Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/u-5TWrvi6HkvR-KxJ09pjemqnwQ.roa
File: u-5TWrvi6HkvR-KxJ09pjemqnwQ.roa (raw, json)
Hash identifier: oUsPuYJSajkNHCRGhIBUE69m3YDwNGNi01sLlVMCchk=
Subject key identifier: BB:EE:53:5A:BB:E2:E8:79:2F:47:E2:B1:27:4F:69:8D:E9:AA:9F:04
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 01882847D93EDCFE9957307296B453D35CB4
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/u-5TWrvi6HkvR-KxJ09pjemqnwQ.roa
Signing time: Wed 17 May 2023 05:56:17 +0000
ROA not before: Wed 17 May 2023 05:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35053
IP address blocks: 85.237.69.0/24 maxlen: 24
85.237.68.0/24 maxlen: 24
85.237.71.0/24 maxlen: 24
85.237.70.0/24 maxlen: 24
85.237.72.0/21 maxlen: 21
85.237.84.0/22 maxlen: 22
85.237.89.0/24 maxlen: 24
85.237.88.0/24 maxlen: 24
85.237.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Jun 2023 10:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:47:d9:3e:dc:fe:99:57:30:72:96:b4:53:d3:5c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: May 17 05:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbee535abbe2e8792f47e2b1274f698de9aa9f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:88:46:ec:c3:9a:44:e0:34:18:6e:82:4d:d5:
ec:42:4f:71:f4:7e:15:b2:44:bf:03:ee:e4:81:33:
78:87:41:3d:46:47:9f:b9:e7:c3:b6:c8:a0:cf:14:
93:1e:4e:d0:e8:c7:cb:88:04:c6:9d:56:2a:24:45:
5c:9f:d3:14:27:0f:76:7e:45:0b:93:2b:00:d7:64:
27:e2:86:79:2a:89:7b:39:84:70:e8:e6:fb:5a:ab:
f4:91:65:7c:17:6d:fc:cc:cd:ac:35:aa:e5:fe:80:
66:52:3e:e7:d8:24:33:71:c8:0c:23:9c:a3:9e:0b:
e0:17:7c:18:45:0e:fb:a7:6b:47:19:5e:d3:f0:ff:
21:62:a1:5d:b3:d6:f8:be:c7:bc:78:47:61:7b:9c:
1c:72:40:bf:11:ad:ed:cc:57:a8:5d:e3:40:fa:c9:
02:4b:87:f0:d8:05:6c:ec:89:d3:9a:04:3b:d2:77:
58:6c:d2:4a:bb:c6:62:00:c9:27:dc:b0:c7:2d:67:
6b:61:c0:f7:3d:c1:59:9b:a0:08:d2:07:fd:1a:80:
dd:98:5f:cf:c4:e6:ef:30:ad:e7:17:38:41:fe:ab:
ab:72:6d:a4:f6:6d:10:5d:a6:6f:b2:16:2d:99:44:
43:de:20:76:b9:67:7b:41:6d:df:44:c4:7e:7c:c1:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EE:53:5A:BB:E2:E8:79:2F:47:E2:B1:27:4F:69:8D:E9:AA:9F:04
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/u-5TWrvi6HkvR-KxJ09pjemqnwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.64.0/20
85.237.84.0-85.237.89.255
Signature Algorithm: sha256WithRSAEncryption
06:73:c6:99:f4:6d:36:ab:71:34:cf:72:38:97:c5:19:e5:3e:
19:1c:40:09:67:5e:fd:57:70:87:8b:b8:a5:f0:34:c8:77:51:
b6:0f:5f:17:ca:5e:d4:7e:52:74:68:07:bf:b6:48:27:dd:a6:
e4:94:22:0c:7b:ee:e3:d1:e0:ff:84:ce:17:40:a7:b1:3c:22:
2d:14:6d:41:89:ae:5b:dc:8b:ea:f6:c1:30:a8:4c:78:da:7f:
df:6c:d5:4e:4c:dd:6a:5f:82:6d:00:b8:d8:02:11:34:cb:c2:
2b:1c:31:ef:99:6b:84:bb:b2:00:96:a4:22:2c:eb:94:1c:62:
86:d9:9d:86:1f:52:39:ca:df:b3:b4:96:38:50:c6:52:a0:22:
24:62:af:0a:73:7c:a3:b6:53:cc:dd:e9:f1:a0:d9:e7:11:83:
64:42:49:a4:62:60:cb:b0:7c:3d:e3:11:59:ef:d7:24:d7:31:
97:46:33:52:e2:e5:6c:dc:43:d0:6b:b7:18:5e:70:1d:8e:fd:
45:fe:0c:c6:2c:3e:5a:06:a9:19:9c:ce:77:14:9e:11:37:04:
28:16:7a:42:ca:4a:27:fe:f1:4c:ff:ca:ad:2d:50:c4:62:ce:
aa:6e:ff:b1:1d:32:47:1f:c9:9b:3c:4b:7c:84:f5:36:21:d0:
f2:7d:c7:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYgoR9k+3P6ZVzBylrRT01y0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNTE3MDU1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVlNTM1YWJiZTJlODc5MmY0N2UyYjEyNzRmNjk4ZGU5YWE5ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIhG7MOaROA0GG6CTdXsQk9x9H4V
skS/A+7kgTN4h0E9RkefuefDtsigzxSTHk7Q6MfLiATGnVYqJEVcn9MUJw92fkUL
kysA12Qn4oZ5Kol7OYRw6Ob7Wqv0kWV8F238zM2sNarl/oBmUj7n2CQzccgMI5yj
ngvgF3wYRQ77p2tHGV7T8P8hYqFds9b4vse8eEdhe5wcckC/Ea3tzFeoXeNA+skC
S4fw2AVs7InTmgQ70ndYbNJKu8ZiAMkn3LDHLWdrYcD3PcFZm6AI0gf9GoDdmF/P
xObvMK3nFzhB/qurcm2k9m0QXaZvshYtmURD3iB2uWd7QW3fRMR+fMEbawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLvuU1q74uh5L0fisSdPaY3pqp8EMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvdS01VFdydmk2SGt2Ui1LeEowOXBqZW1xbndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEVe1AMAwD
BAJV7VQDBAFV7VgwDQYJKoZIhvcNAQELBQADggEBAAZzxpn0bTarcTTPcjiXxRnl
PhkcQAlnXv1XcIeLuKXwNMh3UbYPXxfKXtR+UnRoB7+2SCfdpuSUIgx77uPR4P+E
zhdAp7E8Ii0UbUGJrlvci+r2wTCoTHjaf99s1U5M3Wpfgm0AuNgCETTLwiscMe+Z
a4S7sgCWpCIs65QcYobZnYYfUjnK37O0ljhQxlKgIiRirwpzfKO2U8zd6fGg2ecR
g2RCSaRiYMuwfD3jEVnv1yTXMZdGM1Li5WzcQ9BrtxhecB2O/UX+DMYsPloGqRmc
zncUnhE3BCgWekLKSif+8Uz/yq0tUMRizqpu/7EdMkcfyZs8S3yE9TYh0PJ9x8s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org