Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XBHcBFpjNGnlHA-Yljb23ezaWvI.roa
File: XBHcBFpjNGnlHA-Yljb23ezaWvI.roa (raw, json)
Hash identifier: PMIDe1m54oplNgHWVLvl8leflNBjuOnC+HuP3idYi30=
Subject key identifier: 5C:11:DC:04:5A:63:34:69:E5:1C:0F:98:96:36:F6:DD:EC:DA:5A:F2
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0188BEBCCC66CACB8944D71397F82D00751D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XBHcBFpjNGnlHA-Yljb23ezaWvI.roa
Signing time: Thu 15 Jun 2023 11:07:04 +0000
ROA not before: Thu 15 Jun 2023 11:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/23 maxlen: 24
185.236.11.0/24 maxlen: 24
185.255.112.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:bc:cc:66:ca:cb:89:44:d7:13:97:f8:2d:00:75:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jun 15 11:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c11dc045a633469e51c0f989636f6ddecda5af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0a:31:56:87:77:db:ab:27:12:e1:02:f6:a3:
70:a3:f0:8d:fe:be:bb:63:f4:6c:5f:3d:e6:63:e3:
27:19:47:1c:56:6c:31:d0:dd:58:63:34:86:23:43:
f2:5c:1d:3a:85:1b:af:c8:81:ff:2e:bc:7e:2f:33:
5c:3b:b4:57:f7:fd:a3:06:a8:22:95:61:ab:01:cc:
06:4c:86:06:8f:c1:19:1c:f7:36:3f:7f:08:18:82:
42:e1:b6:2c:c0:92:28:34:21:b2:02:a1:ac:a0:46:
94:74:9e:b5:e5:e6:fc:c9:0c:24:34:8a:22:d1:96:
fb:47:44:a4:39:d8:82:4e:75:a3:b1:f5:5b:2a:70:
53:aa:b6:42:07:9d:de:a2:e5:c7:e6:fb:36:d5:6b:
7c:49:e8:23:cd:c7:29:81:41:1a:27:b1:ae:81:0a:
ec:7b:9a:2c:0f:eb:b6:02:4d:e6:57:c0:ae:c1:c4:
84:d5:ff:1b:16:b9:e0:be:76:dd:1e:73:cd:96:61:
c8:ce:51:eb:b5:43:20:0a:5d:ea:80:10:04:ad:13:
7a:d8:10:e9:0f:9e:14:7c:a4:5d:0c:02:39:e1:0c:
7f:c0:37:b1:24:75:54:ea:04:87:83:92:b4:88:ce:
14:21:77:39:0c:3a:04:e3:19:d3:f0:91:c4:ea:3b:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:11:DC:04:5A:63:34:69:E5:1C:0F:98:96:36:F6:DD:EC:DA:5A:F2
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XBHcBFpjNGnlHA-Yljb23ezaWvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.8.0/23
185.236.11.0/24
185.255.112.0/24
Signature Algorithm: sha256WithRSAEncryption
64:29:77:96:f6:8b:c2:25:d3:bf:a9:04:40:75:64:ec:b5:1b:
31:a4:11:16:1f:0b:f8:a8:da:c1:88:7d:0d:31:f3:24:69:13:
6d:22:b1:42:dd:b6:ce:2f:47:23:1f:c3:f7:cd:13:68:ce:c7:
a2:fe:d6:25:da:78:3c:6c:9a:9b:2a:f5:98:12:93:05:db:0c:
e3:51:d5:1e:1b:30:99:bb:de:79:dc:ed:bf:40:24:bb:5b:a1:
78:f5:fb:82:8e:17:28:0d:24:11:65:98:76:95:c6:85:1f:8a:
ec:53:a5:2d:d9:c7:5c:e1:6e:b6:43:f1:bf:d5:b1:00:16:8f:
92:94:59:2e:a3:7b:f0:b4:ed:07:e5:b3:e3:3a:2a:79:b3:4a:
79:7f:27:c0:bb:c6:df:94:fc:7f:dc:6c:ab:4b:de:ae:a6:73:
17:76:67:1f:2d:61:ca:9b:9f:af:9e:b6:37:f7:6e:3a:35:28:
ec:c5:b7:02:3b:f4:87:86:b8:01:27:2a:dc:78:e7:0d:89:32:
dc:95:79:0d:47:d0:a6:e1:7a:fc:60:c9:f9:cd:c8:42:32:9f:
73:b0:42:87:9a:ed:35:12:6a:57:4c:a1:f7:8f:06:01:e7:c9:
6b:2b:da:23:b4:5d:d1:63:dd:e2:9a:4c:d6:1d:a2:56:4f:ae:
3e:07:6d:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYi+vMxmysuJRNcTl/gtAHUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwNjE1MTEwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzExZGMwNDVhNjMzNDY5ZTUxYzBmOTg5NjM2ZjZkZGVjZGE1YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggoxVod326snEuEC9qNwo/CN/r67
Y/RsXz3mY+MnGUccVmwx0N1YYzSGI0PyXB06hRuvyIH/Lrx+LzNcO7RX9/2jBqgi
lWGrAcwGTIYGj8EZHPc2P38IGIJC4bYswJIoNCGyAqGsoEaUdJ615eb8yQwkNIoi
0Zb7R0SkOdiCTnWjsfVbKnBTqrZCB53eouXH5vs21Wt8SegjzccpgUEaJ7GugQrs
e5osD+u2Ak3mV8CuwcSE1f8bFrngvnbdHnPNlmHIzlHrtUMgCl3qgBAErRN62BDp
D54UfKRdDAI54Qx/wDexJHVU6gSHg5K0iM4UIXc5DDoE4xnT8JHE6jvdOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFwR3ARaYzRp5RwPmJY29t3s2lryMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvWEJIY0JGcGpOR25sSEEtWWxqYjIzZXphV3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXXzAwQB
uewIAwQAuewLAwQAuf9wMA0GCSqGSIb3DQEBCwUAA4IBAQBkKXeW9ovCJdO/qQRA
dWTstRsxpBEWHwv4qNrBiH0NMfMkaRNtIrFC3bbOL0cjH8P3zRNozsei/tYl2ng8
bJqbKvWYEpMF2wzjUdUeGzCZu9553O2/QCS7W6F49fuCjhcoDSQRZZh2lcaFH4rs
U6Ut2cdc4W62Q/G/1bEAFo+SlFkuo3vwtO0H5bPjOip5s0p5fyfAu8bflPx/3Gyr
S96upnMXdmcfLWHKm5+vnrY39246NSjsxbcCO/SHhrgBJyrceOcNiTLclXkNR9Cm
4Xr8YMn5zchCMp9zsEKHmu01EmpXTKH3jwYB58lrK9ojtF3RY93imkzWHaJWT64+
B23c
Generated at Tue Aug 1 01:09:04 2023 by rpki-client on console-fra.rpki-client.org