Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/ZHn59UWaw87AeX0MO93-Ppj-khk.roa
File: ZHn59UWaw87AeX0MO93-Ppj-khk.roa (raw, json)
Hash identifier: f4PKxUdblH5lbHf8eep/peyM5ycFzq/TzVi0iWEIks0=
Subject key identifier: 64:79:F9:F5:45:9A:C3:CE:C0:79:7D:0C:3B:DD:FE:3E:98:FE:92:19
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 01889A7C37B6624B6EB1BCF215347B249560
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/ZHn59UWaw87AeX0MO93-Ppj-khk.roa
Signing time: Thu 08 Jun 2023 10:10:11 +0000
ROA not before: Thu 08 Jun 2023 10:10:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.68.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.72.0/21 maxlen: 21
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 14 Jun 2023 12:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:7c:37:b6:62:4b:6e:b1:bc:f2:15:34:7b:24:95:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jun 8 10:10:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6479f9f5459ac3cec0797d0c3bddfe3e98fe9219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:cf:b1:ee:6d:94:36:8c:96:96:dd:c7:e6:
90:cd:34:d0:cc:b3:e4:70:08:ab:f2:73:21:18:3a:
d9:d8:e5:c0:ca:7c:00:77:27:09:4a:77:cb:81:e2:
27:b0:36:99:4e:15:32:3a:5e:c8:0e:4c:98:5d:a1:
cf:75:e2:03:4f:fd:7b:6f:55:dd:73:af:71:a7:c3:
3c:53:b6:f2:f1:35:97:2f:b6:a0:4f:36:cb:0d:87:
df:93:79:2b:14:bb:cf:2a:eb:5c:3a:96:3d:7a:c1:
89:30:0e:6b:08:14:f8:fa:38:73:51:59:5c:da:f8:
0e:39:44:fe:93:19:26:56:4a:a6:8c:d8:88:4f:10:
63:f9:6f:4e:42:f5:45:6e:55:6e:5b:bd:8d:bc:f6:
73:28:b9:88:17:d1:c9:fa:77:29:6a:11:eb:80:dc:
cc:3a:51:a5:dc:41:98:d1:7d:d6:38:68:94:5e:0b:
eb:8f:35:78:a8:bd:71:d8:56:09:93:ce:82:4c:df:
65:80:b4:be:43:28:04:fc:ac:a2:6e:a2:5e:46:8b:
d3:8d:0f:a5:07:fe:7d:81:2c:8c:a8:4f:e6:b4:0e:
5a:a9:3c:c5:aa:b6:10:24:ed:c5:da:40:a7:fd:3a:
10:a3:df:7b:70:db:73:11:a2:e0:fb:09:7c:c5:30:
80:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:79:F9:F5:45:9A:C3:CE:C0:79:7D:0C:3B:DD:FE:3E:98:FE:92:19
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/ZHn59UWaw87AeX0MO93-Ppj-khk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0-85.237.70.255
85.237.72.0/21
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
38:ea:32:f6:62:f2:00:2d:7c:5a:ec:d6:a6:c1:a5:05:31:ef:
54:6c:cf:98:ff:d8:74:f9:36:c8:ad:b0:44:c6:b6:39:6e:90:
ff:3d:76:42:a8:8d:30:6d:15:3a:0f:18:bf:e3:d0:79:af:ed:
aa:b0:74:8c:ca:7e:59:ea:02:37:a9:cc:51:32:85:53:8b:15:
2c:6b:bf:1d:29:10:ee:de:70:3f:25:68:15:f8:a1:b5:c1:25:
01:62:b3:76:6f:12:d2:89:83:74:e9:a7:81:a1:51:50:c8:3c:
1f:04:ce:67:7d:5c:ed:b3:80:52:38:a8:b0:94:95:e2:51:13:
93:ae:45:91:75:b4:e2:6c:a8:13:8a:15:63:c6:7b:df:a5:f1:
04:af:1c:b0:4c:03:df:1e:36:93:bf:ed:01:a4:da:0d:bf:87:
2f:54:54:b5:ee:29:73:a8:74:c8:cc:20:43:3b:cc:9b:28:85:
25:3b:3b:19:c4:42:48:14:4d:0f:82:b3:04:f2:a1:e1:e6:59:
a5:25:21:d5:13:f6:58:c5:ad:1a:11:98:5a:5f:a1:ca:4e:96:
30:d9:35:bb:b4:d2:af:1c:36:bc:ce:bf:2a:25:4d:51:76:77:
b1:1d:99:67:f1:c5:b4:d2:3a:1f:07:48:c8:b3:b5:a6:e2:55:
f4:f8:1a:1c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYiafDe2YktusbzyFTR7JJVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNjA4MTAxMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc5ZjlmNTQ1OWFjM2NlYzA3OTdkMGMzYmRkZmUzZTk4ZmU5MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/jPse5tlDaMlpbdx+aQzTTQzLPk
cAir8nMhGDrZ2OXAynwAdycJSnfLgeInsDaZThUyOl7IDkyYXaHPdeIDT/17b1Xd
c69xp8M8U7by8TWXL7agTzbLDYffk3krFLvPKutcOpY9esGJMA5rCBT4+jhzUVlc
2vgOOUT+kxkmVkqmjNiITxBj+W9OQvVFblVuW72NvPZzKLmIF9HJ+ncpahHrgNzM
OlGl3EGY0X3WOGiUXgvrjzV4qL1x2FYJk86CTN9lgLS+QygE/KyibqJeRovTjQ+l
B/59gSyMqE/mtA5aqTzFqrYQJO3F2kCn/ToQo997cNtzEaLg+wl8xTCACwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGR5+fVFmsPOwHl9DDvd/j6Y/pIZMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvWkhuNTlVV2F3ODdBZVgwTU85My1QcGota2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAZV7UAD
BABV7UYDBANV7UgwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAOOoy
9mLyAC18WuzWpsGlBTHvVGzPmP/YdPk2yK2wRMa2OW6Q/z12QqiNMG0VOg8Yv+PQ
ea/tqrB0jMp+WeoCN6nMUTKFU4sVLGu/HSkQ7t5wPyVoFfihtcElAWKzdm8S0omD
dOmngaFRUMg8HwTOZ31c7bOAUjiosJSV4lETk65FkXW04myoE4oVY8Z736XxBK8c
sEwD3x42k7/tAaTaDb+HL1RUte4pc6h0yMwgQzvMmyiFJTs7GcRCSBRND4KzBPKh
4eZZpSUh1RP2WMWtGhGYWl+hyk6WMNk1u7TSrxw2vM6/KiVNUXZ3sR2ZZ/HFtNI6
HwdIyLO1puJV9PgaHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org