Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/C3TC54h6iOGfTRG_uu6TfA30uGE.roa
File: C3TC54h6iOGfTRG_uu6TfA30uGE.roa (raw, json)
Hash identifier: sdECECk9Rol/VADQwqZAvnqWXaCxREfI8IqYBXWP1hY=
Subject key identifier: 0B:74:C2:E7:88:7A:88:E1:9F:4D:11:BF:BA:EE:93:7C:0D:F4:B8:61
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018BBDCF3DA0D2669D4D5CDAF8DB7CA9ABF1
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/C3TC54h6iOGfTRG_uu6TfA30uGE.roa
Signing time: Sat 11 Nov 2023 09:55:57 +0000
ROA not before: Sat 11 Nov 2023 09:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.237.72.0/22 maxlen: 24
85.237.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 08:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:cf:3d:a0:d2:66:9d:4d:5c:da:f8:db:7c:a9:ab:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Nov 11 09:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b74c2e7887a88e19f4d11bfbaee937c0df4b861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:f9:e3:10:d4:80:81:49:9c:52:92:f6:03:
e9:d3:68:0c:2d:2f:11:7a:62:3c:24:2b:3c:f1:58:
2c:d8:cb:bc:1b:81:5e:18:f1:48:1c:c6:48:cf:21:
ba:90:6d:40:6c:8a:9f:b2:4b:f0:37:8c:47:83:20:
c7:12:b8:fb:15:2d:8d:be:51:86:ea:7f:91:f3:b9:
1b:2e:0d:e4:80:20:56:96:42:c4:90:1d:ee:8f:ca:
26:3b:df:bd:de:e9:c2:cb:05:b9:31:c2:59:2f:8d:
3e:ae:e5:64:48:1f:d2:ea:c6:10:e5:e0:7b:29:3b:
98:75:16:6f:1c:48:05:3a:72:2b:bc:ef:d1:d4:d0:
fe:91:e1:e7:e8:d6:b3:23:49:98:a8:c9:1c:f5:82:
63:8a:ba:4a:24:e5:bd:ee:99:66:4d:5c:1c:92:38:
b9:e1:5a:0c:df:54:3d:73:6e:a3:57:85:68:d9:80:
0e:13:e2:0d:f8:fc:35:5c:74:47:b7:6b:71:95:59:
dc:4c:7e:e8:e2:42:53:62:84:d8:65:28:d0:e8:b7:
1c:5f:1d:fe:7d:7a:63:ec:f9:b6:a0:e0:5f:d7:3e:
67:2c:24:b1:56:31:7b:4f:2f:91:79:cf:b4:6a:4e:
92:ea:8f:c9:be:ac:07:fd:e5:78:1d:ec:b6:70:87:
4e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:74:C2:E7:88:7A:88:E1:9F:4D:11:BF:BA:EE:93:7C:0D:F4:B8:61
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/C3TC54h6iOGfTRG_uu6TfA30uGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/22
85.237.80.0/22
Signature Algorithm: sha256WithRSAEncryption
90:3d:db:4a:65:a0:16:c8:15:c4:c4:1a:d1:e9:0b:e6:f0:fb:
b2:8e:9f:05:ab:71:25:c1:d3:55:8e:29:26:f5:7a:9d:8c:e3:
01:0a:d4:3f:6a:1e:2f:90:30:35:69:ed:3c:35:69:c4:df:50:
16:3a:be:0b:8e:1e:ee:dd:f7:4f:92:24:70:21:ed:fb:a1:a5:
e3:cb:71:e4:17:58:eb:0f:99:30:a3:7d:d6:f1:02:df:0d:a5:
bb:0c:08:47:e4:db:0b:8a:6f:f8:ba:a6:95:07:d0:5c:a7:8e:
c2:73:ab:a5:45:3b:4b:11:13:7a:43:cd:c0:17:44:5f:c5:d5:
5e:86:43:24:03:46:c1:31:56:57:50:bd:33:19:51:a9:98:37:
11:fc:ba:00:8d:0b:54:57:cd:43:e4:61:54:10:ab:06:73:3b:
55:11:a6:02:47:fe:f7:db:a2:73:48:3f:4b:42:fc:ca:c7:b5:
47:d8:0f:0f:81:ba:3d:60:f6:31:4a:f4:75:70:e6:a6:ed:8b:
ee:6d:fd:7f:ab:dc:a3:e7:e7:02:4e:98:b8:31:43:cd:8a:19:
b0:e3:22:1d:21:d6:92:40:bb:20:9c:47:5d:07:dc:8a:fc:f5:
c7:f9:85:f8:03:d5:37:91:dc:f1:7b:19:8b:20:70:a1:ca:a5:
37:8b:e8:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu9zz2g0madTVza+Nt8qavxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMxMTExMDk1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc0YzJlNzg4N2E4OGUxOWY0ZDExYmZiYWVlOTM3YzBkZjRiODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno754xDUgIFJnFKS9gPp02gMLS8R
emI8JCs88Vgs2Mu8G4FeGPFIHMZIzyG6kG1AbIqfskvwN4xHgyDHErj7FS2NvlGG
6n+R87kbLg3kgCBWlkLEkB3uj8omO9+93unCywW5McJZL40+ruVkSB/S6sYQ5eB7
KTuYdRZvHEgFOnIrvO/R1ND+keHn6NazI0mYqMkc9YJjirpKJOW97plmTVwckji5
4VoM31Q9c26jV4Vo2YAOE+IN+Pw1XHRHt2txlVncTH7o4kJTYoTYZSjQ6LccXx3+
fXpj7Pm2oOBf1z5nLCSxVjF7Ty+Rec+0ak6S6o/JvqwH/eV4Hey2cIdO4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAt0wueIeojhn00Rv7ruk3wN9LhhMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvQzNUQzU0aDZpT0dmVFJHX3V1NlRmQTMwdUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe1IAwQC
Ve1QMA0GCSqGSIb3DQEBCwUAA4IBAQCQPdtKZaAWyBXExBrR6Qvm8Puyjp8Fq3El
wdNVjikm9XqdjOMBCtQ/ah4vkDA1ae08NWnE31AWOr4Ljh7u3fdPkiRwIe37oaXj
y3HkF1jrD5kwo33W8QLfDaW7DAhH5NsLim/4uqaVB9Bcp47Cc6ulRTtLERN6Q83A
F0RfxdVehkMkA0bBMVZXUL0zGVGpmDcR/LoAjQtUV81D5GFUEKsGcztVEaYCR/73
26JzSD9LQvzKx7VH2A8Pgbo9YPYxSvR1cOam7Yvubf1/q9yj5+cCTpi4MUPNihmw
4yIdIdaSQLsgnEddB9yK/PXH+YX4A9U3kdzxexmLIHChyqU3i+jB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org