Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_fwC_fx6G4fbwYurGsF5AwSDu5o.roa
File: _fwC_fx6G4fbwYurGsF5AwSDu5o.roa (raw, json)
Hash identifier: RmJqhg2SNKkoh4S4/iqlDldDdfz97x6AJH1Z7N3esm0=
Subject key identifier: FD:FC:02:FD:FC:7A:1B:87:DB:C1:8B:AB:1A:C1:79:03:04:83:BB:9A
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018849D919E1CF55CA52540D7F189B263C24
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_fwC_fx6G4fbwYurGsF5AwSDu5o.roa
Signing time: Tue 23 May 2023 18:22:24 +0000
ROA not before: Tue 23 May 2023 18:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 185.152.93.0/24 maxlen: 24
185.152.92.0/24 maxlen: 24
185.152.95.0/24 maxlen: 24
185.152.94.0/24 maxlen: 24
85.239.38.0/24 maxlen: 24
85.239.37.0/24 maxlen: 24
85.239.36.0/24 maxlen: 24
85.239.35.0/24 maxlen: 24
85.239.39.0/24 maxlen: 24
85.239.48.0/22 maxlen: 24
85.239.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 19:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:d9:19:e1:cf:55:ca:52:54:0d:7f:18:9b:26:3c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: May 23 18:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdfc02fdfc7a1b87dbc18bab1ac179030483bb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7a:ff:2b:c3:f7:86:62:af:4e:b1:25:f7:2e:
10:15:b6:a3:12:7b:63:90:db:7c:9e:6c:7c:38:ab:
59:06:f0:0d:fa:c0:ce:a1:70:ff:31:4b:e5:71:79:
f5:6e:2b:3a:bc:97:4f:0b:3f:8a:f1:b1:1e:50:b0:
6c:61:08:78:a6:c5:60:26:50:da:51:69:30:45:ae:
00:02:3b:d0:05:0e:7f:f1:99:1c:7f:f4:0a:dd:bd:
da:3a:f2:ce:5c:43:d6:ca:ce:5e:c0:24:3d:51:d3:
17:ac:17:f7:93:63:c4:b3:07:4a:dc:1e:aa:7c:67:
7f:7d:7f:d3:bd:56:39:99:e5:0a:9b:e2:c9:13:90:
de:94:5d:22:e8:d2:32:6e:c1:d4:82:b3:07:a0:50:
61:b6:1f:d7:37:f6:84:5d:9f:f9:b7:ef:be:e2:d6:
b3:85:60:0c:a4:7c:c3:bc:bf:b0:54:d6:cb:8c:38:
f0:dc:8c:6e:f9:af:3e:3e:b0:3f:73:fb:ac:52:d1:
cb:f5:78:ce:8a:f8:45:23:47:3a:ee:00:68:78:0f:
9f:1c:14:cb:de:07:5f:48:71:df:2e:fd:28:06:83:
e8:0b:c7:93:a3:d9:10:bd:b1:37:1a:5a:bd:c9:55:
55:c2:c4:38:e8:82:df:25:be:76:88:a0:9f:73:7f:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FC:02:FD:FC:7A:1B:87:DB:C1:8B:AB:1A:C1:79:03:04:83:BB:9A
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_fwC_fx6G4fbwYurGsF5AwSDu5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.35.0-85.239.39.255
85.239.48.0/22
85.239.56.0/22
185.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
41:37:45:4a:4d:08:91:d5:b5:76:ae:4f:4a:3e:68:be:c9:9b:
6c:8a:f3:89:24:b8:51:64:94:5c:9f:ac:5b:90:a5:e6:73:12:
65:01:3f:05:34:78:38:a3:4d:87:d1:d3:6e:1a:c0:a4:23:af:
31:8f:15:54:36:2e:47:f9:2b:21:99:7e:0e:5c:b7:5b:c4:45:
d3:1b:ac:fd:c7:e9:3b:c7:15:0e:0d:85:ab:26:e6:a8:3e:04:
68:72:19:29:d6:64:86:e8:a9:65:e3:a2:e5:e6:50:dc:17:8a:
5f:88:35:ce:dd:e4:c6:1c:6b:a9:8e:3f:17:f7:28:d7:ca:11:
c0:eb:6f:66:df:ef:e4:0d:ea:2f:5b:90:56:65:1e:25:b5:c8:
f5:af:ce:8a:21:d6:6a:9a:69:78:34:5d:78:98:7c:04:b4:8e:
64:34:f1:0b:c5:22:d2:19:ed:66:9a:84:93:98:f5:4c:f9:a4:
93:5f:1d:4d:b0:32:08:83:82:e6:3e:2c:c0:1d:36:33:12:84:
cd:21:83:f2:91:e0:e3:ed:21:dd:f2:c7:8c:a9:50:24:7f:c9:
b7:b4:b3:39:73:2d:03:bc:49:f6:9c:33:a8:7e:ad:84:5e:f1:
a8:e0:c2:30:91:21:5c:ef:04:d8:20:e0:18:d8:49:5a:3c:e1:
0f:ae:ea:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhJ2Rnhz1XKUlQNfxibJjwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwNTIzMTgyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZjMDJmZGZjN2ExYjg3ZGJjMThiYWIxYWMxNzkwMzA0ODNiYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHr/K8P3hmKvTrEl9y4QFbajEntj
kNt8nmx8OKtZBvAN+sDOoXD/MUvlcXn1bis6vJdPCz+K8bEeULBsYQh4psVgJlDa
UWkwRa4AAjvQBQ5/8Zkcf/QK3b3aOvLOXEPWys5ewCQ9UdMXrBf3k2PEswdK3B6q
fGd/fX/TvVY5meUKm+LJE5DelF0i6NIybsHUgrMHoFBhth/XN/aEXZ/5t+++4taz
hWAMpHzDvL+wVNbLjDjw3Ixu+a8+PrA/c/usUtHL9XjOivhFI0c67gBoeA+fHBTL
3gdfSHHfLv0oBoPoC8eTo9kQvbE3Glq9yVVVwsQ46ILfJb52iKCfc39TXQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP38Av38ehuH28GLqxrBeQMEg7uaMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvX2Z3Q19meDZHNGZid1l1ckdzRjVBd1NEdTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABV7yMD
BANV7yADBAJV7zADBAJV7zgDBAK5mFwwDQYJKoZIhvcNAQELBQADggEBAEE3RUpN
CJHVtXauT0o+aL7Jm2yK84kkuFFklFyfrFuQpeZzEmUBPwU0eDijTYfR024awKQj
rzGPFVQ2Lkf5KyGZfg5ct1vERdMbrP3H6TvHFQ4Nhasm5qg+BGhyGSnWZIboqWXj
ouXmUNwXil+INc7d5MYca6mOPxf3KNfKEcDrb2bf7+QN6i9bkFZlHiW1yPWvzooh
1mqaaXg0XXiYfAS0jmQ08QvFItIZ7WaahJOY9Uz5pJNfHU2wMgiDguY+LMAdNjMS
hM0hg/KR4OPtId3yx4ypUCR/ybe0szlzLQO8SfacM6h+rYRe8ajgwjCRIVzvBNgg
4BjYSVo84Q+u6l8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org