Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/cOPNb-4H4pltdx9mn_VO6bPyz-o.roa
File: cOPNb-4H4pltdx9mn_VO6bPyz-o.roa (raw, json)
Hash identifier: 7SKpe5U7qOWr5rt7iKRxoD5IdmpfH88sSoAXbBHBm9Q=
Subject key identifier: 70:E3:CD:6F:EE:07:E2:99:6D:77:1F:66:9F:F5:4E:E9:B3:F2:CF:EA
Certificate issuer: /CN=c7208a8b85bcb807cad64138543263acb204448b
Certificate serial: 018DA1F320FB946629F4629694B895772614
Authority key identifier: C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/cOPNb-4H4pltdx9mn_VO6bPyz-o.roa
Signing time: Tue 13 Feb 2024 10:11:21 +0000
ROA not before: Tue 13 Feb 2024 10:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12479
IP address blocks: 37.11.0.0/16 maxlen: 24
37.14.0.0/15 maxlen: 24
37.35.128.0/17 maxlen: 24
37.97.124.0/22 maxlen: 24
62.14.0.0/15 maxlen: 24
87.216.0.0/13 maxlen: 24
146.158.128.0/17 maxlen: 24
185.4.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 10:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:f3:20:fb:94:66:29:f4:62:96:94:b8:95:77:26:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7208a8b85bcb807cad64138543263acb204448b
Validity
Not Before: Feb 13 10:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70e3cd6fee07e2996d771f669ff54ee9b3f2cfea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:db:6b:9f:a8:93:6c:f0:45:88:7c:29:ed:c5:
14:52:d3:a5:d3:27:a0:bb:f0:c3:a5:03:fe:13:53:
f0:64:96:a6:50:17:8e:3e:4b:08:b2:f6:de:6a:32:
64:02:a0:44:ed:1c:3c:83:c7:e9:04:8b:61:21:86:
21:78:cd:81:19:95:e6:9f:e8:ba:81:06:33:7f:33:
80:74:ef:b0:e9:0d:4a:e7:50:3c:aa:33:4e:8d:48:
3d:bf:f8:ad:50:64:33:5f:3a:8b:d6:67:45:5a:7e:
ce:36:a6:4f:44:20:79:4b:c0:29:b9:22:8e:13:a2:
2e:8a:44:ee:b7:2e:6b:8e:a3:65:ea:85:11:a7:62:
df:a7:83:d7:f9:7a:a9:26:7d:ef:b2:f8:7b:5b:08:
21:56:ca:7f:70:5f:13:af:5d:dc:83:20:47:72:d9:
71:e5:77:1d:5b:7f:76:c1:18:ae:0b:5a:2a:e9:7f:
94:52:dc:75:3e:0f:88:51:ac:8c:8e:1a:9b:17:3c:
7e:13:54:82:d4:95:c9:92:ce:4d:81:31:fd:bc:e1:
98:d5:33:50:94:67:f8:53:52:2f:3a:b6:6f:34:2c:
45:69:50:dc:d9:13:72:11:fa:71:76:95:a9:06:6f:
ee:b0:a7:b4:8f:c2:53:4c:71:a9:fb:5b:7a:96:e5:
a4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E3:CD:6F:EE:07:E2:99:6D:77:1F:66:9F:F5:4E:E9:B3:F2:CF:EA
X509v3 Authority Key Identifier:
keyid:C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/cOPNb-4H4pltdx9mn_VO6bPyz-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.11.0.0/16
37.14.0.0/15
37.35.128.0/17
37.97.124.0/22
62.14.0.0/15
87.216.0.0/13
146.158.128.0/17
185.4.188.0/22
Signature Algorithm: sha256WithRSAEncryption
