Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/da7658-fe5d-4f5a-862c-b56ab282b1c7/1/3jtQbtwLB2J-7cSybNE0hUoijNk.roa
File: 3jtQbtwLB2J-7cSybNE0hUoijNk.roa (raw, json)
Hash identifier: LmzGEYvjLV4YdBQUmDDNsnVwgiOvaCly9vUZ2Efi46s=
Subject key identifier: DE:3B:50:6E:DC:0B:07:62:7E:ED:C4:B2:6C:D1:34:85:4A:22:8C:D9
Certificate issuer: /CN=fbcb947651260d9d8b02f31d5bc7f1d5d0b01780
Certificate serial: 01859C4D22610CE535A142DB69EAF1D29E64
Authority key identifier: FB:CB:94:76:51:26:0D:9D:8B:02:F3:1D:5B:C7:F1:D5:D0:B0:17:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-8uUdlEmDZ2LAvMdW8fx1dCwF4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/da7658-fe5d-4f5a-862c-b56ab282b1c7/1/3jtQbtwLB2J-7cSybNE0hUoijNk.roa
Signing time: Tue 10 Jan 2023 15:29:38 +0000
ROA not before: Tue 10 Jan 2023 15:29:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49784
IP address blocks: 185.28.224.0/22 maxlen: 24
46.244.48.0/20 maxlen: 24
213.109.112.0/20 maxlen: 24
91.239.174.0/23 maxlen: 24
91.236.202.0/23 maxlen: 24
2a04:3640::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Mar 2023 08:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:4d:22:61:0c:e5:35:a1:42:db:69:ea:f1:d2:9e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcb947651260d9d8b02f31d5bc7f1d5d0b01780
Validity
Not Before: Jan 10 15:29:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de3b506edc0b07627eedc4b26cd134854a228cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:29:56:d0:0b:d1:cd:32:7c:a1:aa:4a:28:d6:
7e:3f:75:de:ea:df:46:90:0e:58:23:e3:78:0e:bf:
7b:10:43:69:19:42:c9:be:52:10:cf:77:24:91:54:
8e:f2:42:cb:69:57:18:9a:f9:0c:9c:bd:7a:b4:00:
5e:fe:8e:12:b1:6c:5a:72:04:11:90:72:62:ef:5b:
a1:eb:37:87:b3:3b:01:57:f5:03:7e:57:5d:51:23:
67:27:3d:01:de:c8:2c:cc:0a:61:67:a2:82:e1:ee:
fd:37:e7:13:1b:8d:7d:39:54:60:e3:df:f5:65:8b:
f7:9d:f6:82:ad:1a:e9:3c:8f:c8:b2:f8:84:97:46:
e3:40:48:d9:96:80:e4:99:c0:26:1f:d3:09:7a:66:
b3:25:b5:56:4c:57:a6:a3:6e:07:aa:21:df:26:e2:
6b:e8:64:d9:24:95:1d:b9:af:db:a0:a8:d9:78:cf:
07:18:03:17:31:8f:49:ee:b5:c1:bc:d5:2c:66:c9:
9a:70:cb:79:fc:66:b3:b2:f2:c2:15:9f:b0:1c:b2:
0e:df:0a:0d:b6:88:95:86:30:e2:48:5d:28:4a:c8:
b5:4d:8b:d1:1c:04:a8:eb:15:ff:e9:c1:85:24:93:
5b:f5:4d:87:f5:47:e3:0e:44:37:84:af:d9:db:43:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3B:50:6E:DC:0B:07:62:7E:ED:C4:B2:6C:D1:34:85:4A:22:8C:D9
X509v3 Authority Key Identifier:
keyid:FB:CB:94:76:51:26:0D:9D:8B:02:F3:1D:5B:C7:F1:D5:D0:B0:17:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-8uUdlEmDZ2LAvMdW8fx1dCwF4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/da7658-fe5d-4f5a-862c-b56ab282b1c7/1/3jtQbtwLB2J-7cSybNE0hUoijNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/da7658-fe5d-4f5a-862c-b56ab282b1c7/1/1-8uUdlEmDZ2LAvMdW8fx1dCwF4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.48.0/20
