Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tw3l9G0-2gOUbvsh_3_8EgZwA_U.roa
File: tw3l9G0-2gOUbvsh_3_8EgZwA_U.roa (raw, json)
Hash identifier: Nb7R79NL/RF7zFrZobkVz/Z6BCCdsbgSV5oiTZMGktU=
Subject key identifier: B7:0D:E5:F4:6D:3E:DA:03:94:6E:FB:21:FF:7F:FC:12:06:70:03:F5
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A426059A1FB6213082D96C9FB0955
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tw3l9G0-2gOUbvsh_3_8EgZwA_U.roa
Signing time: Mon 02 Jan 2023 12:34:52 +0000
ROA not before: Mon 02 Jan 2023 12:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211686
IP address blocks: 185.148.12.0/23 maxlen: 24
37.123.192.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:42:60:59:a1:fb:62:13:08:2d:96:c9:fb:09:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b70de5f46d3eda03946efb21ff7ffc12067003f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:25:7a:39:b7:c8:a2:59:7c:93:85:6a:fd:d8:
23:8c:64:3d:3e:da:9f:5f:97:52:e3:5e:18:f6:16:
91:94:f4:6b:bf:97:37:95:76:7e:7e:4e:7f:2b:33:
e8:98:91:b8:04:ff:9b:62:bc:b0:0f:60:09:a3:5d:
29:2d:52:a1:c9:00:3d:c6:76:1d:63:3d:86:64:50:
b5:22:ca:d5:b0:04:cf:59:f6:e4:94:a6:37:3c:da:
8e:9b:d0:13:86:c2:8f:6c:e2:cf:e5:e5:22:ee:50:
b1:17:9f:fe:75:76:55:a0:83:8c:3c:72:80:4b:f9:
e2:e3:d8:2a:0a:ea:cd:4b:34:16:3e:32:9b:a2:72:
06:ec:eb:a9:9b:0f:4d:43:62:27:65:9c:a8:82:e3:
22:76:91:5a:51:4b:9a:53:d5:42:77:f3:bc:1c:49:
05:ec:a7:55:0e:dd:6e:22:0b:bf:8f:92:64:14:0e:
10:52:f1:93:d2:5b:6a:e3:b7:bf:b4:4b:d1:c6:f0:
03:77:e1:63:be:20:0d:84:89:67:3e:dd:90:7f:61:
05:d3:d1:a3:22:3a:51:f5:84:f3:8e:0f:ca:0a:68:
34:78:5b:3f:f2:0c:b7:bc:e9:57:0a:67:89:c9:16:
21:2b:c0:b7:65:45:91:83:e0:07:66:63:9a:d1:a4:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0D:E5:F4:6D:3E:DA:03:94:6E:FB:21:FF:7F:FC:12:06:70:03:F5
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tw3l9G0-2gOUbvsh_3_8EgZwA_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.192.0/23
185.148.12.0/23
Signature Algorithm: sha256WithRSAEncryption
20:17:a9:1a:dc:8b:9b:4d:6d:71:8b:1a:ea:9a:7b:8e:9b:5f:
13:de:ca:69:f9:05:bb:56:95:0d:c1:5e:34:4e:c1:ba:fd:ed:
43:57:21:27:90:2e:9d:2d:0a:95:3b:6a:77:42:b4:7f:7c:6d:
95:76:27:c6:5b:41:66:b7:2d:01:b2:43:b5:e2:23:e2:40:47:
6d:c4:bd:0d:b3:dd:71:e4:a2:cc:52:0a:27:70:cc:34:8f:2f:
38:58:03:da:f5:b1:fd:a9:05:9d:bb:97:42:ba:20:79:c8:fb:
24:fe:61:3f:a2:d4:5a:d3:8d:5b:6a:69:b8:c7:ea:16:1d:49:
9d:02:f3:4c:40:c7:e8:a8:49:b1:1d:c5:1f:a3:54:ed:68:af:
97:1a:b7:bf:14:12:c8:2e:be:c8:35:9d:3d:c5:02:d5:b8:5f:
48:8c:9c:44:45:82:a9:a6:6b:04:60:2a:0b:74:96:31:5e:e0:
bc:88:e1:39:74:2f:af:fe:fb:94:91:6a:6b:a6:63:42:bd:bd:
cc:2d:1b:e9:65:3c:87:be:19:bf:e2:34:01:5c:0c:7a:6c:f7:
73:3c:57:90:a6:e8:c8:cf:21:f1:ba:82:04:55:70:56:01:93:
aa:09:d3:e8:00:c2:91:e9:4c:f6:f4:15:f2:0a:fa:08:28:93:
b0:ef:cc:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyekJgWaH7YhMILZbJ+wlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBkZTVmNDZkM2VkYTAzOTQ2ZWZiMjFmZjdmZmMxMjA2NzAwM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSV6ObfIoll8k4Vq/dgjjGQ9Ptqf
X5dS414Y9haRlPRrv5c3lXZ+fk5/KzPomJG4BP+bYrywD2AJo10pLVKhyQA9xnYd
Yz2GZFC1IsrVsATPWfbklKY3PNqOm9AThsKPbOLP5eUi7lCxF5/+dXZVoIOMPHKA
S/ni49gqCurNSzQWPjKbonIG7Oupmw9NQ2InZZyoguMidpFaUUuaU9VCd/O8HEkF
7KdVDt1uIgu/j5JkFA4QUvGT0ltq47e/tEvRxvADd+FjviANhIlnPt2Qf2EF09Gj
IjpR9YTzjg/KCmg0eFs/8gy3vOlXCmeJyRYhK8C3ZUWRg+AHZmOa0aQpMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcN5fRtPtoDlG77If9//BIGcAP1MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdHczbDlHMC0yZ09VYnZzaF8zXzhFZ1p3QV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJXvAAwQB
uZQMMA0GCSqGSIb3DQEBCwUAA4IBAQAgF6ka3IubTW1xixrqmnuOm18T3spp+QW7
VpUNwV40TsG6/e1DVyEnkC6dLQqVO2p3QrR/fG2VdifGW0Fmty0BskO14iPiQEdt
xL0Ns91x5KLMUgoncMw0jy84WAPa9bH9qQWdu5dCuiB5yPsk/mE/otRa041bamm4
x+oWHUmdAvNMQMfoqEmxHcUfo1TtaK+XGre/FBLILr7INZ09xQLVuF9IjJxERYKp
pmsEYCoLdJYxXuC8iOE5dC+v/vuUkWprpmNCvb3MLRvpZTyHvhm/4jQBXAx6bPdz
PFeQpujIzyHxuoIEVXBWAZOqCdPoAMKR6Uz29BXyCvoIKJOw78x0
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:48 2024 by rpki-client on console-fra.rpki-client.org