Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/rAYMOmRESEr7ToZP43Megyyn5dA.roa
File: rAYMOmRESEr7ToZP43Megyyn5dA.roa (raw, json)
Hash identifier: Sn2rHs0eeBjiaRSHCmtiQLa2mph/+LjInjjPed259a0=
Subject key identifier: AC:06:0C:3A:64:44:48:4A:FB:4E:86:4F:E3:73:1E:83:2C:A7:E5:D0
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018A186B122E89E4FD54E7099C7C70DBC371
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/rAYMOmRESEr7ToZP43Megyyn5dA.roa
Signing time: Mon 21 Aug 2023 14:06:24 +0000
ROA not before: Mon 21 Aug 2023 14:06:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.68.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 22 Aug 2023 13:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:6b:12:2e:89:e4:fd:54:e7:09:9c:7c:70:db:c3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Aug 21 14:06:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac060c3a6444484afb4e864fe3731e832ca7e5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:e9:7b:cc:a4:6b:bc:ae:45:8e:d4:eb:f2:
ec:dd:ed:ed:7b:aa:10:49:a0:31:a2:8d:8a:cd:26:
8a:b2:81:b3:71:1d:c8:11:65:4b:fb:34:03:6c:59:
e6:32:91:51:d7:30:b2:54:3d:97:9e:39:c8:6d:61:
9b:04:04:14:ac:90:13:3d:4c:ed:52:1f:9d:75:1d:
e9:c6:be:1c:97:bd:13:95:09:73:19:8a:72:b6:c6:
ba:1d:1f:4c:b3:61:b3:32:5e:3e:27:7f:a9:60:f9:
d3:06:ce:97:4c:96:04:8a:c5:f6:68:b7:b2:6c:86:
83:0b:bc:27:f0:69:ae:a6:19:6a:ae:8c:58:33:9d:
6a:d4:95:ac:e1:3b:08:35:13:af:ce:74:3d:b5:3d:
75:cc:72:83:41:01:8e:84:21:35:03:74:d4:3f:51:
02:56:96:3b:48:e6:84:cd:02:f6:4e:aa:d5:bd:40:
77:9b:de:6c:36:b7:27:e2:8d:b9:fa:5a:75:7b:42:
db:74:cf:78:1d:36:66:d7:1a:b3:70:09:2e:b5:16:
43:1a:c0:a5:3a:be:0c:9b:2f:3d:08:3f:6f:b0:b9:
f1:b8:07:a9:40:73:20:af:f9:6b:74:71:a3:54:b3:
cb:24:fd:9b:78:9e:4b:12:fd:29:be:0f:33:b0:8e:
7c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:06:0C:3A:64:44:48:4A:FB:4E:86:4F:E3:73:1E:83:2C:A7:E5:D0
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/rAYMOmRESEr7ToZP43Megyyn5dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0-85.237.70.255
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
45:be:87:f2:c3:c5:2f:9d:fa:ae:6a:1b:9b:51:20:56:a5:37:
7a:ed:4c:7c:32:15:fb:03:54:e3:63:60:75:51:f5:be:eb:72:
9f:80:66:b0:8e:fa:23:42:49:08:0b:3d:1a:e1:a7:8e:90:78:
01:7a:94:87:b8:e7:e7:da:27:e3:f1:02:33:f4:de:f4:54:f3:
4f:d7:0b:47:cf:29:0c:cd:f6:28:d7:d3:6b:61:3e:79:16:3f:
a8:75:cb:28:84:7f:62:11:cb:d5:bd:44:c2:96:89:15:bc:16:
95:4f:c0:e4:9b:cf:ac:11:c7:35:25:0f:d6:0e:cc:fd:d0:c3:
6f:07:72:1a:6b:c6:64:3f:36:ed:af:26:a7:20:12:70:f3:20:
cc:95:73:8d:ff:05:09:25:02:e3:db:36:e4:0f:fd:ca:78:f7:
63:10:6b:75:93:cb:ac:b1:e3:18:15:98:6b:8a:e7:1f:4a:71:
b9:dc:d3:58:96:04:09:38:f1:b1:b8:2f:1e:f8:e7:bd:84:0e:
c0:51:a6:8f:33:60:d1:6a:88:12:cd:2a:f5:c7:29:2d:57:c1:
8a:11:98:9b:20:14:1c:23:bc:eb:cb:32:dd:a9:90:9b:d6:ca:
a7:01:d4:0f:48:01:ae:88:3e:ec:af:7b:32:fb:49:a0:20:9d:
6e:27:66:51
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYoYaxIuieT9VOcJnHxw28NxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwODIxMTQwNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzA2MGMzYTY0NDQ0ODRhZmI0ZTg2NGZlMzczMWU4MzJjYTdlNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S/pe8yka7yuRY7U6/Ls3e3te6oQ
SaAxoo2KzSaKsoGzcR3IEWVL+zQDbFnmMpFR1zCyVD2XnjnIbWGbBAQUrJATPUzt
Uh+ddR3pxr4cl70TlQlzGYpytsa6HR9Ms2GzMl4+J3+pYPnTBs6XTJYEisX2aLey
bIaDC7wn8GmuphlqroxYM51q1JWs4TsINROvznQ9tT11zHKDQQGOhCE1A3TUP1EC
VpY7SOaEzQL2TqrVvUB3m95sNrcn4o25+lp1e0LbdM94HTZm1xqzcAkutRZDGsCl
Or4Mmy89CD9vsLnxuAepQHMgr/lrdHGjVLPLJP2beJ5LEv0pvg8zsI58ZwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKwGDDpkREhK+06GT+NzHoMsp+XQMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvckFZTU9tUkVTRXI3VG9aUDQzTWVneXluNWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZV7UAD
BABV7UYwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEARb6H8sPFL536
rmobm1EgVqU3eu1MfDIV+wNU42NgdVH1vutyn4BmsI76I0JJCAs9GuGnjpB4AXqU
h7jn59on4/ECM/Te9FTzT9cLR88pDM32KNfTa2E+eRY/qHXLKIR/YhHL1b1EwpaJ
FbwWlU/A5JvPrBHHNSUP1g7M/dDDbwdyGmvGZD827a8mpyAScPMgzJVzjf8FCSUC
49s25A/9ynj3YxBrdZPLrLHjGBWYa4rnH0pxudzTWJYECTjxsbgvHvjnvYQOwFGm
jzNg0WqIEs0q9ccpLVfBihGYmyAUHCO868sy3amQm9bKpwHUD0gBrog+7K97MvtJ
oCCdbidmUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org