Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/NmlVNBLoBJLNP49Hik6ZF4MG4aY.roa
File: NmlVNBLoBJLNP49Hik6ZF4MG4aY.roa (raw, json)
Hash identifier: MFo9gnnwq1sX/wcn1Eyih8Lo59IavOcFLWmhVSqsxUs=
Subject key identifier: 36:69:55:34:12:E8:04:92:CD:3F:8F:47:8A:4E:99:17:83:06:E1:A6
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 0188B9E43FEB40042D3D76862877EC34705A
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/NmlVNBLoBJLNP49Hik6ZF4MG4aY.roa
Signing time: Wed 14 Jun 2023 12:32:03 +0000
ROA not before: Wed 14 Jun 2023 12:32:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.68.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.76.0/22 maxlen: 22
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 14 Jun 2023 20:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:e4:3f:eb:40:04:2d:3d:76:86:28:77:ec:34:70:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jun 14 12:32:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3669553412e80492cd3f8f478a4e99178306e1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:71:00:4e:4d:1b:fd:bf:09:d5:83:3e:1a:
3e:03:57:dd:50:70:0a:28:9c:e0:55:c9:b7:6c:28:
ee:e9:d2:d8:8e:4b:69:e3:cb:a5:76:98:48:28:a8:
8e:ac:e1:f2:1c:83:33:c3:cc:06:2b:d8:97:92:bf:
68:ed:17:21:78:2a:09:e3:2b:cc:af:40:3c:a1:c5:
48:e3:bf:4d:ed:5a:40:ad:b6:1c:ac:58:4e:3e:f8:
b1:36:c6:c8:99:67:29:42:3b:ee:7c:50:e6:8a:c4:
c7:0d:48:13:ab:e4:13:53:47:29:4e:86:dd:3c:4f:
66:05:d4:37:09:90:60:5d:83:d7:a1:dc:74:4d:06:
75:98:7c:e9:bb:9e:04:b5:15:f7:91:b9:aa:fa:3a:
e5:66:d6:d5:1e:e0:85:05:b7:d8:eb:77:6e:cc:fd:
2d:41:88:01:e5:ed:f7:23:fa:ff:7a:d6:95:c7:2b:
db:57:b2:8e:4a:bd:d3:f5:ae:3d:2f:cd:9f:e2:59:
3b:46:1f:c8:1e:0a:75:cc:ff:64:5b:0a:71:0b:1a:
30:ef:64:5a:ad:3f:b4:30:43:e4:72:d0:37:53:91:
1c:b5:df:1a:dd:15:81:22:00:29:de:81:18:d6:9c:
f3:c1:14:b6:19:cf:5e:f7:d6:c2:24:76:c6:5d:5c:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:69:55:34:12:E8:04:92:CD:3F:8F:47:8A:4E:99:17:83:06:E1:A6
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/NmlVNBLoBJLNP49Hik6ZF4MG4aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0-85.237.70.255
85.237.76.0/22
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
6e:6b:03:9d:e1:98:b1:79:f7:f4:01:75:81:ba:51:32:09:cf:
e6:ac:7a:c7:d7:1b:c4:0a:63:b5:c1:0e:b5:21:c0:97:eb:30:
ae:1e:42:c5:5f:41:25:3d:bd:5b:11:ef:3e:99:b6:ec:cb:dc:
da:cb:1d:be:61:20:31:8a:5b:3f:74:a4:09:e0:64:aa:77:73:
68:b5:17:06:32:3e:d8:0e:a4:4e:7a:38:ab:e1:0c:b6:c8:51:
ec:7b:1a:74:62:d4:19:d3:f8:14:5b:d8:fd:5c:f7:ed:40:26:
4e:ac:01:4a:48:e3:21:9c:4d:ca:cb:32:c9:12:9e:8d:42:0a:
f3:91:86:d0:c5:fa:b6:f9:1f:5d:cf:f3:fc:e5:a9:1b:ca:27:
dc:8b:33:28:c1:7c:3b:20:54:59:8b:54:f9:c9:bd:e6:f3:c7:
c3:11:35:a0:5d:4d:65:41:58:0d:a5:9d:d3:1e:2b:6c:5e:d9:
e1:33:a7:23:3a:bd:ea:00:df:3a:b4:4c:1a:64:d0:88:19:c9:
30:67:a0:6e:4f:40:6f:78:52:28:39:f8:7f:2c:08:e2:93:22:
14:5b:ae:09:50:36:d2:5c:bc:db:69:bb:27:5d:8f:22:50:1f:
c7:94:5f:ea:39:af:03:f1:e7:d4:59:8a:e4:18:5f:49:cb:bd:
77:ab:3e:65
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYi55D/rQAQtPXaGKHfsNHBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNjE0MTIzMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjY5NTUzNDEyZTgwNDkyY2QzZjhmNDc4YTRlOTkxNzgzMDZlMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV5xAE5NG/2/CdWDPho+A1fdUHAK
KJzgVcm3bCju6dLYjktp48uldphIKKiOrOHyHIMzw8wGK9iXkr9o7RcheCoJ4yvM
r0A8ocVI479N7VpArbYcrFhOPvixNsbImWcpQjvufFDmisTHDUgTq+QTU0cpTobd
PE9mBdQ3CZBgXYPXodx0TQZ1mHzpu54EtRX3kbmq+jrlZtbVHuCFBbfY63duzP0t
QYgB5e33I/r/etaVxyvbV7KOSr3T9a49L82f4lk7Rh/IHgp1zP9kWwpxCxow72Ra
rT+0MEPkctA3U5Ectd8a3RWBIgAp3oEY1pzzwRS2Gc9e99bCJHbGXVwnGwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDZpVTQS6ASSzT+PR4pOmReDBuGmMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvTm1sVk5CTG9CSkxOUDQ5SGlrNlpGNE1HNGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAZV7UAD
BABV7UYDBAJV7UwwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAbmsD
neGYsXn39AF1gbpRMgnP5qx6x9cbxApjtcEOtSHAl+swrh5CxV9BJT29WxHvPpm2
7Mvc2ssdvmEgMYpbP3SkCeBkqndzaLUXBjI+2A6kTno4q+EMtshR7HsadGLUGdP4
FFvY/Vz37UAmTqwBSkjjIZxNyssyyRKejUIK85GG0MX6tvkfXc/z/OWpG8on3Isz
KMF8OyBUWYtU+cm95vPHwxE1oF1NZUFYDaWd0x4rbF7Z4TOnIzq96gDfOrRMGmTQ
iBnJMGegbk9Ab3hSKDn4fywI4pMiFFuuCVA20ly822m7J12PIlAfx5Rf6jmvA/Hn
1FmK5BhfScu9d6s+ZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org