Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_XyY8pm4HGZ_1PsV0e2WNtALTn4.roa
File: _XyY8pm4HGZ_1PsV0e2WNtALTn4.roa (raw, json)
Hash identifier: /b+ho4ncfW2C8zBGnnyxg3Z2Sge05U2NudORTGnaB1c=
Subject key identifier: FD:7C:98:F2:99:B8:1C:66:7F:D4:FB:15:D1:ED:96:36:D0:0B:4E:7E
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 01860CB6CDD12FB21C917D6761D4B714F0E3
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_XyY8pm4HGZ_1PsV0e2WNtALTn4.roa
Signing time: Wed 01 Feb 2023 11:22:32 +0000
ROA not before: Wed 01 Feb 2023 11:22:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205467
IP address blocks: 85.12.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 13:13:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:b6:cd:d1:2f:b2:1c:91:7d:67:61:d4:b7:14:f0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Feb 1 11:22:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7c98f299b81c667fd4fb15d1ed9636d00b4e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:4a:ee:bb:7a:13:8a:d2:70:40:1f:5a:9b:
57:e8:8b:b3:e6:7d:57:f7:cc:61:24:71:08:25:4c:
5a:0c:fa:91:3c:fb:d2:d2:da:61:40:b3:d1:61:3e:
e7:97:15:5f:81:3c:7d:82:eb:71:ff:e4:c9:bb:e2:
71:96:a6:6a:2f:66:ee:bf:01:e1:59:b3:d0:43:e0:
15:3b:7a:41:cb:64:f3:6a:e0:bb:de:a1:01:95:42:
15:31:d6:2c:ec:b8:1e:50:ab:4c:ae:6c:00:71:b6:
61:0e:18:5b:20:fa:78:6c:46:36:21:11:ef:a8:ef:
f1:eb:be:4e:b2:9d:8f:6e:11:22:ed:ff:af:77:ce:
70:52:c3:25:13:09:58:10:4f:a0:0c:c5:89:2d:1c:
34:30:b7:76:b1:70:a5:97:07:5b:38:b6:8d:4d:12:
5c:33:01:e4:d5:d3:bd:3c:47:74:cc:d6:c3:38:ef:
16:06:66:58:66:13:9e:83:af:0f:4a:ad:50:9c:71:
a8:cb:d9:c3:2e:36:92:13:d4:b0:8f:76:7c:cf:7b:
05:4d:0c:37:7a:d0:22:f6:3d:c0:97:2c:16:73:ca:
c8:9c:7e:4b:97:23:4c:2e:a8:b2:f0:62:47:dc:1b:
b7:23:59:7a:d0:0b:1b:9c:1c:b3:da:88:82:7a:92:
02:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7C:98:F2:99:B8:1C:66:7F:D4:FB:15:D1:ED:96:36:D0:0B:4E:7E
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_XyY8pm4HGZ_1PsV0e2WNtALTn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:62:d9:2f:40:de:f2:82:d7:fc:72:e1:02:0f:ef:10:99:7c:
37:25:16:ed:af:83:c8:ca:a2:df:17:43:2d:f0:1e:16:ce:43:
a9:ee:7a:84:5a:2d:cd:f9:66:ec:fa:32:03:30:20:23:a5:6a:
4d:3b:9d:5d:b5:68:cd:1a:05:05:91:1e:cc:75:47:e3:ef:72:
c7:67:a3:07:05:8e:6a:9f:70:8b:1d:3d:f3:8c:e9:73:85:80:
9d:91:8a:c1:ae:eb:09:bd:39:1d:8e:d8:23:f3:95:2f:f3:31:
e2:bd:6b:91:0c:0c:7e:3e:e8:e1:2e:c6:ef:0d:5d:86:73:62:
65:3d:22:86:96:20:49:06:00:aa:e0:af:1b:98:c0:05:25:5f:
08:bd:23:bf:aa:05:77:5c:aa:00:c7:10:a0:1b:02:ee:b4:ac:
6c:29:a1:03:0b:72:2d:86:dd:95:ce:b2:90:57:0e:d2:a2:48:
da:a3:67:e8:df:71:9f:ad:11:8e:a3:14:4d:5f:da:9b:dc:0f:
fa:ee:fe:79:aa:e3:c0:06:69:43:5e:48:20:b9:c9:cd:a1:e8:
12:aa:4f:03:a4:fd:68:bc:28:69:ee:88:b0:f3:3f:a5:9e:61:
f9:17:73:84:90:f7:7d:fc:e5:c1:13:89:fe:7f:e9:1b:1a:4a:
14:ce:4e:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYMts3RL7IckX1nYdS3FPDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjMwMjAxMTEyMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdjOThmMjk5YjgxYzY2N2ZkNGZiMTVkMWVkOTYzNmQwMGI0ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd9K7rt6E4rScEAfWptX6Iuz5n1X
98xhJHEIJUxaDPqRPPvS0tphQLPRYT7nlxVfgTx9gutx/+TJu+JxlqZqL2buvwHh
WbPQQ+AVO3pBy2TzauC73qEBlUIVMdYs7LgeUKtMrmwAcbZhDhhbIPp4bEY2IRHv
qO/x675Osp2PbhEi7f+vd85wUsMlEwlYEE+gDMWJLRw0MLd2sXCllwdbOLaNTRJc
MwHk1dO9PEd0zNbDOO8WBmZYZhOeg68PSq1QnHGoy9nDLjaSE9Swj3Z8z3sFTQw3
etAi9j3AlywWc8rInH5LlyNMLqiy8GJH3Bu3I1l60AsbnByz2oiCepIChwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP18mPKZuBxmf9T7FdHtljbQC05+MB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvX1h5WThwbTRIR1pfMVBzVjBlMldOdEFMVG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVQwAMA0G
CSqGSIb3DQEBCwUAA4IBAQC1YtkvQN7ygtf8cuECD+8QmXw3JRbtr4PIyqLfF0Mt
8B4WzkOp7nqEWi3N+Wbs+jIDMCAjpWpNO51dtWjNGgUFkR7MdUfj73LHZ6MHBY5q
n3CLHT3zjOlzhYCdkYrBrusJvTkdjtgj85Uv8zHivWuRDAx+PujhLsbvDV2Gc2Jl
PSKGliBJBgCq4K8bmMAFJV8IvSO/qgV3XKoAxxCgGwLutKxsKaEDC3Itht2VzrKQ
Vw7Sokjao2fo33GfrRGOoxRNX9qb3A/67v55quPABmlDXkggucnNoegSqk8DpP1o
vChp7oiw8z+lnmH5F3OEkPd9/OXBE4n+f+kbGkoUzk4X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org