Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cNXbdn8EmFe4q9PP7Q-C_ynIYPs.roa
File: cNXbdn8EmFe4q9PP7Q-C_ynIYPs.roa (raw, json)
Hash identifier: 5TGx/zgbt8zS0bmP7oB7emCdDxgRW+Kzek1BTmpOMuI=
Subject key identifier: 70:D5:DB:76:7F:04:98:57:B8:AB:D3:CF:ED:0F:82:FF:29:C8:60:FB
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CC949757BFD3A55C2E13A03278038F
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cNXbdn8EmFe4q9PP7Q-C_ynIYPs.roa
Signing time: Mon 02 Jan 2023 14:04:48 +0000
ROA not before: Mon 02 Jan 2023 14:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 85.203.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:94:97:57:bf:d3:a5:5c:2e:13:a0:32:78:03:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d5db767f049857b8abd3cfed0f82ff29c860fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b8:59:46:e4:4e:4b:34:ae:58:c6:6a:04:fc:
dd:67:14:3a:c2:9f:2a:cc:00:95:c4:64:d3:93:35:
d0:97:c8:36:37:a4:16:54:65:5e:b8:35:07:a4:eb:
f8:8d:2c:af:65:3b:88:b5:df:4c:4a:aa:e5:90:c7:
3b:2f:0a:c7:7b:14:ba:11:d2:0b:8e:1f:2f:5f:7a:
4c:43:68:1f:73:88:f7:96:63:ad:a9:5f:da:bc:43:
8b:e1:d2:19:97:f4:77:1f:39:f9:9b:0e:9c:e0:c3:
a1:6f:04:5d:2f:00:dc:24:21:2a:63:4c:98:f6:96:
df:d7:2b:9d:c7:1f:80:a2:ba:a8:29:dc:75:e5:ae:
e8:fd:df:d9:db:02:c8:1b:87:31:d1:0b:5a:9e:57:
27:7f:92:6b:ff:26:42:df:6a:1d:50:0b:bd:0e:0e:
8f:ce:5d:2e:e2:cc:02:1d:a5:91:b1:bd:67:11:f5:
f3:f6:e0:fd:08:5f:b3:b9:1a:6a:95:e0:d6:d5:17:
43:81:d3:ef:02:a2:b7:1d:76:46:75:f6:3c:6d:8e:
e2:87:33:97:13:c8:33:41:11:7f:ee:0f:ee:b8:45:
7c:0b:ce:48:ea:7f:84:d9:4c:9d:1b:9b:77:bb:b9:
88:26:76:a2:f1:d0:32:63:68:33:63:87:bb:39:8d:
dd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D5:DB:76:7F:04:98:57:B8:AB:D3:CF:ED:0F:82:FF:29:C8:60:FB
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cNXbdn8EmFe4q9PP7Q-C_ynIYPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.19.0/24
Signature Algorithm: sha256WithRSAEncryption
70:55:4d:4a:db:7d:11:be:0c:6a:b3:6e:b3:d1:93:c0:6d:2a:
bf:2a:cc:f8:5d:b2:c2:9c:58:87:be:e9:cf:08:12:1a:05:e6:
78:2a:dc:4f:0a:63:55:0b:2b:30:68:95:6a:6a:b4:ed:7c:c9:
78:85:85:e7:9b:1d:e2:9e:ae:fc:2b:cd:f2:b2:d8:8f:a1:04:
c7:95:ff:1a:23:77:70:8e:e1:c0:8a:9a:bf:57:e7:65:e4:4d:
19:13:b6:db:04:c1:ed:22:75:84:4f:62:fa:f9:d7:fa:2c:01:
52:21:cb:31:6f:c1:32:7f:ce:1b:f1:e8:2e:d4:c3:f9:01:92:
e6:91:29:b3:e8:93:d4:82:04:0d:67:41:f6:c6:26:d4:85:4e:
1d:11:cb:59:fc:92:ac:d3:3f:40:64:2d:81:fe:4a:2f:88:e5:
f4:6d:a2:7d:c2:ab:b9:4a:90:b6:67:d9:64:88:d0:37:23:92:
d0:97:e5:df:56:8c:c5:97:79:9b:4f:56:2a:16:22:16:a5:7f:
3a:55:22:b8:5f:83:82:76:68:35:56:b2:ff:c1:58:4c:b6:ca:
8b:c0:05:b7:80:44:f6:63:9c:db:a5:5c:e8:0d:27:9f:4f:78:
32:24:11:c1:fa:c7:1a:07:18:9b:15:08:70:f6:2e:f6:81:6a:
e5:03:c7:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzJSXV7/TpVwuE6AyeAOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ1ZGI3NjdmMDQ5ODU3YjhhYmQzY2ZlZDBmODJmZjI5Yzg2MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7hZRuROSzSuWMZqBPzdZxQ6wp8q
zACVxGTTkzXQl8g2N6QWVGVeuDUHpOv4jSyvZTuItd9MSqrlkMc7LwrHexS6EdIL
jh8vX3pMQ2gfc4j3lmOtqV/avEOL4dIZl/R3Hzn5mw6c4MOhbwRdLwDcJCEqY0yY
9pbf1yudxx+AorqoKdx15a7o/d/Z2wLIG4cx0Qtanlcnf5Jr/yZC32odUAu9Dg6P
zl0u4swCHaWRsb1nEfXz9uD9CF+zuRpqleDW1RdDgdPvAqK3HXZGdfY8bY7ihzOX
E8gzQRF/7g/uuEV8C85I6n+E2UydG5t3u7mIJnai8dAyY2gzY4e7OY3dZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDV23Z/BJhXuKvTz+0Pgv8pyGD7MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvY05YYmRuOEVtRmU0cTlQUDdRLUNfeW5JWVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsTMA0G
CSqGSIb3DQEBCwUAA4IBAQBwVU1K230Rvgxqs26z0ZPAbSq/Ksz4XbLCnFiHvunP
CBIaBeZ4KtxPCmNVCyswaJVqarTtfMl4hYXnmx3inq78K83ystiPoQTHlf8aI3dw
juHAipq/V+dl5E0ZE7bbBMHtInWET2L6+df6LAFSIcsxb8Eyf84b8egu1MP5AZLm
kSmz6JPUggQNZ0H2xibUhU4dEctZ/JKs0z9AZC2B/koviOX0baJ9wqu5SpC2Z9lk
iNA3I5LQl+XfVozFl3mbT1YqFiIWpX86VSK4X4OCdmg1VrL/wVhMtsqLwAW3gET2
Y5zbpVzoDSefT3gyJBHB+scaBxibFQhw9i72gWrlA8e3
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:15 2024 by rpki-client on console-fra.rpki-client.org