Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_sDF9Fb2id9E4VRCers0n3_BQVs.roa
File: _sDF9Fb2id9E4VRCers0n3_BQVs.roa (raw, json)
Hash identifier: 3mmry/fP6wi5OomVutIqRky8rfJveC5kPbIz0lLNrUw=
Subject key identifier: FE:C0:C5:F4:56:F6:89:DF:44:E1:54:42:7A:BB:34:9F:7F:C1:41:5B
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 0185721E8B053FB3139F507A1D5AB8E32E3C
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_sDF9Fb2id9E4VRCers0n3_BQVs.roa
Signing time: Mon 02 Jan 2023 10:54:42 +0000
ROA not before: Mon 02 Jan 2023 10:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
185.91.28.0/24 maxlen: 24
91.148.236.0/22 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
91.148.240.0/20 maxlen: 24
193.138.220.0/24 maxlen: 24
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.194.0/23 maxlen: 23
91.148.193.0/24 maxlen: 24
91.148.196.0/22 maxlen: 22
91.148.200.0/21 maxlen: 21
91.148.208.0/20 maxlen: 20
2a01:788:aaac::/48 maxlen: 48
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:1e:8b:05:3f:b3:13:9f:50:7a:1d:5a:b8:e3:2e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 2 10:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fec0c5f456f689df44e154427abb349f7fc1415b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:48:b4:1b:1e:93:1a:74:a9:6c:8c:f4:51:c6:
85:85:03:cb:9d:35:d2:46:89:6b:aa:92:0e:a7:9f:
28:62:c3:94:21:30:35:82:6d:48:6c:32:63:97:05:
67:c7:3d:39:a6:41:e8:39:df:da:67:dd:93:21:d1:
11:8c:b7:9c:a4:0d:7b:28:e6:7f:ff:8a:c3:31:a8:
54:3b:37:63:c9:b1:c3:e4:b8:62:57:aa:a2:d2:37:
2e:4c:8e:7a:ae:5c:f0:52:8b:47:8b:50:e4:3b:8d:
f2:50:bf:32:30:22:93:ad:69:b9:74:07:35:52:1d:
47:b5:cc:54:7f:39:de:ae:fc:1b:bc:68:46:5f:04:
e5:43:80:30:ae:bd:0e:b2:e1:37:28:bc:99:ef:fb:
cc:02:38:7c:ce:6b:d3:d8:ff:19:cb:06:24:b0:1b:
3a:73:f1:72:96:6b:2d:85:11:b7:eb:fc:9e:5b:a4:
eb:96:da:4c:63:c5:ba:9c:88:64:2b:9a:de:bf:fb:
eb:7d:fd:3d:5c:0c:26:63:10:15:7c:da:31:ea:9e:
8b:76:f1:f6:dd:49:29:98:d2:a1:ea:89:9d:52:02:
41:5f:5e:20:61:07:07:b3:ef:35:be:cc:02:9e:87:
8d:60:6a:9e:03:a6:34:0d:e1:93:bc:b8:7d:7a:fd:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C0:C5:F4:56:F6:89:DF:44:E1:54:42:7A:BB:34:9F:7F:C1:41:5B
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/_sDF9Fb2id9E4VRCers0n3_BQVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.32.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.193.0-91.148.223.255
91.148.236.0-91.148.255.255
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
bb:6b:b8:7b:6e:5d:db:a2:76:f2:8b:56:22:14:e4:97:f3:1c:
6e:ee:f0:e7:e9:a9:e0:bc:ea:42:5b:8e:ba:e5:55:3f:a1:95:
4a:0d:18:06:55:67:8f:84:09:55:2b:3b:bc:bd:dd:e0:c0:3f:
b1:a9:73:99:61:20:71:13:83:3f:70:04:5c:86:9f:b3:d4:6e:
b2:4a:4d:e6:a5:93:3f:1a:a0:93:eb:83:47:26:5b:32:78:b8:
09:5a:44:94:71:a0:95:cc:c5:0d:f3:7b:3d:20:6d:bd:f5:2c:
0d:ed:56:eb:50:5b:8a:f8:e6:18:da:03:d9:f9:04:7e:16:e7:
3d:56:24:a6:3d:03:53:75:ff:19:19:0f:03:a1:49:3b:a8:b9:
0b:85:34:3c:df:32:2f:0e:48:66:f8:a5:7c:7d:4b:93:0c:7a:
a0:b0:c9:d0:42:32:cf:39:87:be:e7:f9:ba:96:92:4b:c8:77:
08:cb:5e:cf:45:8f:48:8e:d8:90:b8:00:1c:c2:4c:87:f0:30:
75:bb:12:65:7f:7b:79:51:01:df:f8:83:3a:3a:65:00:03:d8:
b2:fe:21:4d:e5:35:3c:85:84:74:57:30:7c:8e:4a:43:b4:6f:
e2:ab:40:73:8d:ef:8c:61:9c:5f:01:f4:f9:5f:22:65:4a:7c:
ba:94:8a:68
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVyHosFP7MTn1B6HVq44y48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjMwMTAyMTA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMwYzVmNDU2ZjY4OWRmNDRlMTU0NDI3YWJiMzQ5ZjdmYzE0MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvki0Gx6TGnSpbIz0UcaFhQPLnTXS
RolrqpIOp58oYsOUITA1gm1IbDJjlwVnxz05pkHoOd/aZ92TIdERjLecpA17KOZ/
/4rDMahUOzdjybHD5LhiV6qi0jcuTI56rlzwUotHi1DkO43yUL8yMCKTrWm5dAc1
Uh1HtcxUfznervwbvGhGXwTlQ4Awrr0OsuE3KLyZ7/vMAjh8zmvT2P8ZywYksBs6
c/FylmsthRG36/yeW6TrltpMY8W6nIhkK5rev/vrff09XAwmYxAVfNox6p6LdvH2
3UkpmNKh6omdUgJBX14gYQcHs+81vswCnoeNYGqeA6Y0DeGTvLh9ev2mcwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFP7AxfRW9onfROFUQnq7NJ9/wUFbMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvX3NERjlGYjJpZDlFNFZSQ2VyczBuM19CUVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJMAwDBAVVDCAD
BANVDDAwDAMEAVUMOgMEBlUMADAMAwQAW5TBAwQFW5TAMAsDBAJblOwDAwBblAME
ALlbHAMEAMGK3AMEAcPIVDANBAIAAjAHAwUAKgEHiDANBgkqhkiG9w0BAQsFAAOC
AQEAu2u4e25d26J28otWIhTkl/Mcbu7w5+mp4LzqQluOuuVVP6GVSg0YBlVnj4QJ
VSs7vL3d4MA/salzmWEgcRODP3AEXIafs9RuskpN5qWTPxqgk+uDRyZbMni4CVpE
lHGglczFDfN7PSBtvfUsDe1W61BbivjmGNoD2fkEfhbnPVYkpj0DU3X/GRkPA6FJ
O6i5C4U0PN8yLw5IZvilfH1Lkwx6oLDJ0EIyzzmHvuf5upaSS8h3CMtez0WPSI7Y
kLgAHMJMh/AwdbsSZX97eVEB3/iDOjplAAPYsv4hTeU1PIWEdFcwfI5KQ7Rv4qtA
c43vjGGcXwH0+V8iZUp8upSKaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:48 2024 by rpki-client on console-fra.rpki-client.org