Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cZ8sbtjF4yYnb5ucpS1e7OyDwDA.roa
File: cZ8sbtjF4yYnb5ucpS1e7OyDwDA.roa (raw, json)
Hash identifier: HoLOZsF0K178yZlRMgVkLXLd4jLT1ycTnfqlIY9w4f8=
Subject key identifier: 71:9F:2C:6E:D8:C5:E3:26:27:6F:9B:9C:A5:2D:5E:EC:EC:83:C0:30
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 0189CF2AD834DD80D6239053E7688313E8FB
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cZ8sbtjF4yYnb5ucpS1e7OyDwDA.roa
Signing time: Mon 07 Aug 2023 08:43:58 +0000
ROA not before: Mon 07 Aug 2023 08:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.237.72.0/22 maxlen: 22
85.237.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 11:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:2a:d8:34:dd:80:d6:23:90:53:e7:68:83:13:e8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Aug 7 08:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=719f2c6ed8c5e326276f9b9ca52d5eecec83c030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ac:11:fc:d8:af:c4:a0:89:ce:5c:0f:b3:ee:
a9:f3:37:c1:f3:89:51:c4:6c:04:8d:5f:78:09:fb:
b6:fe:8e:6a:40:f8:3a:a7:5e:ed:cc:8d:f8:b6:96:
c4:df:8b:31:e3:d1:34:a9:26:17:bb:75:e9:bf:02:
11:be:59:98:4f:33:10:1a:3f:da:da:59:f4:32:2e:
e1:4b:6d:0b:ad:36:6c:de:ce:54:f5:57:fe:bd:1e:
86:09:23:6a:1b:db:b5:2c:e6:1e:ea:5a:7d:28:95:
20:68:1c:c9:7b:17:2c:73:b2:47:4b:d9:ad:22:43:
d0:d1:2f:78:3c:d4:5e:a6:44:2d:19:be:77:0f:b6:
f4:04:dc:45:af:d5:ae:42:b4:d7:16:d1:af:88:66:
97:30:ee:2b:44:77:fe:97:f4:b8:f1:99:a1:e7:a3:
fc:c2:5a:ff:57:0f:68:34:7c:56:7b:f8:55:5d:53:
b9:9f:99:40:98:a2:c3:bd:3d:5d:74:fd:6b:9d:06:
7e:65:3f:1e:f7:97:e3:ba:b8:1c:fb:a9:b6:4a:33:
62:b8:18:81:52:03:07:1f:e0:35:b4:48:08:d9:d6:
44:11:46:66:b0:0b:90:9e:a8:38:bf:94:e3:88:d1:
f3:3a:1f:73:ee:94:2c:50:1a:52:72:e2:b5:be:0b:
17:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9F:2C:6E:D8:C5:E3:26:27:6F:9B:9C:A5:2D:5E:EC:EC:83:C0:30
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/cZ8sbtjF4yYnb5ucpS1e7OyDwDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/22
85.237.89.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ae:a1:d7:dc:db:22:5a:6a:aa:f6:32:f3:9d:3b:80:23:11:
ce:71:55:6a:c6:89:60:d4:72:c9:10:a0:ef:5e:01:ea:ec:bc:
24:8b:b9:a2:fb:d0:71:6a:70:14:6f:7f:0a:c1:21:fc:b4:e7:
9e:ee:4a:22:97:33:77:98:03:d8:36:cb:29:58:15:b8:59:97:
31:8c:92:5c:4c:f9:68:94:74:c6:e5:1b:75:b0:fe:f7:7a:71:
ea:50:5d:b8:c1:5d:23:e0:e8:cf:de:4e:ab:de:30:d0:3d:e9:
61:e9:5b:60:17:d5:d8:f4:20:d1:8b:b5:6f:0b:b1:ac:df:d8:
7f:af:f4:c5:ba:d4:62:7d:70:95:2a:e0:bf:d4:3f:e6:ac:ec:
2f:46:a9:c6:47:0e:33:13:a8:54:37:2b:e8:f0:b6:d5:5e:39:
81:a4:ac:2b:ed:56:ec:2f:ed:5b:65:3a:97:9b:61:34:78:ce:
cd:7c:08:4d:68:ee:c8:92:4b:07:7c:4e:96:ce:4e:61:73:5b:
73:76:0c:5a:3d:6c:f1:4e:c2:84:c5:67:3f:9d:cc:7d:bf:d7:
21:d4:2f:81:12:66:b0:d0:5b:58:d4:cd:d6:03:3a:01:3a:5c:
11:c2:cd:e5:d1:f4:8e:0f:af:2f:e2:f1:95:1f:20:ea:2b:8e:
6b:92:e9:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnPKtg03YDWI5BT52iDE+j7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwODA3MDg0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTlmMmM2ZWQ4YzVlMzI2Mjc2ZjliOWNhNTJkNWVlY2VjODNjMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKwR/NivxKCJzlwPs+6p8zfB84lR
xGwEjV94Cfu2/o5qQPg6p17tzI34tpbE34sx49E0qSYXu3XpvwIRvlmYTzMQGj/a
2ln0Mi7hS20LrTZs3s5U9Vf+vR6GCSNqG9u1LOYe6lp9KJUgaBzJexcsc7JHS9mt
IkPQ0S94PNRepkQtGb53D7b0BNxFr9WuQrTXFtGviGaXMO4rRHf+l/S48Zmh56P8
wlr/Vw9oNHxWe/hVXVO5n5lAmKLDvT1ddP1rnQZ+ZT8e95fjurgc+6m2SjNiuBiB
UgMHH+A1tEgI2dZEEUZmsAuQnqg4v5TjiNHzOh9z7pQsUBpScuK1vgsXvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGfLG7YxeMmJ2+bnKUtXuzsg8AwMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvY1o4c2J0akY0eVluYjV1Y3BTMWU3T3lEd0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe1IAwQA
Ve1ZMA0GCSqGSIb3DQEBCwUAA4IBAQCArqHX3NsiWmqq9jLznTuAIxHOcVVqxolg
1HLJEKDvXgHq7Lwki7mi+9BxanAUb38KwSH8tOee7koilzN3mAPYNsspWBW4WZcx
jJJcTPlolHTG5Rt1sP73enHqUF24wV0j4OjP3k6r3jDQPelh6VtgF9XY9CDRi7Vv
C7Gs39h/r/TFutRifXCVKuC/1D/mrOwvRqnGRw4zE6hUNyvo8LbVXjmBpKwr7Vbs
L+1bZTqXm2E0eM7NfAhNaO7IkksHfE6Wzk5hc1tzdgxaPWzxTsKExWc/ncx9v9ch
1C+BEmaw0FtY1M3WAzoBOlwRws3l0fSOD68v4vGVHyDqK45rkumv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org