Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/JUAKYT2FdBVu2VXDt48w6HW-zqM.roa
File: JUAKYT2FdBVu2VXDt48w6HW-zqM.roa (raw, json)
Hash identifier: gfuimRUDUSajbwoqCeeMZsCb4+jVB/zncZe6iENRZX4=
Subject key identifier: 25:40:0A:61:3D:85:74:15:6E:D9:55:C3:B7:8F:30:E8:75:BE:CE:A3
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018CC3B706EF7646E2D579EB9415C2BAA5CA
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/JUAKYT2FdBVu2VXDt48w6HW-zqM.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
185.91.28.0/24 maxlen: 24
91.148.236.0/22 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
91.148.240.0/20 maxlen: 24
193.138.220.0/24 maxlen: 24
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.194.0/23 maxlen: 23
91.148.193.0/24 maxlen: 24
91.148.196.0/22 maxlen: 22
91.148.200.0/21 maxlen: 21
91.148.208.0/20 maxlen: 20
2a01:788:aaac::/48 maxlen: 48
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 14:41:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:06:ef:76:46:e2:d5:79:eb:94:15:c2:ba:a5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25400a613d8574156ed955c3b78f30e875becea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cd:fd:40:25:32:6f:08:9c:b7:3f:28:ef:d3:
2e:7d:54:51:da:b7:be:9c:c9:1b:62:be:10:fd:2e:
1c:30:9b:c9:af:45:61:11:37:e8:05:6f:95:c4:c5:
ea:57:73:29:28:fb:28:ae:1a:a9:e8:f3:c2:b1:8e:
21:f7:d6:5e:3d:3f:f6:3b:4e:75:5b:6d:2e:99:88:
25:ba:37:a2:97:61:05:be:41:1b:6f:ea:9b:5c:81:
6b:b1:1c:9a:81:24:30:76:07:42:42:06:66:9a:c7:
e9:f9:b0:0c:6a:81:79:00:57:78:f1:37:f0:e9:23:
7a:57:12:22:35:c9:6d:2a:5e:a4:4d:b9:32:31:a0:
50:53:63:48:5f:b5:97:23:a9:08:a6:fe:d0:f2:1d:
93:28:d2:b8:6e:70:a2:57:89:5c:47:50:c8:c8:0f:
56:0c:23:9b:74:a6:8f:eb:d3:b0:07:fa:69:09:51:
60:cc:bf:30:58:c5:12:de:85:d7:32:1b:31:27:ce:
09:de:a1:eb:ec:61:ea:7b:86:ed:07:18:9d:ed:ab:
a8:f5:2b:9e:e2:1c:81:36:5a:f0:10:14:1e:62:7f:
30:e4:c7:58:c2:65:70:f0:d8:75:f4:8f:ae:b2:8a:
39:c0:06:ed:0f:3f:b2:e3:1f:fe:ba:0c:2f:5c:90:
63:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:40:0A:61:3D:85:74:15:6E:D9:55:C3:B7:8F:30:E8:75:BE:CE:A3
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/JUAKYT2FdBVu2VXDt48w6HW-zqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.32.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.193.0-91.148.223.255
91.148.236.0-91.148.255.255
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
62:39:27:33:83:b8:a4:b5:7f:4a:37:8a:35:0a:0e:c8:48:ad:
60:6b:12:59:35:9b:67:25:3e:8f:99:a3:57:2d:a4:ec:a5:3f:
d7:b5:5d:88:30:c5:88:73:c0:ee:3a:b5:7c:9b:a9:7b:34:7c:
60:d1:e1:d8:2e:55:46:c2:0e:bb:9b:e4:47:b1:07:90:d4:a3:
2f:1c:f6:b4:42:5b:23:25:9e:a2:dc:0c:5c:f0:5d:38:93:e1:
2f:25:a5:3e:91:79:53:fd:9a:75:05:0a:13:7a:32:ba:6b:0e:
22:82:91:af:f2:8d:ac:c5:86:09:6e:61:76:0e:33:a7:0a:e8:
c5:77:86:78:64:c2:9a:9d:91:63:5d:05:77:cc:d5:00:c7:b3:
84:55:a1:6b:2b:d5:ae:fe:62:44:97:7d:39:18:42:5a:ce:d0:
c1:1c:de:39:6e:ac:30:16:49:d3:26:2e:cf:f0:00:1f:db:60:
dd:da:e0:06:54:48:43:69:ea:30:bd:93:c3:e0:14:04:b7:bd:
63:a1:8f:84:98:00:05:9d:ce:11:e2:26:9d:be:0d:c6:d7:4d:
c5:86:c3:47:fe:5c:33:8e:a3:bb:59:af:7a:0d:b6:d0:9a:f6:
1c:bb:3b:a9:b9:b0:d8:6a:42:23:e8:ca:20:aa:ad:94:8b:d0:
37:90:4f:f1
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzDtwbvdkbi1XnrlBXCuqXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQwMGE2MTNkODU3NDE1NmVkOTU1YzNiNzhmMzBlODc1YmVjZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc39QCUybwictz8o79MufVRR2re+
nMkbYr4Q/S4cMJvJr0VhETfoBW+VxMXqV3MpKPsorhqp6PPCsY4h99ZePT/2O051
W20umYglujeil2EFvkEbb+qbXIFrsRyagSQwdgdCQgZmmsfp+bAMaoF5AFd48Tfw
6SN6VxIiNcltKl6kTbkyMaBQU2NIX7WXI6kIpv7Q8h2TKNK4bnCiV4lcR1DIyA9W
DCObdKaP69OwB/ppCVFgzL8wWMUS3oXXMhsxJ84J3qHr7GHqe4btBxid7auo9Sue
4hyBNlrwEBQeYn8w5MdYwmVw8Nh19I+usoo5wAbtDz+y4x/+ugwvXJBjzQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCVACmE9hXQVbtlVw7ePMOh1vs6jMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvSlVBS1lUMkZkQlZ1MlZYRHQ0OHc2SFctenFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJMAwDBAVVDCAD
BANVDDAwDAMEAVUMOgMEBlUMADAMAwQAW5TBAwQFW5TAMAsDBAJblOwDAwBblAME
ALlbHAMEAMGK3AMEAcPIVDANBAIAAjAHAwUAKgEHiDANBgkqhkiG9w0BAQsFAAOC
AQEAYjknM4O4pLV/SjeKNQoOyEitYGsSWTWbZyU+j5mjVy2k7KU/17VdiDDFiHPA
7jq1fJupezR8YNHh2C5VRsIOu5vkR7EHkNSjLxz2tEJbIyWeotwMXPBdOJPhLyWl
PpF5U/2adQUKE3oyumsOIoKRr/KNrMWGCW5hdg4zpwroxXeGeGTCmp2RY10Fd8zV
AMezhFWhayvVrv5iRJd9ORhCWs7QwRzeOW6sMBZJ0yYuz/AAH9tg3drgBlRIQ2nq
ML2Tw+AUBLe9Y6GPhJgABZ3OEeImnb4NxtdNxYbDR/5cM46ju1mveg220Jr2HLs7
qbmw2GpCI+jKIKqtlIvQN5BP8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org