Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/1tFGqUzwu7CCcpfmradpEOZm6UQ.roa
File: 1tFGqUzwu7CCcpfmradpEOZm6UQ.roa (raw, json)
Hash identifier: x0bUkJ97zEkOYAe5Qmn9IbZ5qxsXctRKEdzI//JAu7Y=
Subject key identifier: D6:D1:46:A9:4C:F0:BB:B0:82:72:97:E6:AD:A7:69:10:E6:66:E9:44
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018596333FEA629EA6967E5DB87DEF7E39F2
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/1tFGqUzwu7CCcpfmradpEOZm6UQ.roa
Signing time: Mon 09 Jan 2023 11:03:39 +0000
ROA not before: Mon 09 Jan 2023 11:03:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3214
IP address blocks: 85.237.72.0/21 maxlen: 24
85.237.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 11:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:33:3f:ea:62:9e:a6:96:7e:5d:b8:7d:ef:7e:39:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jan 9 11:03:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d146a94cf0bbb0827297e6ada76910e666e944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:55:14:2d:62:71:2c:44:e4:a0:28:83:5c:
71:b0:13:fb:58:6e:83:c3:e2:bd:44:f9:3c:46:dc:
b4:53:db:e2:41:c6:e3:6d:45:c9:66:5f:ec:f0:e1:
39:1e:fb:f2:29:e1:95:12:7b:9d:ec:32:35:0c:41:
a0:c7:fd:41:35:74:28:59:6d:53:9f:fa:52:d0:94:
2d:d3:16:3e:3c:e8:db:2b:9b:a4:18:55:28:b4:5b:
82:e5:b8:81:df:cd:8f:e2:10:94:03:b4:fc:63:43:
47:be:44:0d:13:36:39:61:a7:6d:d1:ab:eb:7f:86:
c1:6d:91:0a:28:13:83:54:b5:6c:7b:7a:05:27:10:
d0:63:5d:2b:e6:fb:e0:1f:49:7b:77:36:36:de:ee:
c1:4f:a2:56:41:07:97:52:34:d5:d9:99:fa:d8:42:
76:81:9d:85:4a:7e:04:cd:91:42:bc:e6:3f:81:e9:
c6:b3:81:ce:45:37:5f:bc:b6:62:b7:b7:f1:b3:66:
cd:ac:a4:ca:20:48:49:81:a4:d3:3b:af:a4:e0:87:
c1:65:0c:41:2f:b2:30:1b:71:82:76:9b:b8:d8:39:
a9:b7:9e:e4:b6:eb:5a:85:c1:e4:04:29:0d:b3:87:
95:83:3a:59:43:12:59:c7:6a:8a:9b:54:07:39:88:
6e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D1:46:A9:4C:F0:BB:B0:82:72:97:E6:AD:A7:69:10:E6:66:E9:44
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/1tFGqUzwu7CCcpfmradpEOZm6UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/21
85.237.92.0/22
Signature Algorithm: sha256WithRSAEncryption
38:bf:a3:b0:6d:a5:0c:5f:9d:71:3c:e5:3f:af:73:03:dc:bc:
06:1e:0b:4b:ce:37:b0:c4:fa:7c:ea:00:25:c4:93:47:51:0d:
3f:27:c9:0e:a3:46:d9:ed:8d:f3:00:ec:37:e7:2b:13:10:ec:
12:e9:90:56:e8:9b:d3:7d:62:5b:79:cf:06:cf:0d:d4:a3:64:
bb:b3:b2:9e:70:f2:63:ef:79:b2:ed:df:84:94:28:2c:42:c5:
9b:de:ba:f1:7c:d3:ee:5c:71:5c:e8:de:67:ff:9f:48:6c:a4:
16:90:a2:d0:91:8a:c5:3c:18:97:9b:3c:46:d1:c5:6e:30:71:
14:a1:87:e1:75:34:32:62:14:90:4d:94:75:d4:67:25:61:c3:
05:b5:de:00:e6:3d:ff:6f:86:00:fb:73:9c:62:e9:fd:b0:2d:
3c:ec:86:48:a3:93:13:96:85:e1:6a:e4:be:cf:3b:a8:8c:41:
cd:fe:b1:98:cb:f8:5c:5e:89:fb:4f:da:0c:b6:e6:09:c9:0c:
05:30:b3:99:e5:cc:1c:48:7c:7c:43:9b:24:7b:3b:1c:46:4c:
1d:c4:ba:16:50:0a:eb:9f:f1:1a:b6:dc:0d:e4:ca:79:10:03:
85:99:1b:38:9b:5d:58:92:2e:f8:5c:80:ba:4a:dc:f3:ab:5a:
1b:d5:3c:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWWMz/qYp6mln5duH3vfjnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwMTA5MTEwMzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQxNDZhOTRjZjBiYmIwODI3Mjk3ZTZhZGE3NjkxMGU2NjZlOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUtVFC1icSxE5KAog1xxsBP7WG6D
w+K9RPk8Rty0U9viQcbjbUXJZl/s8OE5HvvyKeGVEnud7DI1DEGgx/1BNXQoWW1T
n/pS0JQt0xY+POjbK5ukGFUotFuC5biB382P4hCUA7T8Y0NHvkQNEzY5Yadt0avr
f4bBbZEKKBODVLVse3oFJxDQY10r5vvgH0l7dzY23u7BT6JWQQeXUjTV2Zn62EJ2
gZ2FSn4EzZFCvOY/genGs4HORTdfvLZit7fxs2bNrKTKIEhJgaTTO6+k4IfBZQxB
L7IwG3GCdpu42Dmpt57ktutahcHkBCkNs4eVgzpZQxJZx2qKm1QHOYhuGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNbRRqlM8LuwgnKX5q2naRDmZulEMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvMXRGR3FVend1N0NDY3BmbXJhZHBFT1ptNlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVe1IAwQC
Ve1cMA0GCSqGSIb3DQEBCwUAA4IBAQA4v6OwbaUMX51xPOU/r3MD3LwGHgtLzjew
xPp86gAlxJNHUQ0/J8kOo0bZ7Y3zAOw35ysTEOwS6ZBW6JvTfWJbec8Gzw3Uo2S7
s7KecPJj73my7d+ElCgsQsWb3rrxfNPuXHFc6N5n/59IbKQWkKLQkYrFPBiXmzxG
0cVuMHEUoYfhdTQyYhSQTZR11GclYcMFtd4A5j3/b4YA+3OcYun9sC087IZIo5MT
loXhauS+zzuojEHN/rGYy/hcXon7T9oMtuYJyQwFMLOZ5cwcSHx8Q5skezscRkwd
xLoWUArrn/EattwN5Mp5EAOFmRs4m11Yki74XIC6Stzzq1ob1Typ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org