Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Ge3kqHQMUVweCiSPNNICkThVqMc.roa
File: Ge3kqHQMUVweCiSPNNICkThVqMc.roa (raw, json)
Hash identifier: iOEtp0aLv95V3nUI4SpYfk5uVZkG8CdG5Tb6z8VhZZU=
Subject key identifier: 19:ED:E4:A8:74:0C:51:5C:1E:0A:24:8F:34:D2:02:91:38:55:A8:C7
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018CC3B706BEED880DD76FD1EF28C6A10CE8
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Ge3kqHQMUVweCiSPNNICkThVqMc.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33438
IP address blocks: 85.12.1.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
2a01:788:aaac::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Feb 2024 11:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:06:be:ed:88:0d:d7:6f:d1:ef:28:c6:a1:0c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19ede4a8740c515c1e0a248f34d202913855a8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:82:cf:b6:61:a6:d0:fc:8e:d1:4e:5f:c3:
fa:27:35:d8:6d:8e:b3:aa:45:c0:e3:84:86:50:6e:
5a:c3:07:f9:d7:8c:f3:17:70:ce:c2:e2:01:6e:1b:
70:64:34:c7:3d:a1:0e:f6:74:c4:ae:a3:b3:48:88:
d8:36:04:b9:3b:40:bb:ab:56:58:18:e9:a5:0b:71:
bb:09:bb:7f:70:64:86:e8:bd:c9:18:36:74:f7:f1:
28:57:f5:c6:f8:fb:5c:f1:68:e2:62:96:56:47:e5:
4a:86:53:a7:ba:f1:4f:03:fb:35:29:b0:1c:21:c5:
20:e9:8a:e0:a1:f8:ff:63:59:6e:b1:88:b2:ba:c0:
bf:d5:fb:1d:fb:f6:02:a7:ad:38:74:c7:93:de:f3:
19:fb:f9:a3:f8:91:2b:44:76:7d:b1:ee:09:af:08:
d4:81:ee:6e:63:60:d6:22:c2:a3:c3:79:34:38:a0:
d2:b4:fb:ce:f8:1d:d9:dc:76:ed:de:c2:d9:f2:ff:
51:59:78:b9:56:52:93:bf:64:f8:ed:c1:bd:3f:43:
b2:f3:ce:53:4a:01:9c:56:4f:c8:bd:69:b3:8b:2d:
3c:61:b9:d2:c1:af:dc:ae:f9:6c:56:5b:2d:72:fd:
19:83:10:01:e4:c0:e8:e3:3d:b1:20:73:ea:e5:90:
fc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:ED:E4:A8:74:0C:51:5C:1E:0A:24:8F:34:D2:02:91:38:55:A8:C7
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/Ge3kqHQMUVweCiSPNNICkThVqMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.1.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:2b:c7:19:ab:d8:ff:8c:d9:89:d8:c1:8e:a7:fb:99:97:2e:
37:cf:7d:6b:19:a1:3c:d1:25:20:c5:14:45:1f:d8:75:63:f0:
9c:97:6f:ff:62:77:5d:1e:19:fd:c7:eb:fa:ff:5f:2d:d8:07:
05:bf:bf:f4:14:b7:54:3a:ab:51:3e:6e:46:f0:d0:02:89:39:
36:54:4b:38:0a:48:7c:ec:61:8a:9e:2c:ec:f0:30:49:c0:8a:
f2:00:a8:bf:9a:62:a0:25:95:8f:d4:ba:5f:7b:43:b5:2e:a6:
3f:f6:f5:16:4e:b4:08:91:66:91:ca:36:7e:60:7c:6b:69:cc:
10:42:30:5b:21:ba:9f:26:41:fa:cb:4b:29:42:b6:04:78:27:
74:b9:df:18:15:ea:af:00:76:49:0e:11:8c:16:73:25:26:3d:
8f:d6:9f:67:d5:6e:f8:c6:e2:40:f7:f8:75:b3:9d:61:15:d6:
80:20:49:d1:2b:05:0e:aa:64:8c:8d:eb:39:30:55:4f:e9:56:
6f:e6:eb:df:e8:4b:36:61:4d:59:35:48:d1:43:fa:28:6f:48:
36:c0:8c:cc:3c:81:09:04:fe:70:a7:87:45:85:7c:e0:ce:86:
c1:ec:65:a6:c9:01:8a:f5:0b:41:cd:8c:7a:f9:12:13:65:25:
eb:61:9e:af
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDtwa+7YgN12/R7yjGoQzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWVkZTRhODc0MGM1MTVjMWUwYTI0OGYzNGQyMDI5MTM4NTVhOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI2Cz7ZhptD8jtFOX8P6JzXYbY6z
qkXA44SGUG5awwf514zzF3DOwuIBbhtwZDTHPaEO9nTErqOzSIjYNgS5O0C7q1ZY
GOmlC3G7Cbt/cGSG6L3JGDZ09/EoV/XG+Ptc8WjiYpZWR+VKhlOnuvFPA/s1KbAc
IcUg6Yrgofj/Y1lusYiyusC/1fsd+/YCp604dMeT3vMZ+/mj+JErRHZ9se4JrwjU
ge5uY2DWIsKjw3k0OKDStPvO+B3Z3Hbt3sLZ8v9RWXi5VlKTv2T47cG9P0Oy885T
SgGcVk/IvWmziy08YbnSwa/crvlsVlstcv0ZgxAB5MDo4z2xIHPq5ZD8oQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBnt5Kh0DFFcHgokjzTSApE4VajHMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvR2Uza3FIUU1VVndlQ2lTUE5OSUNrVGhWcU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQAVQwBAwQA
wYrcAwQBw8hUMBoEAgACMBQwEgMHASoBB4iqqgMHACoBB4iqrDANBgkqhkiG9w0B
AQsFAAOCAQEAcCvHGavY/4zZidjBjqf7mZcuN899axmhPNElIMUURR/YdWPwnJdv
/2J3XR4Z/cfr+v9fLdgHBb+/9BS3VDqrUT5uRvDQAok5NlRLOApIfOxhip4s7PAw
ScCK8gCov5pioCWVj9S6X3tDtS6mP/b1Fk60CJFmkco2fmB8a2nMEEIwWyG6nyZB
+stLKUK2BHgndLnfGBXqrwB2SQ4RjBZzJSY9j9afZ9Vu+MbiQPf4dbOdYRXWgCBJ
0SsFDqpkjI3rOTBVT+lWb+br3+hLNmFNWTVI0UP6KG9INsCMzDyBCQT+cKeHRYV8
4M6GwexlpskBivULQc2MevkSE2Ul62Gerw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org