91.236.202.0/23
91.239.174.0/23
185.28.224.0/22
213.109.112.0/20
IPv6:
2a04:3640::/29
Signature Algorithm: sha256WithRSAEncryption
cd:a0:33:75:ec:29:9f:bf:84:69:8c:39:90:26:f6:6c:8f:66:
59:8a:9d:7b:ef:c0:8c:40:49:fc:30:9d:4f:2b:a4:66:9a:7d:
b9:67:8f:73:8a:d6:42:45:b6:da:13:59:cf:07:f9:15:54:b3:
f5:1a:ac:25:2e:0f:5c:70:19:8e:44:27:b3:5a:1f:2e:f1:5f:
96:cc:33:ed:d4:d9:e9:3e:21:99:24:4e:23:95:0e:72:40:c4:
af:a3:44:ca:7e:d1:d6:a8:3c:15:79:3e:a8:65:0a:9d:da:51:
bd:59:4e:75:8e:c5:29:37:fe:36:a6:b3:25:98:1f:b7:59:20:
78:7f:dd:60:1d:30:44:ad:ff:ee:12:f7:cf:4c:e0:b8:82:a8:
0a:f5:4f:fa:fd:dc:63:84:93:e1:4e:82:32:9d:5c:08:89:7b:
ba:5e:6f:6d:5d:85:72:b6:07:35:64:9b:80:eb:b7:9a:65:94:
62:c5:d9:e2:fa:01:9e:7f:8c:c1:05:11:36:77:3c:73:30:e3:
44:f1:ef:4b:19:5f:30:a2:8b:58:83:f0:94:8c:d3:8b:28:e2:
58:d4:52:69:8d:ca:a8:ac:5d:7f:0b:e8:a8:43:3e:0f:ec:ef:
0e:3f:56:0d:0e:64:37:55:ed:01:01:c4:90:ef:2a:15:17:1c:
a7:c4:dd:2c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYWcTSJhDOU1oULbaerx0p5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2I5NDc2NTEyNjBkOWQ4YjAyZjMxZDViYzdmMWQ1ZDBi
MDE3ODAwHhcNMjMwMTEwMTUyOTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNiNTA2ZWRjMGIwNzYyN2VlZGM0YjI2Y2QxMzQ4NTRhMjI4Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ilW0AvRzTJ8oapKKNZ+P3Xe6t9G
kA5YI+N4Dr97EENpGULJvlIQz3ckkVSO8kLLaVcYmvkMnL16tABe/o4SsWxacgQR
kHJi71uh6zeHszsBV/UDflddUSNnJz0B3sgszAphZ6KC4e79N+cTG419OVRg49/1
ZYv3nfaCrRrpPI/IsviEl0bjQEjZloDkmcAmH9MJemazJbVWTFemo24HqiHfJuJr
6GTZJJUdua/boKjZeM8HGAMXMY9J7rXBvNUsZsmacMt5/GazsvLCFZ+wHLIO3woN
toiVhjDiSF0oSsi1TYvRHASo6xX/6cGFJJNb9U2H9UfjDkQ3hK/Z20MvqwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFN47UG7cCwdifu3EsmzRNIVKIozZMB8GA1UdIwQY
MBaAFPvLlHZRJg2diwLzHVvH8dXQsBeAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04dVVkbEVtRFoyTEF2TWRXOGZ4MWRDd0Y0QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvZGE3NjU4LWZlNWQtNGY1YS04NjJj
LWI1NmFiMjgyYjFjNy8xLzNqdFFidHdMQjJKLTdjU3liTkUwaFVvaWpOay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvZGE3NjU4LWZlNWQtNGY1YS04NjJjLWI1NmFiMjgyYjFj
Ny8xLzEtOHVVZGxFbURaMkxBdk1kVzhmeDFkQ3dGNEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAQu9DAD
BAFb7MoDBAFb764DBAK5HOADBATVbXAwDQQCAAIwBwMFAyoENkAwDQYJKoZIhvcN
AQELBQADggEBAM2gM3XsKZ+/hGmMOZAm9myPZlmKnXvvwIxASfwwnU8rpGaafbln
j3OK1kJFttoTWc8H+RVUs/UarCUuD1xwGY5EJ7NaHy7xX5bMM+3U2ek+IZkkTiOV
DnJAxK+jRMp+0daoPBV5PqhlCp3aUb1ZTnWOxSk3/jamsyWYH7dZIHh/3WAdMESt
/+4S989M4LiCqAr1T/r93GOEk+FOgjKdXAiJe7peb21dhXK2BzVkm4Drt5pllGLF
2eL6AZ5/jMEFETZ3PHMw40Tx70sZXzCii1iD8JSM04so4ljUUmmNyqisXX8L6KhD
Pg/s7w4/Vg0OZDdV7QEBxJDvKhUXHKfE3Sw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:46 2024 by rpki-client on console-ams.rpki-client.org