94:1e:2c:3b:17:99:7f:22:13:8f:60:c9:2b:1e:1f:ce:a9:cb:
bc:58:d6:b1:93:b6:a5:df:ca:8b:79:21:76:e7:41:d1:16:26:
49:ce:5e:15:eb:80:e8:95:a2:94:c1:c4:0d:df:f4:31:cd:e8:
ea:fb:2e:fd:fa:29:29:04:50:02:ed:5a:69:54:3d:78:91:b1:
26:ca:a0:34:ed:46:b8:00:8f:fe:87:1a:4a:e1:0d:17:23:6a:
9e:20:86:7f:9c:e7:7a:b5:b7:64:68:ae:55:68:a4:7b:f6:cb:
3e:df:97:be:cd:9c:d2:4e:37:a8:ba:f0:c3:7c:ff:28:a7:b2:
76:3b:c9:de:cb:72:58:b1:a2:59:0b:0d:f5:46:e2:03:24:78:
54:00:ba:91:d1:07:7e:21:91:fc:f3:68:1c:9f:b8:3e:23:d9:
27:22:b0:cd:40:49:8a:88:14:42:63:87:4e:93:0d:ae:83:28:
d7:e6:38:78:49:ff:14:b4:50:cd:71:b5:29:a3:af:f6:d7:45:
b1:3b:ac:08:98:e8:19:a1:17:84:0c:7e:bd:42:7a:58:77:81:
20:c4:7a:97:7c:ab:8e:37:f8:d8:ce:71:91:7b:d5:94:b2:0f:
b9:d5:c7:78:7e:ce:c6:8b:43:91:80:88:2b:94:55:c6:33:b9:
45:02:00:10
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY2h8yD7lGYp9GKWlLiVdyYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MjA4YThiODViY2I4MDdjYWQ2NDEzODU0MzI2M2FjYjIw
NDQ0OGIwHhcNMjQwMjEzMTAxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGUzY2Q2ZmVlMDdlMjk5NmQ3NzFmNjY5ZmY1NGVlOWIzZjJjZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNtrn6iTbPBFiHwp7cUUUtOl0yeg
u/DDpQP+E1PwZJamUBeOPksIsvbeajJkAqBE7Rw8g8fpBIthIYYheM2BGZXmn+i6
gQYzfzOAdO+w6Q1K51A8qjNOjUg9v/itUGQzXzqL1mdFWn7ONqZPRCB5S8ApuSKO
E6IuikTuty5rjqNl6oURp2Lfp4PX+XqpJn3vsvh7WwghVsp/cF8Tr13cgyBHctlx
5XcdW392wRiuC1oq6X+UUtx1Pg+IUayMjhqbFzx+E1SC1JXJks5NgTH9vOGY1TNQ
lGf4U1IvOrZvNCxFaVDc2RNyEfpxdpWpBm/usKe0j8JTTHGp+1t6luWkTwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHDjzW/uB+KZbXcfZp/1Tumz8s/qMB8GA1UdIwQY
MBaAFMcgiouFvLgHytZBOFQyY6yyBESLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlDS2k0Vzh1QWZLMWtFNFZESmpyTElFUklzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNzlhM2EtZTdhMC00MDY1LWI2ZDgt
MGY2YzQxMmNmM2RmLzEvY09QTmItNEg0cGx0ZHg5bW5fVk82YlB5ei1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNzlhM2EtZTdhMC00MDY1LWI2ZDgtMGY2YzQxMmNmM2Rm
LzEveHlDS2k0Vzh1QWZLMWtFNFZESmpyTElFUklzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwMAJQsDAwEl
DgMEByUjgAMEAiVhfAMDAT4OAwMDV9gDBAeSnoADBAK5BLwwDQYJKoZIhvcNAQEL
BQADggEBAJQeLDsXmX8iE49gySseH86py7xY1rGTtqXfyot5IXbnQdEWJknOXhXr
gOiVopTBxA3f9DHN6Or7Lv36KSkEUALtWmlUPXiRsSbKoDTtRrgAj/6HGkrhDRcj
ap4ghn+c53q1t2RorlVopHv2yz7fl77NnNJON6i68MN8/yinsnY7yd7LclixolkL
DfVG4gMkeFQAupHRB34hkfzzaByfuD4j2ScisM1ASYqIFEJjh06TDa6DKNfmOHhJ
/xS0UM1xtSmjr/bXRbE7rAiY6BmhF4QMfr1Celh3gSDEepd8q443+NjOcZF71ZSy
D7nVx3h+zsaLQ5GAiCuUVcYzuUUCABA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org