Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cIMfK-mr1CIGeOY4Y-fH-Rm7C_Q.roa
File: cIMfK-mr1CIGeOY4Y-fH-Rm7C_Q.roa (raw, json)
Hash identifier: oFAF5XYhlQfkI96A2z+DAe7o5A3dT+/XEuxgJpH8q9o=
Subject key identifier: 70:83:1F:2B:E9:AB:D4:22:06:78:E6:38:63:E7:C7:F9:19:BB:0B:F4
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018C5D355A299AE27363DE508B547140F609
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cIMfK-mr1CIGeOY4Y-fH-Rm7C_Q.roa
Signing time: Tue 12 Dec 2023 08:47:06 +0000
ROA not before: Tue 12 Dec 2023 08:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22781
IP address blocks: 85.237.72.0/22 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:35:5a:29:9a:e2:73:63:de:50:8b:54:71:40:f6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Dec 12 08:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70831f2be9abd4220678e63863e7c7f919bb0bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:da:54:d4:70:fb:85:2b:1c:41:e5:0b:83:fb:
3b:11:1d:fe:3d:64:ed:4a:59:d2:c0:2e:99:31:e3:
11:af:3b:9c:25:ce:b5:89:c6:38:af:66:e8:1f:6b:
ef:77:73:1a:80:ab:e6:3e:13:87:1a:af:81:09:7d:
b0:b1:b5:ea:05:6f:9c:62:80:ca:c5:bd:7a:9f:0e:
89:67:53:2f:35:a2:30:de:f2:3c:d7:60:60:bc:1a:
fa:46:8d:ff:f2:22:97:95:a0:66:3a:6c:ab:f3:4f:
84:c2:06:25:4f:dc:87:aa:0d:29:14:76:4e:0e:2d:
f9:ef:28:18:8e:ba:04:5a:0f:aa:f7:0f:72:36:18:
e5:ca:13:7a:e2:ff:43:f4:a9:27:61:7d:c0:f4:86:
64:ad:51:f2:89:79:9f:f9:78:c3:5f:f5:f3:71:d9:
7a:c8:26:9c:a9:c1:f3:82:da:cc:eb:78:35:fc:1e:
d5:f6:a3:9d:63:7d:e8:2b:5b:6e:f0:f4:2c:ac:ef:
e0:ae:2f:1a:8c:4e:b1:a6:43:cb:97:39:20:b2:de:
34:ca:39:86:8e:26:f8:75:29:ee:0c:fa:f7:70:7f:
0f:ec:a5:06:cf:10:a4:53:15:c9:65:b8:f3:c2:9c:
68:be:e4:91:7c:f3:46:a4:18:84:c8:04:ba:95:db:
c3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:83:1F:2B:E9:AB:D4:22:06:78:E6:38:63:E7:C7:F9:19:BB:0B:F4
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cIMfK-mr1CIGeOY4Y-fH-Rm7C_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/22
Signature Algorithm: sha256WithRSAEncryption
34:77:1b:b5:66:a2:94:8b:c6:8e:8a:f5:87:e7:16:9d:00:7b:
e9:68:de:bd:ac:3c:9d:1f:93:3b:b7:67:15:a1:4a:86:20:ea:
ce:84:50:52:b0:2a:da:12:9a:f4:28:68:69:7a:0b:f7:b5:f1:
b6:f3:b0:14:6a:de:a2:e2:70:98:62:44:22:37:c5:3d:85:8b:
b6:e2:dd:db:44:29:62:cf:51:83:a5:6e:29:87:3b:e0:78:73:
63:f8:58:3b:d2:ce:64:b1:34:24:28:1e:0c:ed:3a:b4:e8:90:
06:d3:c3:49:07:e1:6a:f4:e1:84:0e:f3:6e:4e:89:0f:cb:ea:
66:d4:b7:4f:7b:31:e8:fb:6f:4c:36:5c:b9:8d:56:88:f0:e9:
37:ed:69:6b:26:22:f0:51:6d:03:36:95:3f:15:45:ed:c9:66:
c3:ce:a0:43:9d:6c:bd:ca:b9:72:70:de:fd:66:db:ad:36:3c:
38:e6:10:e0:dd:47:29:a8:3f:14:28:b7:3d:7b:57:da:cf:51:
97:e7:e1:45:d0:76:b9:8a:32:6d:e5:27:72:f7:ed:84:6a:d7:
5b:96:62:4f:2a:9e:8b:48:19:f0:ea:b2:33:90:15:94:9d:df:
24:bc:2e:6c:9c:27:03:dd:fd:a9:7a:8c:ca:77:29:6e:d7:01:
55:94:4e:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxdNVopmuJzY95Qi1RxQPYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMxMjEyMDg0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgzMWYyYmU5YWJkNDIyMDY3OGU2Mzg2M2U3YzdmOTE5YmIwYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdpU1HD7hSscQeULg/s7ER3+PWTt
SlnSwC6ZMeMRrzucJc61icY4r2boH2vvd3MagKvmPhOHGq+BCX2wsbXqBW+cYoDK
xb16nw6JZ1MvNaIw3vI812BgvBr6Ro3/8iKXlaBmOmyr80+EwgYlT9yHqg0pFHZO
Di357ygYjroEWg+q9w9yNhjlyhN64v9D9KknYX3A9IZkrVHyiXmf+XjDX/Xzcdl6
yCacqcHzgtrM63g1/B7V9qOdY33oK1tu8PQsrO/gri8ajE6xpkPLlzkgst40yjmG
jib4dSnuDPr3cH8P7KUGzxCkUxXJZbjzwpxovuSRfPNGpBiEyAS6ldvDmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCDHyvpq9QiBnjmOGPnx/kZuwv0MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvY0lNZkstbXIxQ0lHZU9ZNFktZkgtUm03Q19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1IMA0G
CSqGSIb3DQEBCwUAA4IBAQA0dxu1ZqKUi8aOivWH5xadAHvpaN69rDydH5M7t2cV
oUqGIOrOhFBSsCraEpr0KGhpegv3tfG287AUat6i4nCYYkQiN8U9hYu24t3bRCli
z1GDpW4phzvgeHNj+Fg70s5ksTQkKB4M7Tq06JAG08NJB+Fq9OGEDvNuTokPy+pm
1LdPezHo+29MNly5jVaI8Ok37WlrJiLwUW0DNpU/FUXtyWbDzqBDnWy9yrlycN79
ZtutNjw45hDg3UcpqD8UKLc9e1faz1GX5+FF0Ha5ijJt5Sdy9+2EatdblmJPKp6L
SBnw6rIzkBWUnd8kvC5snCcD3f2peozKdylu1wFVlE7I
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:58 2024 by rpki-client on console-ams.rpki-client.org