Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/y9Pdj60-e0HkckfrCv76aU2o3yk.roa
File: y9Pdj60-e0HkckfrCv76aU2o3yk.roa (raw, json)
Hash identifier: BMlFm6u8q8Qnpv1s1jlge1mv5oAprJOUJIM40pYCnlk=
Subject key identifier: CB:D3:DD:8F:AD:3E:7B:41:E4:72:47:EB:0A:FE:FA:69:4D:A8:DF:29
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 0189CFBABE13FA571F44D6FBDAC64EDBA38B
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/y9Pdj60-e0HkckfrCv76aU2o3yk.roa
Signing time: Mon 07 Aug 2023 11:21:09 +0000
ROA not before: Mon 07 Aug 2023 11:21:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.237.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 29 Aug 2023 14:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:ba:be:13:fa:57:1f:44:d6:fb:da:c6:4e:db:a3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Aug 7 11:21:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbd3dd8fad3e7b41e47247eb0afefa694da8df29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:5c:91:9c:38:f8:6d:75:02:ff:93:45:1c:
54:d4:1e:de:5b:a7:b1:08:01:d9:f7:69:ed:b2:a5:
99:fc:ee:1d:8d:40:85:67:10:ff:87:62:b4:e9:f4:
78:3a:a8:ac:ab:12:32:80:c9:98:25:0c:0c:9d:03:
97:03:05:1a:16:ff:2b:f8:8a:9c:13:3e:8f:85:f0:
a6:e5:d9:18:af:85:b2:fb:12:ee:65:f7:99:8c:96:
e0:a2:d5:33:a4:18:6e:2b:ea:63:78:68:10:fd:ce:
27:b9:dd:8b:dc:50:d9:01:9c:ee:16:74:2b:24:09:
7e:6e:c9:13:a2:ce:3b:51:e1:4b:1d:2b:2a:6d:5f:
40:1c:04:31:cc:0e:cb:c6:63:d3:90:dd:20:44:4d:
f9:dd:0c:f5:a0:b9:c4:ba:55:33:96:12:f8:7a:9d:
68:6f:0a:2f:c6:a7:15:67:ac:c1:54:df:fc:1d:b8:
f1:10:4f:64:12:b8:76:59:28:ea:c5:e9:f8:75:df:
f8:2c:e2:4d:0a:6f:4e:6a:d6:93:d3:e8:42:90:b4:
74:09:c9:c1:29:4a:a5:d8:2d:10:8b:02:b1:b0:2c:
95:7b:23:12:38:18:29:5f:4e:83:95:74:d6:e6:ee:
49:f4:5f:73:43:c4:d5:20:5d:92:72:fd:ca:f8:13:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D3:DD:8F:AD:3E:7B:41:E4:72:47:EB:0A:FE:FA:69:4D:A8:DF:29
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/y9Pdj60-e0HkckfrCv76aU2o3yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/22
Signature Algorithm: sha256WithRSAEncryption
31:59:1e:8f:75:8c:ef:37:31:09:fc:6d:e3:ff:dd:07:ec:8e:
69:65:a8:0e:08:59:7b:1e:6d:24:be:5f:5d:81:e0:b6:16:94:
63:36:23:c2:15:28:80:4d:23:cf:a2:5c:49:9b:9a:a2:b4:f3:
f4:2f:4e:3d:3e:46:71:5a:69:58:ce:15:3c:79:29:2e:4c:96:
91:e8:b1:85:f9:cb:35:17:b5:ee:35:d9:cb:54:b3:2c:f5:c0:
34:26:92:34:12:ab:ca:2b:35:d2:43:e7:7d:9d:b7:3d:75:c3:
79:db:31:a7:2b:01:6c:cf:64:4f:19:4c:e7:b9:6c:de:a6:6e:
44:1d:64:e8:59:03:e5:40:b2:21:cb:7f:48:25:80:fd:35:92:
67:fe:7d:61:9b:fc:d8:3e:71:7d:ff:15:ba:5e:75:3c:5d:5c:
13:80:fc:24:46:4c:4c:07:89:9c:dd:26:1d:66:3c:2d:2b:ab:
c1:36:ae:12:6e:34:2b:11:7f:f0:cc:15:c9:51:f9:67:a9:07:
5a:24:95:36:af:43:23:e0:01:c4:98:63:a8:83:c3:f6:f7:cc:
3c:0d:e1:03:4d:83:79:b3:fd:48:e6:08:0d:ce:10:1d:ae:3c:
2a:dc:7e:79:b3:c6:de:c2:3f:cc:8e:fa:b1:7c:86:24:9a:ab:
c9:6e:f3:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnPur4T+lcfRNb72sZO26OLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwODA3MTEyMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQzZGQ4ZmFkM2U3YjQxZTQ3MjQ3ZWIwYWZlZmE2OTRkYThkZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKdckZw4+G11Av+TRRxU1B7eW6ex
CAHZ92ntsqWZ/O4djUCFZxD/h2K06fR4OqisqxIygMmYJQwMnQOXAwUaFv8r+Iqc
Ez6PhfCm5dkYr4Wy+xLuZfeZjJbgotUzpBhuK+pjeGgQ/c4nud2L3FDZAZzuFnQr
JAl+bskTos47UeFLHSsqbV9AHAQxzA7LxmPTkN0gRE353Qz1oLnEulUzlhL4ep1o
bwovxqcVZ6zBVN/8HbjxEE9kErh2WSjqxen4dd/4LOJNCm9OataT0+hCkLR0CcnB
KUql2C0QiwKxsCyVeyMSOBgpX06DlXTW5u5J9F9zQ8TVIF2Scv3K+BMgjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvT3Y+tPntB5HJH6wr++mlNqN8pMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEveTlQZGo2MC1lMEhrY2tmckN2NzZhVTJvM3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1IMA0G
CSqGSIb3DQEBCwUAA4IBAQAxWR6PdYzvNzEJ/G3j/90H7I5pZagOCFl7Hm0kvl9d
geC2FpRjNiPCFSiATSPPolxJm5qitPP0L049PkZxWmlYzhU8eSkuTJaR6LGF+cs1
F7XuNdnLVLMs9cA0JpI0EqvKKzXSQ+d9nbc9dcN52zGnKwFsz2RPGUznuWzepm5E
HWToWQPlQLIhy39IJYD9NZJn/n1hm/zYPnF9/xW6XnU8XVwTgPwkRkxMB4mc3SYd
ZjwtK6vBNq4SbjQrEX/wzBXJUflnqQdaJJU2r0Mj4AHEmGOog8P298w8DeEDTYN5
s/1I5ggNzhAdrjwq3H55s8bewj/MjvqxfIYkmqvJbvPJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org