3f9895d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d5:41:9c:de:c8:cb:31:f0:eb:8a:65:32:1b:
8d:17:0d:c6:8a:59:1d:01:a5:a7:12:2c:93:21:9a:
0d:0c:2c:a2:d7:35:8e:1b:8c:f1:0b:37:ef:97:e3:
51:51:72:77:49:26:89:7c:f8:13:4e:cc:2d:ae:b2:
d2:c8:d3:29:78:23:15:90:9b:7e:fe:1a:c1:60:b0:
df:44:b7:14:e3:c7:fc:ca:11:0d:c5:6f:1b:fe:13:
d1:42:f7:7c:f1:bb:3e:f6:3d:a4:ca:33:ef:3d:76:
9f:a7:0a:8a:09:21:33:1e:36:99:c6:9a:03:28:55:
86:67:78:04:0c:95:1c:6f:e5:c9:8b:96:d6:ad:60:
24:95:d3:d3:1d:aa:24:9d:84:f8:9d:da:48:9a:a1:
f3:62:e9:ad:51:c2:24:f1:dc:38:85:c5:d9:84:8c:
a9:a0:4e:d7:f8:11:50:66:24:42:2d:a6:b3:84:ff:
3e:7d:95:53:11:72:d0:61:67:69:12:7c:ed:f3:13:
de:08:b9:17:6a:cb:4e:43:89:4a:01:bc:5b:3d:25:
c9:4c:77:d9:7d:46:8d:56:ee:f0:ab:f8:4c:72:b5:
14:38:37:47:2c:99:6b:70:44:23:d4:41:0e:db:e7:
11:6a:0e:d7:9e:91:4a:be:7d:8f:78:78:25:05:57:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:86:78:94:7C:85:DF:63:61:73:81:AC:8D:9D:E1:0B:F3:F9:89:5D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SoZ4lHyF32Nhc4GsjZ3hC_P5iV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
75:ec:4c:ae:9b:1c:ec:b0:d8:2b:ff:5b:7b:51:f6:d3:8e:1a:
ff:a6:79:3c:f0:53:75:aa:aa:7b:29:55:be:e0:9b:8e:09:2d:
67:74:7c:cd:f4:a1:54:79:4f:be:98:c2:ba:a1:a1:51:21:1d:
a9:1a:bd:02:98:61:a3:6f:a9:51:ca:af:18:38:ff:3d:eb:91:
e9:4d:23:47:5a:7b:3f:7f:59:a1:76:66:c5:d3:bf:c9:76:83:
f3:b6:3d:2b:81:80:d1:8a:0b:a4:b8:ed:e4:fb:51:0a:32:65:
84:9d:c4:db:49:5b:69:ca:62:43:8c:14:ae:61:4f:6f:75:23:
15:16:ee:79:e0:93:06:7d:2f:72:c6:2a:4d:1d:72:1f:b4:cd:
20:df:94:01:36:58:7a:24:cc:b8:96:bf:da:95:8f:03:b9:e8:
86:78:2c:75:a1:ff:7e:da:cb:cc:89:00:dc:b7:e0:8f:45:cc:
0d:70:e9:42:40:31:a9:91:98:97:a9:2e:06:c8:d7:50:e1:b8:
8f:0c:c0:f9:e2:9b:cf:9e:45:e1:ff:c1:f5:c2:4a:4a:0d:53:
8e:06:77:24:83:d5:8b:2b:19:44:da:e0:a0:8a:b9:15:8a:36:
02:67:59:5e:0c:22:a8:6b:ef:f0:c1:2d:9f:a5:de:d3:f1:7c:
ac:de:9a:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyekFy7w1HTnhjyH2mURtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg2Nzg5NDdjODVkZjYzNjE3MzgxYWM4ZDlkZTEwYmYzZjk4OTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9VBnN7IyzHw64plMhuNFw3Gilkd
AaWnEiyTIZoNDCyi1zWOG4zxCzfvl+NRUXJ3SSaJfPgTTswtrrLSyNMpeCMVkJt+
/hrBYLDfRLcU48f8yhENxW8b/hPRQvd88bs+9j2kyjPvPXafpwqKCSEzHjaZxpoD
KFWGZ3gEDJUcb+XJi5bWrWAkldPTHaoknYT4ndpImqHzYumtUcIk8dw4hcXZhIyp
oE7X+BFQZiRCLaazhP8+fZVTEXLQYWdpEnzt8xPeCLkXastOQ4lKAbxbPSXJTHfZ
fUaNVu7wq/hMcrUUODdHLJlrcEQj1EEO2+cRag7XnpFKvn2PeHglBVdZzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqGeJR8hd9jYXOBrI2d4Qvz+YldMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvU29aNGxIeUYzMk5oYzRHc2paM2hDX1A1aVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNbsMA0G
CSqGSIb3DQEBCwUAA4IBAQB17EyumxzssNgr/1t7UfbTjhr/pnk88FN1qqp7KVW+
4JuOCS1ndHzN9KFUeU++mMK6oaFRIR2pGr0CmGGjb6lRyq8YOP8965HpTSNHWns/
f1mhdmbF07/JdoPztj0rgYDRigukuO3k+1EKMmWEncTbSVtpymJDjBSuYU9vdSMV
Fu554JMGfS9yxipNHXIftM0g35QBNlh6JMy4lr/alY8DueiGeCx1of9+2svMiQDc
t+CPRcwNcOlCQDGpkZiXqS4GyNdQ4biPDMD54pvPnkXh/8H1wkpKDVOOBnckg9WL
KxlE2uCgirkVijYCZ1leDCKoa+/wwS2fpd7T8Xys3pqo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org