Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bAEr2RCJbfeizW_qojL6V9Vqdvg.roa
File: bAEr2RCJbfeizW_qojL6V9Vqdvg.roa (raw, json)
Hash identifier: OCqet6Oq1UvZ7IBO0WSTsq5wT4vybsfOrms8t0HG0B8=
Subject key identifier: 6C:01:2B:D9:10:89:6D:F7:A2:CD:6F:EA:A2:32:FA:57:D5:6A:76:F8
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018A1D74AB6BBBADD3CFC9945A66B9DC3BB4
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bAEr2RCJbfeizW_qojL6V9Vqdvg.roa
Signing time: Tue 22 Aug 2023 13:34:59 +0000
ROA not before: Tue 22 Aug 2023 13:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Sep 2023 06:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:74:ab:6b:bb:ad:d3:cf:c9:94:5a:66:b9:dc:3b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Aug 22 13:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c012bd910896df7a2cd6feaa232fa57d56a76f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:47:62:b1:1e:cd:5c:a4:0d:2b:36:75:05:
21:6b:a3:f0:f1:7f:85:b0:68:77:d0:8f:13:a5:f7:
bf:71:b1:b7:17:37:f1:fc:64:62:53:c0:64:fa:cd:
de:ca:32:8f:e8:82:42:e4:87:99:3d:71:32:39:09:
fa:28:56:9c:b8:18:3c:cc:8f:3f:c7:65:16:db:d3:
6b:da:6b:15:c2:98:db:25:9e:b9:d4:0f:e2:03:7f:
44:12:e1:d8:bf:25:25:99:a8:bc:4e:1b:95:33:73:
f6:57:04:b9:2c:0f:99:3a:da:e7:77:6f:47:95:77:
96:96:99:ac:b7:3a:ef:ba:5d:8e:71:a9:bd:52:49:
5c:38:8f:32:65:68:57:d6:7b:b8:d1:44:6f:cd:9d:
ee:db:61:c4:f0:b2:57:14:28:eb:ad:1f:6e:0b:e5:
33:b1:23:5b:f8:a1:fd:cf:5b:ef:e2:86:f0:08:9e:
e9:d6:ff:bb:ef:e9:9f:70:f0:8e:2c:f0:8c:45:3d:
d7:78:d3:77:76:90:f9:50:14:ee:96:2e:53:c5:34:
d7:91:8c:a7:1b:82:92:20:a2:08:84:75:5a:5d:6d:
75:71:48:54:12:91:ef:e5:71:f2:d3:19:ec:37:ab:
1b:e1:0d:4a:c1:55:af:bd:fa:72:ad:c7:62:d1:06:
8e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:01:2B:D9:10:89:6D:F7:A2:CD:6F:EA:A2:32:FA:57:D5:6A:76:F8
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bAEr2RCJbfeizW_qojL6V9Vqdvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0/22
85.237.69.0-85.237.70.255
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
5c:ff:c3:3c:9c:e6:d5:d7:b6:66:9d:d3:4d:1b:c4:ea:97:52:
a9:22:f4:eb:78:78:bc:da:f5:15:7a:31:0f:5b:2e:8d:4d:28:
58:28:c5:77:41:05:a4:61:58:8a:31:45:aa:1f:cd:f9:a0:51:
e2:92:06:f2:9e:88:0a:22:12:d9:51:8c:bf:1b:8e:e8:fc:c6:
0d:f5:9f:77:31:38:0d:18:fe:ac:8e:75:1f:bc:7b:44:ef:44:
64:47:68:4f:c5:b4:58:44:f7:3e:76:82:1a:e9:92:56:30:0f:
72:d2:1c:77:f9:3c:4f:b3:33:cd:5a:48:d9:ba:ee:18:6b:61:
75:f5:f5:65:2b:80:31:1d:18:7c:53:70:d1:f1:00:3c:f5:af:
50:ce:e5:26:2a:87:bb:4c:ec:d7:dc:5a:4f:17:04:3d:dc:d1:
24:12:b4:ef:10:b1:9f:73:dd:92:b8:28:25:57:ce:9e:7b:a8:
de:e9:c0:f7:24:61:d2:ce:48:aa:81:a9:8c:2f:e5:ce:db:5b:
12:04:90:ec:5a:06:e7:e9:e5:d5:5e:5a:23:13:8b:ed:3f:7d:
f4:4c:bd:d9:ed:91:1c:ec:24:ee:ea:3d:6d:29:d5:c6:7d:2a:
1f:81:7e:91:bf:8c:68:c9:f2:7d:03:bc:96:38:82:73:54:82:
b3:c5:64:51
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYoddKtru63Tz8mUWma53Du0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwODIyMTMzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAxMmJkOTEwODk2ZGY3YTJjZDZmZWFhMjMyZmE1N2Q1NmE3NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX5HYrEezVykDSs2dQUha6Pw8X+F
sGh30I8Tpfe/cbG3Fzfx/GRiU8Bk+s3eyjKP6IJC5IeZPXEyOQn6KFacuBg8zI8/
x2UW29Nr2msVwpjbJZ651A/iA39EEuHYvyUlmai8ThuVM3P2VwS5LA+ZOtrnd29H
lXeWlpmstzrvul2Ocam9UklcOI8yZWhX1nu40URvzZ3u22HE8LJXFCjrrR9uC+Uz
sSNb+KH9z1vv4obwCJ7p1v+77+mfcPCOLPCMRT3XeNN3dpD5UBTuli5TxTTXkYyn
G4KSIKIIhHVaXW11cUhUEpHv5XHy0xnsN6sb4Q1KwVWvvfpyrcdi0QaOXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGwBK9kQiW33os1v6qIy+lfVanb4MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvYkFFcjJSQ0piZmVpeldfcW9qTDZWOVZxZHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVe1AMAwD
BABV7UUDBABV7UYwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAXP/D
PJzm1de2Zp3TTRvE6pdSqSL063h4vNr1FXoxD1sujU0oWCjFd0EFpGFYijFFqh/N
+aBR4pIG8p6ICiIS2VGMvxuO6PzGDfWfdzE4DRj+rI51H7x7RO9EZEdoT8W0WET3
PnaCGumSVjAPctIcd/k8T7MzzVpI2bruGGthdfX1ZSuAMR0YfFNw0fEAPPWvUM7l
JiqHu0zs19xaTxcEPdzRJBK07xCxn3PdkrgoJVfOnnuo3unA9yRh0s5IqoGpjC/l
zttbEgSQ7FoG5+nl1V5aIxOL7T999Ey92e2RHOwk7uo9bSnVxn0qH4F+kb+MaMny
fQO8ljiCc1SCs8VkUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org