Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/e03X8oAZAd-RG6Ijan5AHL9UuWI.roa
File: e03X8oAZAd-RG6Ijan5AHL9UuWI.roa (raw, json)
Hash identifier: zwpgEtK3IyLioHGeUp616RLjZuJ05nDXu8Uri+WSs7E=
Subject key identifier: 7B:4D:D7:F2:80:19:01:DF:91:1B:A2:23:6A:7E:40:1C:BF:54:B9:62
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018D55AB332224528166163B2165A90D8014
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/e03X8oAZAd-RG6Ijan5AHL9UuWI.roa
Signing time: Mon 29 Jan 2024 14:41:39 +0000
ROA not before: Mon 29 Jan 2024 14:41:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.193.0/24 maxlen: 24
91.148.194.0/23 maxlen: 23
91.148.196.0/22 maxlen: 22
91.148.200.0/21 maxlen: 21
91.148.208.0/20 maxlen: 20
91.148.240.0/20 maxlen: 24
185.91.28.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Feb 2024 10:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:ab:33:22:24:52:81:66:16:3b:21:65:a9:0d:80:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 29 14:41:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b4dd7f2801901df911ba2236a7e401cbf54b962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3c:e5:b3:90:bb:d6:04:22:2a:bf:be:04:2f:
1a:ec:31:da:b7:99:2e:98:2f:3f:b9:2e:bd:c3:ef:
40:4d:d2:99:35:b5:13:ca:96:2a:17:c9:f3:9e:ae:
0d:a4:ab:d0:7a:d5:e3:0a:0d:fe:01:94:77:2b:e6:
cf:d8:f1:07:b4:6d:a7:72:2a:eb:03:71:44:81:29:
4b:c8:e3:a1:42:2d:0d:7f:49:2f:b7:71:04:9f:be:
a6:e7:34:f0:39:9a:62:bd:20:79:8c:57:d8:1c:0b:
de:b5:8f:c7:ef:f7:92:43:a0:09:9f:cc:e9:7a:78:
0c:f2:aa:12:8e:05:81:99:7e:65:c9:7e:e9:fd:94:
e4:1e:58:5a:f2:f8:78:51:7d:92:56:56:76:07:1d:
3d:0a:11:f0:5c:24:e1:d7:3f:a9:f4:a1:cf:b7:5a:
00:92:f6:03:0c:e0:04:10:ce:22:df:62:d9:76:c7:
7a:15:33:5a:9d:57:a0:fb:93:f6:6c:3b:47:44:a8:
60:1f:1b:04:51:86:06:e6:68:40:f2:ea:8e:ad:08:
7e:9d:95:8f:06:7c:bf:d9:4b:36:7b:b2:2a:75:0c:
53:72:2b:b2:8f:fc:75:04:5f:dd:e8:8c:b7:e2:cb:
36:92:4b:9b:fe:97:6d:98:62:2e:c5:9e:07:e9:d8:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4D:D7:F2:80:19:01:DF:91:1B:A2:23:6A:7E:40:1C:BF:54:B9:62
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/e03X8oAZAd-RG6Ijan5AHL9UuWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.32.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.193.0-91.148.223.255
91.148.240.0/20
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
c3:74:2c:d9:ba:d5:4d:c9:fc:d8:94:af:d7:b8:85:c7:4e:d2:
61:1a:68:56:a8:2d:eb:2c:7a:a3:b6:2e:b3:73:22:e4:fb:a6:
a6:f5:5c:e3:89:2a:8a:00:0b:17:b1:ea:d4:fb:eb:25:a7:c3:
5b:79:0f:92:6f:93:5d:ab:fc:22:db:aa:69:ba:b7:65:15:d9:
52:b4:4b:b0:2e:2b:ff:93:f4:f7:d1:11:f9:54:7c:c7:f8:74:
8f:d6:bd:49:13:3f:4d:35:3d:26:08:3a:23:32:0d:e2:d8:8a:
b2:eb:10:a6:c9:d8:82:04:d6:77:0e:b3:8b:a3:c1:25:ac:dd:
ab:6e:3b:a8:55:06:b5:14:45:fd:1f:64:db:0d:9b:56:7c:cd:
f3:9b:74:9d:76:ac:1a:38:0b:f8:07:e6:92:37:75:89:7c:2a:
b0:c4:07:87:ef:60:df:75:1e:ab:54:30:b0:04:35:22:ad:fa:
80:d4:aa:94:ad:bf:13:ed:c2:a4:58:44:e1:e7:c1:61:20:ce:
3d:e1:cf:94:22:3c:a5:c5:67:39:72:53:27:65:8e:a1:d9:a7:
7b:71:02:64:79:22:cb:2e:4a:77:14:94:9b:06:6c:32:e2:90:
ed:73:a7:11:af:42:8c:56:5e:30:f8:58:86:6a:5e:73:0e:72:
f0:e3:5d:05
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY1VqzMiJFKBZhY7IWWpDYAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMTI5MTQ0MTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjRkZDdmMjgwMTkwMWRmOTExYmEyMjM2YTdlNDAxY2JmNTRiOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDzls5C71gQiKr++BC8a7DHat5ku
mC8/uS69w+9ATdKZNbUTypYqF8nznq4NpKvQetXjCg3+AZR3K+bP2PEHtG2ncirr
A3FEgSlLyOOhQi0Nf0kvt3EEn76m5zTwOZpivSB5jFfYHAvetY/H7/eSQ6AJn8zp
engM8qoSjgWBmX5lyX7p/ZTkHlha8vh4UX2SVlZ2Bx09ChHwXCTh1z+p9KHPt1oA
kvYDDOAEEM4i32LZdsd6FTNanVeg+5P2bDtHRKhgHxsEUYYG5mhA8uqOrQh+nZWP
Bny/2Us2e7IqdQxTciuyj/x1BF/d6Iy34ss2kkub/pdtmGIuxZ4H6dhePwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFHtN1/KAGQHfkRuiI2p+QBy/VLliMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvZTAzWDhvQVpBZC1SRzZJamFuNUFITDlVdVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCMAwDBAVVDCAD
BANVDDAwDAMEAVUMOgMEBlUMADAMAwQAW5TBAwQFW5TAAwQEW5TwAwQAuVscAwQA
wYrcAwQBw8hUMA0EAgACMAcDBQAqAQeIMA0GCSqGSIb3DQEBCwUAA4IBAQDDdCzZ
utVNyfzYlK/XuIXHTtJhGmhWqC3rLHqjti6zcyLk+6am9VzjiSqKAAsXserU++sl
p8NbeQ+Sb5Ndq/wi26ppurdlFdlStEuwLiv/k/T30RH5VHzH+HSP1r1JEz9NNT0m
CDojMg3i2Iqy6xCmydiCBNZ3DrOLo8ElrN2rbjuoVQa1FEX9H2TbDZtWfM3zm3Sd
dqwaOAv4B+aSN3WJfCqwxAeH72DfdR6rVDCwBDUirfqA1KqUrb8T7cKkWETh58Fh
IM494c+UIjylxWc5clMnZY6h2ad7cQJkeSLLLkp3FJSbBmwy4pDtc6cRr0KMVl4w
+FiGal5zDnLw410F
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:28:26 2024 by rpki-client on console-ams.rpki-client.org