Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/e6hbRVuoGoinols5i09yTlPMb9g.roa
File: e6hbRVuoGoinols5i09yTlPMb9g.roa (raw, json)
Hash identifier: PY6H0UpWYzvREy/OVpUqmg8ckIJkdKUujB1BmWdG/gw=
Subject key identifier: 7B:A8:5B:45:5B:A8:1A:88:A7:A2:5B:39:8B:4F:72:4E:53:CC:6F:D8
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01875435A4C92FA98BA4BF71D31711AFA2F6
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/e6hbRVuoGoinols5i09yTlPMb9g.roa
Signing time: Thu 06 Apr 2023 01:36:54 +0000
ROA not before: Thu 06 Apr 2023 01:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 85.28.57.0/24 maxlen: 24
85.28.58.0/24 maxlen: 24
85.28.56.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/24 maxlen: 24
85.28.60.0/22 maxlen: 22
109.238.205.0/24 maxlen: 24
109.238.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:54:35:a4:c9:2f:a9:8b:a4:bf:71:d3:17:11:af:a2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Apr 6 01:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ba85b455ba81a88a7a25b398b4f724e53cc6fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:85:18:13:1a:65:94:20:0f:c4:dd:a5:2a:59:
27:45:e3:fd:ba:0d:d4:d9:f4:2d:62:dd:f2:3a:7e:
09:81:28:4e:6e:cc:7f:86:8a:47:51:e9:46:62:d8:
e8:d8:37:9e:ed:3e:d4:67:39:9b:99:a7:46:af:3e:
80:6f:37:87:e1:04:8c:f7:2f:4f:8c:f2:87:0b:e5:
aa:62:da:2a:45:a1:a2:25:b5:f6:05:bc:45:75:5e:
bc:e2:41:4f:7f:29:c0:62:20:33:6d:f7:5d:5e:b7:
f2:0a:4e:bb:de:6e:16:aa:bb:6e:f7:a8:1f:6b:31:
34:72:21:4d:9c:ed:91:4f:f6:01:ef:e1:fd:d1:c4:
fa:4b:b2:c7:96:8a:e1:74:91:64:28:cb:97:81:fa:
3b:e7:98:0c:9e:73:3f:b4:6f:4a:b9:ed:fd:64:04:
f3:57:62:1e:a6:87:da:7f:13:27:30:d5:e9:b4:d5:
b0:46:6d:c2:f3:cf:ec:6d:bf:1f:e9:22:29:02:26:
f8:e4:d6:20:0c:e1:dd:c6:41:34:b5:a0:54:89:d9:
40:db:e6:2f:bb:b4:0f:6c:8b:9a:78:ab:38:d3:cc:
c0:3e:76:dc:89:58:c2:85:b0:86:4c:46:ae:80:1d:
94:bc:62:c1:08:41:c1:44:66:e4:79:34:6a:77:9d:
58:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A8:5B:45:5B:A8:1A:88:A7:A2:5B:39:8B:4F:72:4E:53:CC:6F:D8
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/e6hbRVuoGoinols5i09yTlPMb9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/21
109.238.200.0/24
109.238.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:62:ca:ed:28:25:03:d0:50:47:65:93:40:78:c2:1e:46:15:
d5:5f:84:ec:55:cd:43:d9:df:2c:d8:ab:a7:aa:cf:49:05:5c:
43:06:de:90:a0:1a:e3:3f:8a:8d:34:da:db:a4:b6:18:4f:72:
87:d8:69:35:11:c1:8f:70:87:f2:97:89:d0:b7:b1:07:8c:d6:
f8:cb:e9:07:d3:b2:6e:2e:88:28:8f:15:10:d9:89:03:9b:1f:
f3:cc:c7:0a:16:8e:68:4f:94:87:26:d1:f8:20:be:0a:25:62:
15:c6:0c:1d:4a:d9:cb:35:9d:65:dd:15:01:29:24:f3:56:b6:
a2:d4:99:f4:2c:e5:95:c7:49:d2:fc:bb:89:0e:5a:29:d8:d4:
29:ff:fc:1f:c0:31:50:79:fa:eb:cc:90:3d:d0:0f:34:b5:ea:
cd:b1:1c:7a:62:60:cf:75:cf:81:54:b4:78:b0:d5:2c:6e:28:
af:5e:fc:c3:38:73:5e:53:ba:6c:5f:83:c1:0c:c7:50:0a:fd:
11:74:30:db:1c:14:50:fc:4d:71:dd:9c:53:b5:fa:f6:3c:84:
b5:28:12:34:9c:86:ab:47:d6:d9:37:cc:a7:cd:c4:67:b0:a0:
63:6e:13:fb:f5:11:53:91:fb:e2:57:81:a4:ed:3c:da:9c:77:
42:9a:72:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdUNaTJL6mLpL9x0xcRr6L2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwNDA2MDEzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmE4NWI0NTViYTgxYTg4YTdhMjViMzk4YjRmNzI0ZTUzY2M2ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYUYExpllCAPxN2lKlknReP9ug3U
2fQtYt3yOn4JgShObsx/hopHUelGYtjo2Dee7T7UZzmbmadGrz6AbzeH4QSM9y9P
jPKHC+WqYtoqRaGiJbX2BbxFdV684kFPfynAYiAzbfddXrfyCk673m4Wqrtu96gf
azE0ciFNnO2RT/YB7+H90cT6S7LHlorhdJFkKMuXgfo755gMnnM/tG9Kue39ZATz
V2IepofafxMnMNXptNWwRm3C88/sbb8f6SIpAib45NYgDOHdxkE0taBUidlA2+Yv
u7QPbIuaeKs408zAPnbciVjChbCGTEaugB2UvGLBCEHBRGbkeTRqd51YGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHuoW0VbqBqIp6JbOYtPck5TzG/YMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvZTZoYlJWdW9Hb2lub2xzNWkwOXlUbFBNYjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVRw4AwQA
be7IAwQAbe7NMA0GCSqGSIb3DQEBCwUAA4IBAQCcYsrtKCUD0FBHZZNAeMIeRhXV
X4TsVc1D2d8s2Kunqs9JBVxDBt6QoBrjP4qNNNrbpLYYT3KH2Gk1EcGPcIfyl4nQ
t7EHjNb4y+kH07JuLogojxUQ2YkDmx/zzMcKFo5oT5SHJtH4IL4KJWIVxgwdStnL
NZ1l3RUBKSTzVrai1Jn0LOWVx0nS/LuJDlop2NQp//wfwDFQefrrzJA90A80terN
sRx6YmDPdc+BVLR4sNUsbiivXvzDOHNeU7psX4PBDMdQCv0RdDDbHBRQ/E1x3ZxT
tfr2PIS1KBI0nIarR9bZN8ynzcRnsKBjbhP79RFTkfviV4Gk7TzanHdCmnI0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org