Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/gU9X7tXam8XBnPM9vTewEeZESaQ.roa
File: gU9X7tXam8XBnPM9vTewEeZESaQ.roa (raw, json)
Hash identifier: nY4GGqcbpnE51beqhyvm9XFI69wl49k/LpsX0TeWWUY=
Subject key identifier: 81:4F:57:EE:D5:DA:9B:C5:C1:9C:F3:3D:BD:37:B0:11:E6:44:49:A4
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018CC3B707EC795A01BE0471B7508D63194B
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/gU9X7tXam8XBnPM9vTewEeZESaQ.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205467
IP address blocks: 85.12.0.0/22 maxlen: 24
193.138.223.0/24 maxlen: 24
2a01:788:213::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:07:ec:79:5a:01:be:04:71:b7:50:8d:63:19:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=814f57eed5da9bc5c19cf33dbd37b011e64449a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ec:25:49:f8:ee:92:c3:6b:10:f7:4f:a3:fc:
93:ed:39:d0:79:97:e8:3d:33:37:90:1f:06:b9:cd:
1a:42:81:93:50:48:17:c2:bf:28:44:ca:83:35:10:
2e:93:e9:5b:ec:b9:ea:53:a3:7a:59:8c:7b:08:e3:
7f:04:39:de:ea:25:74:02:9f:42:69:93:4e:20:b8:
17:83:61:62:0b:e4:89:69:13:6b:f3:26:bd:30:e4:
73:c2:a0:84:a8:40:ea:e5:f3:dc:56:a9:7d:e7:7c:
8c:6e:e2:d9:32:5a:3d:41:1d:02:c0:3b:55:21:b5:
46:4d:bd:72:e2:c4:a2:75:bc:09:d4:75:42:b6:b1:
7d:31:dc:6b:e9:bb:66:e3:54:14:a5:28:1b:02:7f:
6a:e9:f5:67:2f:01:07:8d:86:45:27:c4:6a:2d:71:
88:aa:a8:a1:f0:2a:fe:73:9b:77:18:70:2f:f8:f1:
b1:43:58:79:17:59:12:df:0f:d7:98:be:c6:96:a4:
28:6a:32:2a:ea:4f:d4:f0:94:79:40:66:07:05:ae:
f1:33:ba:bc:19:88:66:c1:30:6a:18:45:99:aa:20:
c0:ad:96:8c:e1:9a:0a:0f:0a:15:9b:6b:d9:58:e9:
95:91:b5:a5:26:31:56:48:cb:da:e3:93:a1:80:86:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4F:57:EE:D5:DA:9B:C5:C1:9C:F3:3D:BD:37:B0:11:E6:44:49:A4
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/gU9X7tXam8XBnPM9vTewEeZESaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.0.0/22
193.138.223.0/24
IPv6:
2a01:788:213::/48
Signature Algorithm: sha256WithRSAEncryption
21:68:0e:e2:6e:5e:b8:73:c5:4e:08:d7:d0:a0:a4:0f:4e:e9:
58:ff:06:88:bd:43:ca:b9:a0:46:28:b5:4b:6b:64:47:55:78:
57:27:fa:cc:62:bb:be:88:52:d9:57:24:e1:b5:94:d1:0f:a8:
0f:51:54:b5:3a:b4:fd:36:56:4f:61:cc:19:a2:e3:78:ee:50:
77:f9:56:79:03:2c:cc:a5:99:f1:7e:be:14:af:c5:6a:a3:44:
c8:99:48:ea:69:30:c0:32:86:a6:aa:27:87:e9:78:f8:f9:9e:
59:c2:28:c0:1e:c5:e4:5d:e3:89:67:0a:14:03:85:be:2e:a4:
ba:77:97:48:e1:7e:e4:d9:c8:7a:d0:42:7a:6b:de:5c:e3:f7:
c7:b4:56:40:13:a7:c0:49:81:00:d8:99:95:aa:e4:cf:7a:aa:
4d:8d:89:57:1d:67:01:fc:50:f0:ad:d3:9a:c4:24:47:c1:27:
57:40:bb:7d:b3:d1:54:88:c4:7a:a4:98:5a:48:48:e4:52:12:
5b:df:30:79:e7:20:99:a4:36:66:15:56:b7:bd:76:66:00:c4:
13:3a:45:8f:42:5c:c9:47:7b:33:c8:d5:4c:ee:97:bc:3e:1f:
b0:ca:62:d2:94:34:25:cf:95:45:7e:6a:7d:dd:1f:71:38:dd:
0d:08:53:22
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtwfseVoBvgRxt1CNYxlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRmNTdlZWQ1ZGE5YmM1YzE5Y2YzM2RiZDM3YjAxMWU2NDQ0OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuwlSfjuksNrEPdPo/yT7TnQeZfo
PTM3kB8Guc0aQoGTUEgXwr8oRMqDNRAuk+lb7LnqU6N6WYx7CON/BDne6iV0Ap9C
aZNOILgXg2FiC+SJaRNr8ya9MORzwqCEqEDq5fPcVql953yMbuLZMlo9QR0CwDtV
IbVGTb1y4sSidbwJ1HVCtrF9Mdxr6btm41QUpSgbAn9q6fVnLwEHjYZFJ8RqLXGI
qqih8Cr+c5t3GHAv+PGxQ1h5F1kS3w/XmL7GlqQoajIq6k/U8JR5QGYHBa7xM7q8
GYhmwTBqGEWZqiDArZaM4ZoKDwoVm2vZWOmVkbWlJjFWSMva45OhgIb6pQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIFPV+7V2pvFwZzzPb03sBHmREmkMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvZ1U5WDd0WGFtOFhCblBNOXZUZXdFZVpFU2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVQwAAwQA
wYrfMA8EAgACMAkDBwAqAQeIAhMwDQYJKoZIhvcNAQELBQADggEBACFoDuJuXrhz
xU4I19CgpA9O6Vj/Boi9Q8q5oEYotUtrZEdVeFcn+sxiu76IUtlXJOG1lNEPqA9R
VLU6tP02Vk9hzBmi43juUHf5VnkDLMylmfF+vhSvxWqjRMiZSOppMMAyhqaqJ4fp
ePj5nlnCKMAexeRd44lnChQDhb4upLp3l0jhfuTZyHrQQnpr3lzj98e0VkATp8BJ
gQDYmZWq5M96qk2NiVcdZwH8UPCt05rEJEfBJ1dAu32z0VSIxHqkmFpISORSElvf
MHnnIJmkNmYVVre9dmYAxBM6RY9CXMlHezPI1Uzul7w+H7DKYtKUNCXPlUV+an3d
H3E43Q0IUyI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org