Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/l8WoWHO2zxKlGFBUUvxUT4rroYE.roa
File: l8WoWHO2zxKlGFBUUvxUT4rroYE.roa (raw, json)
Hash identifier: eldLUonyqJ6YdHXmzN+w6mdKm+TXv/L4lq5wmE5mggM=
Subject key identifier: 97:C5:A8:58:73:B6:CF:12:A5:18:50:54:52:FC:54:4F:8A:EB:A1:81
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC82D21EA9B6BA39438967981A658C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/l8WoWHO2zxKlGFBUUvxUT4rroYE.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210110
IP address blocks: 37.123.192.0/21 maxlen: 24
82.115.30.0/23 maxlen: 24
185.148.12.0/22 maxlen: 24
185.212.60.0/22 maxlen: 24
185.218.4.0/22 maxlen: 24
212.107.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 14:34:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:82:d2:1e:a9:b6:ba:39:43:89:67:98:1a:65:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97c5a85873b6cf12a518505452fc544f8aeba181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7d:a4:66:c5:2f:1e:4b:25:ce:ee:49:c8:2f:
88:07:58:c1:d9:60:1c:00:40:53:5a:85:9b:13:44:
34:bd:9c:7c:f7:d8:51:b5:91:33:07:8d:08:7b:32:
3c:f1:fe:d7:be:f6:b0:d2:28:4d:b1:e1:6d:82:7d:
42:ba:21:13:96:0e:be:ce:9c:d5:85:9c:21:52:ff:
bb:61:99:89:5a:a2:a5:e2:85:d6:3b:07:cb:aa:8d:
38:21:b8:9e:8b:5a:63:18:f1:be:c1:ea:51:11:f4:
e5:76:54:1f:ec:31:3c:20:43:2f:93:ce:7d:1b:5f:
0e:df:0a:ee:ae:e4:77:ef:70:58:90:4b:40:4c:3a:
8e:88:22:3b:1f:8d:31:d0:7e:37:cd:45:22:99:46:
87:4d:58:e4:d3:42:65:ee:25:99:1b:fc:f8:b4:3f:
6d:44:a0:db:f9:6e:79:0b:5a:f8:91:11:9a:33:88:
46:2d:ce:49:1c:28:48:20:ac:6f:df:0f:c3:d9:05:
20:ee:c1:71:c7:8b:1e:ea:01:ed:a2:45:0c:a8:da:
47:a2:97:cf:f1:7c:c5:ce:83:74:1c:f1:d4:ed:36:
73:5d:5b:a7:e2:11:83:a9:b7:e8:4d:06:f4:50:3f:
76:f9:44:d6:c0:09:79:70:20:26:2f:57:89:03:d9:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C5:A8:58:73:B6:CF:12:A5:18:50:54:52:FC:54:4F:8A:EB:A1:81
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/l8WoWHO2zxKlGFBUUvxUT4rroYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.192.0/21
82.115.30.0/23
185.148.12.0/22
185.212.60.0/22
185.218.4.0/22
212.107.28.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:10:31:23:b2:5b:d3:f1:81:2e:1c:05:8a:7f:13:45:e2:3b:
2a:5d:c9:2c:67:e0:95:81:10:25:ad:87:fc:92:ec:17:48:48:
0b:d4:8d:ba:df:50:52:42:7a:5a:51:3e:66:c0:34:a1:dd:73:
ac:00:6e:f6:09:e6:4a:14:9e:2b:03:66:62:36:d8:60:c4:17:
30:bb:b7:36:1b:1e:28:f1:2b:3f:9a:62:4a:52:1e:3a:11:32:
e7:22:7e:2f:78:de:9d:ea:7c:49:63:a3:5c:ba:97:b4:e3:d7:
25:8e:ef:9b:3d:60:23:59:51:c9:36:bc:29:9f:d9:45:2c:d6:
b2:07:cb:ce:33:e1:ea:4d:5b:ae:eb:22:25:d5:ea:38:35:4d:
df:eb:37:88:37:51:dd:e3:57:77:6a:f2:e3:82:9f:17:d9:60:
5e:06:93:c0:29:ac:d0:ec:2a:3e:60:62:b0:15:b7:58:59:57:
ec:d2:96:46:0a:ab:c9:e9:ae:ff:09:95:4b:5d:8b:7b:95:73:
91:d9:c5:9f:d8:65:95:f0:18:8f:3d:70:c2:31:c5:d6:04:a1:
2e:62:b0:10:84:39:72:08:b6:2d:58:1f:d3:cd:07:d5:5e:8c:
50:37:bd:28:ac:33:5c:fb:fc:e0:67:c6:c5:9a:e9:6e:72:e7:
6d:94:fd:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/ILSHqm2ujlDiWeYGmWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M1YTg1ODczYjZjZjEyYTUxODUwNTQ1MmZjNTQ0ZjhhZWJhMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H2kZsUvHkslzu5JyC+IB1jB2WAc
AEBTWoWbE0Q0vZx899hRtZEzB40IezI88f7Xvvaw0ihNseFtgn1CuiETlg6+zpzV
hZwhUv+7YZmJWqKl4oXWOwfLqo04Ibiei1pjGPG+wepREfTldlQf7DE8IEMvk859
G18O3wruruR373BYkEtATDqOiCI7H40x0H43zUUimUaHTVjk00Jl7iWZG/z4tD9t
RKDb+W55C1r4kRGaM4hGLc5JHChIIKxv3w/D2QUg7sFxx4se6gHtokUMqNpHopfP
8XzFzoN0HPHU7TZzXVun4hGDqbfoTQb0UD92+UTWwAl5cCAmL1eJA9mTuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJfFqFhzts8SpRhQVFL8VE+K66GBMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbDhXb1dITzJ6eEtsR0ZCVVV2eFVUNHJyb1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJXvAAwQB
UnMeAwQCuZQMAwQCudQ8AwQCudoEAwQC1GscMA0GCSqGSIb3DQEBCwUAA4IBAQAK
EDEjslvT8YEuHAWKfxNF4jsqXcksZ+CVgRAlrYf8kuwXSEgL1I2631BSQnpaUT5m
wDSh3XOsAG72CeZKFJ4rA2ZiNthgxBcwu7c2Gx4o8Ss/mmJKUh46ETLnIn4veN6d
6nxJY6Ncupe049clju+bPWAjWVHJNrwpn9lFLNayB8vOM+HqTVuu6yIl1eo4NU3f
6zeIN1Hd41d3avLjgp8X2WBeBpPAKazQ7Co+YGKwFbdYWVfs0pZGCqvJ6a7/CZVL
XYt7lXOR2cWf2GWV8BiPPXDCMcXWBKEuYrAQhDlyCLYtWB/TzQfVXoxQN70orDNc
+/zgZ8bFmulucudtlP1z
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:09:14 2025 by rpki-client