Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SobTqxcCvG4YVzNyP4yvHsuPPb8.roa
File: SobTqxcCvG4YVzNyP4yvHsuPPb8.roa (raw, json)
Hash identifier: v5rPOvHWoGbZ+6ObHgktPsWCVdLTjhFFwJEvO7Co/D8=
Subject key identifier: 4A:86:D3:AB:17:02:BC:6E:18:57:33:72:3F:8C:AF:1E:CB:8F:3D:BF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019053CDCCA9F6D9D5D31F1A121BB754753A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SobTqxcCvG4YVzNyP4yvHsuPPb8.roa
Signing time: Wed 26 Jun 2024 09:08:34 +0000
ROA not before: Wed 26 Jun 2024 09:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210110
IP address blocks: 37.123.192.0/21 maxlen: 24
82.115.30.0/23 maxlen: 24
185.148.12.0/22 maxlen: 24
185.212.60.0/22 maxlen: 24
185.218.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 20:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:cd:cc:a9:f6:d9:d5:d3:1f:1a:12:1b:b7:54:75:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 26 09:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a86d3ab1702bc6e185733723f8caf1ecb8f3dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3b:8e:19:7f:ab:42:fa:58:31:8d:f5:96:d7:
ce:31:97:49:eb:67:3a:85:25:f3:6a:aa:7c:d7:e2:
5c:cb:82:3a:a1:59:88:92:9a:93:99:0a:07:87:a9:
7c:ee:c3:85:f5:f6:4b:7f:7b:10:46:0d:69:4a:aa:
5e:6b:4d:07:2f:65:05:32:9d:41:79:2d:34:64:83:
59:6d:1a:be:58:66:21:68:cc:98:21:b6:bc:b5:1e:
4b:2d:04:d3:85:61:12:a3:10:e9:b7:72:bb:26:4b:
40:80:18:41:48:02:21:e2:14:65:e4:59:de:ce:05:
12:1a:49:96:c6:4c:30:f4:6a:68:b2:d8:07:60:67:
3a:a6:51:8d:99:bd:68:77:03:cb:4d:28:9f:a3:e0:
9f:b0:8c:f0:c7:7c:db:e6:89:c6:42:20:2a:03:ed:
9c:43:a0:4f:5f:a1:bd:2f:f8:56:11:5d:00:78:0f:
20:b0:cf:c5:2b:50:a7:95:e4:bd:df:14:b8:02:2a:
0c:d8:7b:9f:89:6c:21:ee:d3:5b:b1:94:e8:83:3f:
2a:a1:6d:39:a7:f5:45:da:c1:3a:72:c5:4f:dc:5f:
6e:79:34:12:aa:64:b0:df:f6:05:c2:24:74:13:47:
41:5e:7d:14:95:cd:f6:3f:fb:ff:a3:21:8b:99:ad:
e3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:86:D3:AB:17:02:BC:6E:18:57:33:72:3F:8C:AF:1E:CB:8F:3D:BF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/SobTqxcCvG4YVzNyP4yvHsuPPb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.192.0/21
82.115.30.0/23
185.148.12.0/22
185.212.60.0/22
185.218.4.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:5f:b7:0f:9c:69:e5:1f:e2:5f:e9:9a:df:f3:0e:57:3b:e5:
12:2c:a8:01:c7:b4:18:34:f4:70:5a:6c:c0:c6:ad:79:fa:a1:
ca:6b:e1:f2:4f:e4:f0:92:7f:2e:06:fc:b0:82:e3:76:44:4f:
05:5a:2e:53:ba:9f:6e:c8:d8:2c:e7:f2:c0:e7:7a:5f:60:de:
92:ad:83:2c:9a:fd:cc:a4:18:a2:24:6f:df:1b:0b:ec:64:00:
96:79:6e:a9:d8:30:bc:ae:26:13:f6:c4:67:00:01:db:3f:a0:
7b:ac:46:f1:da:16:13:8f:88:be:7d:ac:93:29:4f:64:6a:7e:
99:d4:7c:d4:a9:3f:33:61:8d:68:e1:42:dc:cf:08:a5:27:1b:
38:4d:3d:a4:1f:77:96:94:04:f9:13:ee:8b:c6:86:be:fe:0d:
47:d4:d5:7d:9f:21:b0:d0:aa:db:20:37:50:2e:dc:22:6e:4b:
ec:0e:cf:7c:6f:48:0b:f5:6b:89:d5:56:01:4a:c1:b5:6f:30:
6e:c5:ab:7f:e6:3d:78:57:1e:7b:b1:c6:a7:c6:80:4b:41:6c:
df:c0:32:42:94:16:dd:31:c9:df:6d:35:20:9a:9f:a9:5c:af:
67:98:05:cd:ed:a7:4e:f2:5c:f7:8a:49:b9:66:c7:60:91:62:
c5:cb:14:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZBTzcyp9tnV0x8aEhu3VHU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI2MDkwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg2ZDNhYjE3MDJiYzZlMTg1NzMzNzIzZjhjYWYxZWNiOGYzZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DuOGX+rQvpYMY31ltfOMZdJ62c6
hSXzaqp81+Jcy4I6oVmIkpqTmQoHh6l87sOF9fZLf3sQRg1pSqpea00HL2UFMp1B
eS00ZINZbRq+WGYhaMyYIba8tR5LLQTThWESoxDpt3K7JktAgBhBSAIh4hRl5Fne
zgUSGkmWxkww9GpostgHYGc6plGNmb1odwPLTSifo+CfsIzwx3zb5onGQiAqA+2c
Q6BPX6G9L/hWEV0AeA8gsM/FK1CnleS93xS4AioM2HufiWwh7tNbsZTogz8qoW05
p/VF2sE6csVP3F9ueTQSqmSw3/YFwiR0E0dBXn0Ulc32P/v/oyGLma3jqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEqG06sXArxuGFczcj+Mrx7Ljz2/MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvU29iVHF4Y0N2RzRZVnpOeVA0eXZIc3VQUGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJXvAAwQB
UnMeAwQCuZQMAwQCudQ8AwQCudoEMA0GCSqGSIb3DQEBCwUAA4IBAQBqX7cPnGnl
H+Jf6Zrf8w5XO+USLKgBx7QYNPRwWmzAxq15+qHKa+HyT+Twkn8uBvywguN2RE8F
Wi5Tup9uyNgs5/LA53pfYN6SrYMsmv3MpBiiJG/fGwvsZACWeW6p2DC8riYT9sRn
AAHbP6B7rEbx2hYTj4i+fayTKU9kan6Z1HzUqT8zYY1o4ULczwilJxs4TT2kH3eW
lAT5E+6Lxoa+/g1H1NV9nyGw0KrbIDdQLtwibkvsDs98b0gL9WuJ1VYBSsG1bzBu
xat/5j14Vx57scanxoBLQWzfwDJClBbdMcnfbTUgmp+pXK9nmAXN7adO8lz3ikm5
ZsdgkWLFyxQ3
-----END CERTIFICATE-----
Generated at Tue Jul 23 22:49:39 2024 by rpki-client on console-ams.rpki-client.org