Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/CFRw4_j6zPwltARmt9IR-r3OA7c.roa
File: CFRw4_j6zPwltARmt9IR-r3OA7c.roa (raw, json)
Hash identifier: a/DlJX1baKq1YkPcVSRChnfVaWH0rCxCIaV7GXhV8nA=
Subject key identifier: 08:54:70:E3:F8:FA:CC:FC:25:B4:04:66:B7:D2:11:FA:BD:CE:03:B7
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 01856FF97EFE02A5D1FA1F1F34ACF91158C0
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/CFRw4_j6zPwltARmt9IR-r3OA7c.roa
Signing time: Mon 02 Jan 2023 00:55:00 +0000
ROA not before: Mon 02 Jan 2023 00:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197741
IP address blocks: 85.118.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:7e:fe:02:a5:d1:fa:1f:1f:34:ac:f9:11:58:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 00:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085470e3f8faccfc25b40466b7d211fabdce03b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:f3:65:2a:b1:53:a0:a6:4d:b7:87:88:6b:
13:7a:51:42:d3:74:0e:ee:40:65:92:b9:5b:bc:d1:
3e:b7:9b:d5:a4:aa:42:50:10:9e:02:83:ec:9b:06:
00:a0:b8:02:da:5c:92:05:d6:6d:d2:f2:af:14:08:
66:c5:5e:d6:a6:a0:9a:81:b3:81:cb:0f:e6:ef:fd:
11:e4:bc:80:43:3c:ad:9c:22:a7:62:ad:80:a6:70:
d9:d3:3d:39:18:49:bb:78:a0:c7:90:64:b6:bd:b0:
53:29:6b:27:7b:43:f9:1a:77:80:b6:b7:e2:e3:08:
c7:c6:c7:48:a4:ce:f4:77:f4:f9:93:5a:01:d2:b9:
92:1d:f1:30:8b:76:17:96:5a:6c:09:c5:2a:dd:30:
ba:b3:ca:b6:b0:1e:27:0c:42:68:6c:47:90:ea:d6:
bd:82:74:d1:85:9c:a2:2f:b1:27:dc:ed:87:22:ac:
23:0d:9e:73:f8:56:9a:bb:df:6e:9f:94:91:18:f0:
f9:95:2a:07:55:9f:0d:65:b9:a2:d3:f7:6e:88:52:
36:91:e3:a1:c4:b4:e0:eb:8b:49:52:58:b5:81:7e:
89:52:c2:95:61:fc:e1:1d:ec:b0:25:06:71:0e:43:
75:49:d9:8a:71:20:cd:86:26:38:d6:82:bb:28:5e:
bf:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:54:70:E3:F8:FA:CC:FC:25:B4:04:66:B7:D2:11:FA:BD:CE:03:B7
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/CFRw4_j6zPwltARmt9IR-r3OA7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.90.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:31:9c:25:5b:11:5b:d3:2a:4b:f0:fd:2b:ee:5d:94:17:a1:
9b:27:a2:5e:6a:23:b7:c9:99:16:01:ca:0c:4f:52:88:9b:6c:
bb:74:d6:80:31:0a:c4:66:fc:d0:4c:bb:e6:f1:e8:f6:be:53:
34:0f:32:1f:6f:ae:ce:28:a9:f8:d0:fc:ab:86:9e:91:67:59:
4e:64:cc:85:32:37:27:ac:40:71:87:0b:a3:45:d6:de:05:45:
ed:04:c9:eb:04:82:f6:29:ad:79:d7:4c:c5:fa:c0:74:ae:79:
16:1f:ec:63:e4:0d:08:b7:5b:6a:57:30:9a:e3:26:eb:10:ba:
7a:8a:c9:0a:58:7f:96:53:cf:35:35:11:1b:14:a3:65:59:8c:
aa:b3:c3:74:ce:fd:70:22:2f:47:53:a8:e9:2d:db:0a:b6:42:
ed:48:a0:10:a0:75:bd:39:5e:d5:1d:04:d7:9b:0d:3e:3e:cb:
83:2a:b9:e5:c0:31:35:80:52:59:ce:33:64:da:ef:0c:df:47:
29:79:fa:07:41:dc:d0:d7:d4:46:ee:3f:eb:44:34:e8:ea:cb:
4a:ae:28:cc:3f:8c:ac:e8:71:90:33:bc:c0:84:91:7b:88:46:
38:78:33:6b:2d:30:a4:9b:1d:bc:2b:74:e0:20:b7:40:f7:10:
d9:b9:f4:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+X7+AqXR+h8fNKz5EVjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU0NzBlM2Y4ZmFjY2ZjMjViNDA0NjZiN2QyMTFmYWJkY2UwM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVPzZSqxU6CmTbeHiGsTelFC03QO
7kBlkrlbvNE+t5vVpKpCUBCeAoPsmwYAoLgC2lySBdZt0vKvFAhmxV7WpqCagbOB
yw/m7/0R5LyAQzytnCKnYq2ApnDZ0z05GEm7eKDHkGS2vbBTKWsne0P5GneAtrfi
4wjHxsdIpM70d/T5k1oB0rmSHfEwi3YXllpsCcUq3TC6s8q2sB4nDEJobEeQ6ta9
gnTRhZyiL7En3O2HIqwjDZ5z+Faau99un5SRGPD5lSoHVZ8NZbmi0/duiFI2keOh
xLTg64tJUli1gX6JUsKVYfzhHeywJQZxDkN1SdmKcSDNhiY41oK7KF6/EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhUcOP4+sz8JbQEZrfSEfq9zgO3MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvQ0ZSdzRfajZ6UHdsdEFSbXQ5SVItcjNPQTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXZaMA0G
CSqGSIb3DQEBCwUAA4IBAQCKMZwlWxFb0ypL8P0r7l2UF6GbJ6JeaiO3yZkWAcoM
T1KIm2y7dNaAMQrEZvzQTLvm8ej2vlM0DzIfb67OKKn40Pyrhp6RZ1lOZMyFMjcn
rEBxhwujRdbeBUXtBMnrBIL2Ka1510zF+sB0rnkWH+xj5A0It1tqVzCa4ybrELp6
iskKWH+WU881NREbFKNlWYyqs8N0zv1wIi9HU6jpLdsKtkLtSKAQoHW9OV7VHQTX
mw0+PsuDKrnlwDE1gFJZzjNk2u8M30cpefoHQdzQ19RG7j/rRDTo6stKrijMP4ys
6HGQM7zAhJF7iEY4eDNrLTCkmx28K3TgILdA9xDZufTL
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:00 2024 by rpki-client on console-fra.rpki-client.org