Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tb_MfULWdUaFFj_Q4h7bbKWy7Js.roa
File: tb_MfULWdUaFFj_Q4h7bbKWy7Js.roa (raw, json)
Hash identifier: /SKcQGq9JfWI72WAoZIy/RBbcW5dB9iJ087La0/dasg=
Subject key identifier: B5:BF:CC:7D:42:D6:75:46:85:16:3F:D0:E2:1E:DB:6C:A5:B2:EC:9B
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 01856FF96CA2B13332E45E4DF6E7D50BAF0F
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tb_MfULWdUaFFj_Q4h7bbKWy7Js.roa
Signing time: Mon 02 Jan 2023 00:54:55 +0000
ROA not before: Mon 02 Jan 2023 00:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39251
IP address blocks: 85.130.74.0/24 maxlen: 24
85.130.72.0/22 maxlen: 22
85.130.73.0/24 maxlen: 24
85.130.72.0/24 maxlen: 24
85.130.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:6c:a2:b1:33:32:e4:5e:4d:f6:e7:d5:0b:af:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 00:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5bfcc7d42d6754685163fd0e21edb6ca5b2ec9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:21:cc:93:0a:54:1b:62:8f:15:c0:58:8c:
be:70:dd:b2:b4:42:b7:4f:dd:12:4d:7c:22:40:52:
9f:df:34:e1:17:bc:67:ad:de:92:c0:c3:5d:85:f4:
02:0a:31:f1:84:00:c3:9f:3e:c3:75:3d:74:00:c2:
89:2d:51:f4:6f:13:f8:06:ef:d0:44:1c:a5:e1:0b:
7e:27:47:ab:07:23:ab:be:d5:1f:b5:f9:c8:d5:b6:
08:92:ba:44:c6:7a:39:5e:37:9f:84:1e:a4:a4:2e:
3e:b8:ea:7c:f4:79:66:09:01:7b:65:b2:48:80:36:
a7:6a:82:36:f8:b7:65:8e:87:92:0b:17:96:f7:9c:
1a:f4:94:51:40:ba:f0:e3:b8:6f:ce:ee:59:cc:b9:
82:ea:a3:5e:77:37:dc:d7:05:5f:08:3d:d1:e3:bc:
4f:d5:a5:cf:bf:ae:80:ca:22:c0:4f:30:f8:57:0c:
9f:c6:89:f5:4e:35:5a:99:34:9c:fd:c9:de:ee:30:
b8:3c:ab:9a:f8:f9:6f:99:51:47:58:72:c4:c7:33:
cf:60:88:c9:d8:01:50:69:a0:8f:cf:0c:ae:ce:d5:
34:eb:6d:3d:bf:d6:fc:43:1e:96:f4:06:e2:f8:58:
f3:02:9e:57:0d:17:0a:c4:7e:25:44:da:ed:8b:33:
99:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BF:CC:7D:42:D6:75:46:85:16:3F:D0:E2:1E:DB:6C:A5:B2:EC:9B
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tb_MfULWdUaFFj_Q4h7bbKWy7Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.72.0/22
Signature Algorithm: sha256WithRSAEncryption
23:58:37:81:97:eb:9d:af:b8:2b:d0:70:60:54:2f:89:2a:4d:
3f:74:7b:21:76:89:60:57:69:b5:09:6d:85:77:e3:87:8a:bd:
2e:a7:4d:65:a4:16:b4:a1:8a:e8:37:77:e4:23:80:c2:25:fd:
cf:fa:ce:f4:fc:2b:61:b5:dc:96:6a:00:e4:76:37:6c:86:4c:
e7:e0:d7:21:73:91:e9:8d:da:79:2d:ba:1b:c6:4a:c2:e4:7f:
97:08:89:e4:a1:d7:d9:83:c2:59:d1:9c:2f:66:75:76:8d:2a:
b8:0f:54:2c:91:16:69:92:02:c5:68:1d:23:c7:29:18:c1:04:
09:24:ce:a2:21:d9:66:e9:87:5e:ad:5d:b6:d1:e9:c7:ff:c4:
e7:b7:d6:5c:29:02:e2:68:58:21:fa:d4:17:4c:01:0b:cc:4c:
3d:6e:11:92:52:3a:6d:ad:d5:b6:70:f2:27:4e:b0:d6:99:2e:
8d:1a:4a:77:77:aa:68:c9:fd:be:8d:24:fa:ce:13:9d:ed:7d:
72:c3:eb:5e:15:d0:4b:e2:6b:22:b0:27:e3:e7:f4:61:94:19:
ce:e6:ed:f4:f0:09:ba:af:0a:1c:13:ba:35:7e:42:11:64:09:
39:25:94:a8:83:8c:7a:07:8b:40:eb:c6:c8:fb:27:2d:31:a5:
e3:89:f8:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+WyisTMy5F5N9ufVC68PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJmY2M3ZDQyZDY3NTQ2ODUxNjNmZDBlMjFlZGI2Y2E1YjJlYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3AhzJMKVBtijxXAWIy+cN2ytEK3
T90STXwiQFKf3zThF7xnrd6SwMNdhfQCCjHxhADDnz7DdT10AMKJLVH0bxP4Bu/Q
RByl4Qt+J0erByOrvtUftfnI1bYIkrpExno5XjefhB6kpC4+uOp89HlmCQF7ZbJI
gDanaoI2+LdljoeSCxeW95wa9JRRQLrw47hvzu5ZzLmC6qNedzfc1wVfCD3R47xP
1aXPv66AyiLATzD4Vwyfxon1TjVamTSc/cne7jC4PKua+PlvmVFHWHLExzPPYIjJ
2AFQaaCPzwyuztU06209v9b8Qx6W9Abi+FjzAp5XDRcKxH4lRNrtizOZ+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLW/zH1C1nVGhRY/0OIe22ylsuybMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvdGJfTWZVTFdkVWFGRmpfUTRoN2JiS1d5N0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYJIMA0G
CSqGSIb3DQEBCwUAA4IBAQAjWDeBl+udr7gr0HBgVC+JKk0/dHshdolgV2m1CW2F
d+OHir0up01lpBa0oYroN3fkI4DCJf3P+s70/CthtdyWagDkdjdshkzn4Nchc5Hp
jdp5LbobxkrC5H+XCInkodfZg8JZ0ZwvZnV2jSq4D1QskRZpkgLFaB0jxykYwQQJ
JM6iIdlm6YderV220enH/8Tnt9ZcKQLiaFgh+tQXTAELzEw9bhGSUjptrdW2cPIn
TrDWmS6NGkp3d6poyf2+jST6zhOd7X1yw+teFdBL4msisCfj5/RhlBnO5u308Am6
rwocE7o1fkIRZAk5JZSog4x6B4tA68bI+yctMaXjifiY
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:01 2024 by rpki-client on console-fra.rpki-client.org