Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jEBXMyrg7z9belBZAJZhI09CJj4.roa
File: jEBXMyrg7z9belBZAJZhI09CJj4.roa (raw, json)
Hash identifier: NXMM2yIKhDWsj6Gm9rDEkcxtgRSmijPnRy5HSXixLuI=
Subject key identifier: 8C:40:57:33:2A:E0:EF:3F:5B:7A:50:59:00:96:61:23:4F:42:26:3E
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018598A3311DE7EEC42E27B76DC83868A6C8
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jEBXMyrg7z9belBZAJZhI09CJj4.roa
Signing time: Mon 09 Jan 2023 22:25:09 +0000
ROA not before: Mon 09 Jan 2023 22:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51714
IP address blocks: 85.117.241.0/24 maxlen: 24
192.144.32.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:98:a3:31:1d:e7:ee:c4:2e:27:b7:6d:c8:38:68:a6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 9 22:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c4057332ae0ef3f5b7a5059009661234f42263e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:79:c7:01:90:e1:a5:38:ed:4d:b0:d7:04:
d0:26:eb:44:f7:d2:29:b9:fc:fd:bf:28:7f:97:4e:
c8:68:19:3c:d9:11:28:70:aa:93:32:e4:95:28:8e:
31:80:ce:d9:21:da:f1:2b:02:ab:45:e8:3b:4e:52:
fd:c2:e1:21:da:db:23:40:32:d2:d0:b9:8b:ac:14:
e4:f1:53:7c:ec:f2:8d:5e:00:cf:01:77:54:24:3e:
f2:d5:60:2b:fa:2d:b1:35:7a:01:c3:d5:65:df:91:
d9:2f:46:a4:ea:ed:ea:54:19:eb:30:72:46:79:39:
e7:ef:5a:6a:8b:08:91:66:f2:dd:77:09:50:66:b2:
62:aa:45:fb:36:70:57:3f:38:75:b3:4a:79:bf:98:
e5:c6:ef:10:37:21:9b:92:86:e1:ff:e6:cc:ac:54:
be:01:5c:b1:78:16:21:f9:87:ad:8d:3b:ca:e0:d5:
fc:d8:c1:34:a8:2a:4d:3f:9f:40:cf:be:c1:8e:74:
68:db:95:98:57:a6:a7:2e:88:0a:6e:07:53:29:07:
5a:1a:08:13:fe:d0:21:8d:68:40:63:6c:eb:0c:27:
05:67:c3:08:ba:15:24:18:af:78:e6:51:e8:8d:18:
cc:d9:92:17:28:17:ac:47:24:46:cd:bb:49:28:54:
4d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:40:57:33:2A:E0:EF:3F:5B:7A:50:59:00:96:61:23:4F:42:26:3E
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jEBXMyrg7z9belBZAJZhI09CJj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
192.144.32.0/24
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
6d:8a:c6:d8:92:27:fd:f9:ff:dd:97:59:a6:c6:e3:70:c5:55:
a2:7a:fa:d1:67:25:fb:c6:bc:6d:6e:3b:74:66:26:d5:40:aa:
a5:48:d0:92:c1:06:c4:81:42:40:7c:8e:93:ec:c4:e7:73:2c:
9e:14:60:6b:19:e5:1e:f9:14:af:ec:32:c4:13:a0:ab:7d:74:
f7:f0:fc:80:fb:be:4c:6d:85:6b:11:db:cd:fd:82:ff:6d:c2:
bb:ab:2e:c2:fe:1f:63:6e:8a:6f:29:54:30:6b:b5:1c:c9:26:
96:6c:bc:56:db:cb:33:82:2e:ef:6a:93:db:99:74:72:4f:63:
ac:eb:04:2a:f0:af:fc:e5:29:8e:91:90:dd:b5:05:9b:29:57:
26:6d:fa:41:11:57:73:4b:69:62:e0:f0:bc:8f:48:90:2d:29:
ef:b9:7b:61:5f:5d:5f:30:7d:b7:df:ad:ae:a6:58:ab:2a:be:
6e:44:ee:3b:ed:11:49:1d:5b:c1:38:a2:5c:d7:a4:76:8c:20:
91:6d:e7:1d:07:c6:16:7d:6e:d4:59:8d:ea:7f:f2:39:b0:88:
ae:37:1f:b9:b7:51:9d:ab:5f:82:b1:ed:58:4c:d9:1f:93:c1:
1f:b4:2c:36:b2:a4:eb:06:3a:52:5d:05:4f:e0:75:03:86:38:
5a:7d:03:47
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYWYozEd5+7ELie3bcg4aKbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTA5MjIyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQwNTczMzJhZTBlZjNmNWI3YTUwNTkwMDk2NjEyMzRmNDIyNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9t5xwGQ4aU47U2w1wTQJutE99Ip
ufz9vyh/l07IaBk82REocKqTMuSVKI4xgM7ZIdrxKwKrReg7TlL9wuEh2tsjQDLS
0LmLrBTk8VN87PKNXgDPAXdUJD7y1WAr+i2xNXoBw9Vl35HZL0ak6u3qVBnrMHJG
eTnn71pqiwiRZvLddwlQZrJiqkX7NnBXPzh1s0p5v5jlxu8QNyGbkobh/+bMrFS+
AVyxeBYh+YetjTvK4NX82ME0qCpNP59Az77BjnRo25WYV6anLogKbgdTKQdaGggT
/tAhjWhAY2zrDCcFZ8MIuhUkGK945lHojRjM2ZIXKBesRyRGzbtJKFRNAwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIxAVzMq4O8/W3pQWQCWYSNPQiY+MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvakVCWE15cmc3ejliZWxCWkFKWmhJMDlDSmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAVXXxAwQA
wJAgMA8EAgACMAkDBwAqCf8AAQMwDQYJKoZIhvcNAQELBQADggEBAG2KxtiSJ/35
/92XWabG43DFVaJ6+tFnJfvGvG1uO3RmJtVAqqVI0JLBBsSBQkB8jpPsxOdzLJ4U
YGsZ5R75FK/sMsQToKt9dPfw/ID7vkxthWsR2839gv9twrurLsL+H2Nuim8pVDBr
tRzJJpZsvFbbyzOCLu9qk9uZdHJPY6zrBCrwr/zlKY6RkN21BZspVyZt+kERV3NL
aWLg8LyPSJAtKe+5e2FfXV8wfbffra6mWKsqvm5E7jvtEUkdW8E4olzXpHaMIJFt
5x0HxhZ9btRZjep/8jmwiK43H7m3UZ2rX4Kx7VhM2R+TwR+0LDaypOsGOlJdBU/g
dQOGOFp9A0c=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org