Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/t2SiCU3EBmMfySrjxWVeuggQxbg.roa
File: t2SiCU3EBmMfySrjxWVeuggQxbg.roa (raw, json)
Hash identifier: aKEGI/0GLeQDbLuaahc7uOuqIoPKI/V6iQnCATKfrl4=
Subject key identifier: B7:64:A2:09:4D:C4:06:63:1F:C9:2A:E3:C5:65:5E:BA:08:10:C5:B8
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 0188BE496E587758F258D11E0AC86F548ED4
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/t2SiCU3EBmMfySrjxWVeuggQxbg.roa
Signing time: Thu 15 Jun 2023 09:01:03 +0000
ROA not before: Thu 15 Jun 2023 09:01:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.68.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.76.0/22 maxlen: 22
85.237.84.0/22 maxlen: 22
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 15 Jun 2023 10:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:49:6e:58:77:58:f2:58:d1:1e:0a:c8:6f:54:8e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jun 15 09:01:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b764a2094dc406631fc92ae3c5655eba0810c5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:09:71:13:e3:31:69:9d:12:a6:68:35:82:81:
9e:4c:17:c9:1e:28:f8:2d:e5:58:23:5f:94:75:d0:
34:fb:c5:42:39:08:45:09:de:76:5d:5d:c7:f5:83:
15:9f:78:69:ae:c0:de:ea:70:f3:45:4e:53:9f:9b:
02:da:27:66:0a:cb:9a:e0:7f:58:34:ba:84:c1:9f:
0b:16:79:0b:f7:4e:eb:a9:38:b1:ab:4b:f6:ca:0a:
88:89:76:fb:44:d8:4e:b9:ff:2b:6b:4a:f1:65:ce:
af:67:71:13:d7:3b:bf:32:77:a5:75:ac:d2:c2:44:
53:93:07:13:28:6d:90:29:96:23:f1:a2:c8:43:92:
54:20:78:4b:27:6c:5b:2a:60:f5:e6:15:4e:eb:2c:
e4:4c:29:16:c5:05:52:38:fe:e4:57:ce:fa:90:b1:
1c:7d:a6:d4:ea:82:6a:a9:37:f7:e0:94:4b:f6:ea:
d7:fd:2d:c8:1f:d0:f3:44:6f:29:e0:56:3d:f3:07:
ea:de:2e:dc:1d:d1:59:25:83:a7:64:cd:ec:c9:c9:
8a:bc:56:50:e8:58:2c:7d:56:eb:ac:27:4d:11:20:
86:66:52:50:6c:81:ef:20:05:e7:19:41:83:2c:d6:
2f:0d:71:b4:51:99:3f:8e:f5:4a:92:6c:70:fa:36:
70:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:64:A2:09:4D:C4:06:63:1F:C9:2A:E3:C5:65:5E:BA:08:10:C5:B8
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/t2SiCU3EBmMfySrjxWVeuggQxbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0-85.237.70.255
85.237.76.0/22
85.237.84.0-85.237.88.255
Signature Algorithm: sha256WithRSAEncryption
23:ae:6f:92:d0:b8:9d:8b:8f:2c:5f:8d:52:30:e0:1f:d4:e4:
c3:44:3c:f4:32:dc:a1:3f:e2:f4:31:a1:87:a7:c5:4f:0c:ec:
77:0b:8f:d4:10:52:84:96:10:8d:ed:c5:f5:c3:42:c1:ff:9a:
61:32:83:c1:ff:27:c1:eb:22:84:88:c7:88:61:bc:c5:1b:e5:
82:89:3d:9e:ef:c8:9b:83:29:10:2d:35:0c:11:0a:11:f0:5c:
31:0c:84:6e:ab:3b:ce:06:29:79:3e:50:8e:72:3a:58:f9:bf:
95:7c:b6:db:44:9a:7a:84:21:d5:f1:89:c7:bf:96:53:34:b4:
45:84:73:3f:be:b8:8d:42:62:66:2d:42:77:7b:a2:d8:1d:fd:
c2:a0:13:1e:5a:a4:5e:d5:13:83:d5:e7:fe:13:13:cb:6d:1a:
0d:1a:1f:cf:48:3a:ce:c5:ef:de:57:3a:1f:cf:a6:11:92:dc:
f0:f3:a1:88:20:cd:a7:99:16:19:9a:fa:68:e4:d9:67:b8:05:
ba:10:fa:8a:07:5c:dc:80:2c:b9:d8:a8:9b:bf:2f:e7:f4:f2:
94:3d:c9:a7:66:53:0b:f2:31:91:7a:db:b7:dd:a8:18:1d:a7:
41:16:96:14:d5:bb:9d:87:c6:1b:75:40:ba:80:69:dd:c9:8e:
99:71:69:de
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYi+SW5Yd1jyWNEeCshvVI7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNjE1MDkwMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzY0YTIwOTRkYzQwNjYzMWZjOTJhZTNjNTY1NWViYTA4MTBjNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAlxE+MxaZ0Spmg1goGeTBfJHij4
LeVYI1+UddA0+8VCOQhFCd52XV3H9YMVn3hprsDe6nDzRU5Tn5sC2idmCsua4H9Y
NLqEwZ8LFnkL907rqTixq0v2ygqIiXb7RNhOuf8ra0rxZc6vZ3ET1zu/MneldazS
wkRTkwcTKG2QKZYj8aLIQ5JUIHhLJ2xbKmD15hVO6yzkTCkWxQVSOP7kV876kLEc
fabU6oJqqTf34JRL9urX/S3IH9DzRG8p4FY98wfq3i7cHdFZJYOnZM3sycmKvFZQ
6FgsfVbrrCdNESCGZlJQbIHvIAXnGUGDLNYvDXG0UZk/jvVKkmxw+jZwEQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLdkoglNxAZjH8kq48VlXroIEMW4MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvdDJTaUNVM0VCbU1meVNyanhXVmV1Z2dReGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAZV7UAD
BABV7UYDBAJV7UwwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAI65v
ktC4nYuPLF+NUjDgH9Tkw0Q89DLcoT/i9DGhh6fFTwzsdwuP1BBShJYQje3F9cNC
wf+aYTKDwf8nwesihIjHiGG8xRvlgok9nu/Im4MpEC01DBEKEfBcMQyEbqs7zgYp
eT5QjnI6WPm/lXy220SaeoQh1fGJx7+WUzS0RYRzP764jUJiZi1Cd3ui2B39wqAT
HlqkXtUTg9Xn/hMTy20aDRofz0g6zsXv3lc6H8+mEZLc8POhiCDNp5kWGZr6aOTZ
Z7gFuhD6igdc3IAsudiom78v5/TylD3Jp2ZTC/IxkXrbt92oGB2nQRaWFNW7nYfG
G3VAuoBp3cmOmXFp3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org