Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa
File: 0hYxoALqcL4EYBjYjjHfwaW_yI8.roa (raw, json)
Hash identifier: SxPMxzJfuDgwtQoSe8PrngeHcqO+eryDb/+3Y3g1iX8=
Subject key identifier: D2:16:31:A0:02:EA:70:BE:04:60:18:D8:8E:31:DF:C1:A5:BF:C8:8F
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 0188DD7E380B71F2358BFD4D275D6E46B02A
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa
Signing time: Wed 21 Jun 2023 10:26:56 +0000
ROA not before: Wed 21 Jun 2023 10:26:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 21 Aug 2023 14:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:7e:38:0b:71:f2:35:8b:fd:4d:27:5d:6e:46:b0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jun 21 10:26:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d21631a002ea70be046018d88e31dfc1a5bfc88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:d3:de:90:0d:a2:13:bb:7a:b8:79:61:a0:
62:f8:db:27:46:ec:39:de:52:03:dd:90:2e:73:2b:
ec:89:d7:8f:67:6b:43:7c:70:59:56:93:b3:c0:03:
db:e1:e5:48:9c:84:b4:82:3b:91:27:b2:87:37:91:
d9:5b:89:d2:a5:ff:63:9e:7d:95:6c:b7:76:12:90:
c9:04:a9:ef:e9:87:cc:01:76:aa:f8:df:89:ac:0f:
cd:56:51:e9:e6:77:c4:e3:53:89:b6:82:c7:90:69:
cb:ea:8a:0b:4d:61:39:39:cc:df:d6:dd:c4:32:b9:
41:74:6e:e5:fd:b5:be:9f:e9:04:63:7b:e3:90:6b:
6f:e4:7e:b5:11:48:49:5e:5b:06:3a:ac:e7:f9:4c:
0e:04:3e:15:8e:fc:13:b9:3c:a0:ca:39:b9:a9:c3:
dd:9e:7f:59:8a:69:0e:f2:57:0d:84:9e:e0:c8:23:
37:53:f1:7f:29:a1:00:25:04:21:cf:c1:e3:72:cb:
42:b8:30:70:76:ef:7f:2a:83:91:1e:e1:65:9d:7a:
27:8d:c4:b3:97:1c:41:58:b9:40:81:f5:71:81:65:
f8:0c:f8:55:f0:1e:e9:ec:59:77:c5:ab:6b:22:95:
07:33:1a:e1:d2:b9:6a:f3:10:c7:cd:43:ca:09:32:
c9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:16:31:A0:02:EA:70:BE:04:60:18:D8:8E:31:DF:C1:A5:BF:C8:8F
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0/22
85.237.69.0-85.237.70.255
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
64:0d:af:94:ca:30:32:55:20:d9:f6:6d:b1:c5:02:d8:2b:94:
ba:9f:0b:95:2d:55:61:c0:2b:9b:ff:b2:99:49:ca:84:dd:29:
56:96:4e:95:f1:c7:0d:47:a5:dc:5f:01:5c:73:da:31:66:bf:
64:a5:95:c0:8d:8c:c0:5e:b3:48:20:cb:ce:ae:34:24:9f:f8:
f2:4e:c5:58:ff:91:39:4a:4f:7f:e0:90:c1:0f:87:a4:0a:37:
8a:b3:19:a9:4f:6d:5b:fa:80:cc:0b:1f:18:17:62:fd:66:40:
d9:53:2a:f9:bc:a6:5d:bf:e2:7b:ff:55:73:be:35:3c:a3:f3:
c1:92:78:1e:77:6d:ff:f2:e7:82:f1:88:ad:19:f2:07:23:ee:
b3:a5:b5:f2:a4:75:8b:5c:82:de:27:2c:63:de:15:54:02:18:
85:45:0c:f6:01:eb:2f:25:b3:76:e7:4c:2e:2a:a2:55:ba:db:
68:42:4e:3a:ac:49:e8:87:9d:e5:3e:84:b8:07:0a:d0:09:cb:
53:af:5f:ea:d0:57:90:17:3b:b9:c6:e4:24:e2:3b:c8:3f:a2:
92:08:59:0e:09:81:e5:fb:c3:94:c0:8e:d0:33:22:62:7d:91:
94:6b:ed:72:91:34:a2:58:1a:61:d7:70:b2:b3:67:3e:c0:e6:
20:b3:49:77
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYjdfjgLcfI1i/1NJ11uRrAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNjIxMTAyNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE2MzFhMDAyZWE3MGJlMDQ2MDE4ZDg4ZTMxZGZjMWE1YmZjODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHPT3pANohO7erh5YaBi+NsnRuw5
3lID3ZAucyvsidePZ2tDfHBZVpOzwAPb4eVInIS0gjuRJ7KHN5HZW4nSpf9jnn2V
bLd2EpDJBKnv6YfMAXaq+N+JrA/NVlHp5nfE41OJtoLHkGnL6ooLTWE5Oczf1t3E
MrlBdG7l/bW+n+kEY3vjkGtv5H61EUhJXlsGOqzn+UwOBD4VjvwTuTygyjm5qcPd
nn9ZimkO8lcNhJ7gyCM3U/F/KaEAJQQhz8HjcstCuDBwdu9/KoORHuFlnXonjcSz
lxxBWLlAgfVxgWX4DPhV8B7p7Fl3xatrIpUHMxrh0rlq8xDHzUPKCTLJfQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNIWMaAC6nC+BGAY2I4x38Glv8iPMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvMGhZeG9BTHFjTDRFWUJqWWpqSGZ3YVdfeUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVe1AMAwD
BABV7UUDBABV7UYwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAZA2v
lMowMlUg2fZtscUC2CuUup8LlS1VYcArm/+ymUnKhN0pVpZOlfHHDUel3F8BXHPa
MWa/ZKWVwI2MwF6zSCDLzq40JJ/48k7FWP+ROUpPf+CQwQ+HpAo3irMZqU9tW/qA
zAsfGBdi/WZA2VMq+bymXb/ie/9Vc741PKPzwZJ4Hndt//LngvGIrRnyByPus6W1
8qR1i1yC3icsY94VVAIYhUUM9gHrLyWzdudMLiqiVbrbaEJOOqxJ6Ied5T6EuAcK
0AnLU69f6tBXkBc7ucbkJOI7yD+ikghZDgmB5fvDlMCO0DMiYn2RlGvtcpE0olga
YddwsrNnPsDmILNJdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org