Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CnnPtIO6uzEGGoYy8iUKHpcT6B8.roa
File: CnnPtIO6uzEGGoYy8iUKHpcT6B8.roa (raw, json)
Hash identifier: toYxUw0BYGVvMXQE8cXiuU2uGqsr6h3MZsoppoVZ7WE=
Subject key identifier: 0A:79:CF:B4:83:BA:BB:31:06:1A:86:32:F2:25:0A:1E:97:13:E8:1F
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14EC45844A7A878278F6CC34DFE352
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CnnPtIO6uzEGGoYy8iUKHpcT6B8.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12310
IP address blocks: 85.121.14.0/23 maxlen: 23
85.120.152.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ec:45:84:4a:7a:87:82:78:f6:cc:34:df:e3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a79cfb483babb31061a8632f2250a1e9713e81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:05:da:7d:92:ae:30:d2:03:98:8e:39:bf:21:
fe:c3:b2:ea:36:05:23:04:1f:d2:04:8e:ed:3e:fc:
b0:b7:c9:69:cb:64:cc:07:46:84:32:04:f3:2c:35:
3c:68:0c:d3:75:0f:fd:4c:f9:5d:ed:cb:e8:f9:4d:
fe:ae:6e:59:e9:1c:9d:07:9d:17:1c:7d:1a:04:2e:
99:2f:45:7c:7f:a2:70:d0:ea:e9:98:97:38:d6:d7:
b7:f3:38:95:0a:9e:40:9d:a3:83:1f:e4:f6:0a:b6:
2c:8d:6e:8f:13:27:50:bd:9f:77:19:12:f3:11:63:
38:6d:db:16:96:f8:91:36:99:fc:9c:f1:be:93:15:
92:e1:05:8b:b4:9e:8b:c7:4c:16:2e:da:7b:5c:f4:
2f:d6:97:b4:5e:4c:23:59:01:d2:7e:9b:c4:5e:9d:
a4:ab:54:59:db:31:8a:31:ce:82:24:d7:df:87:7d:
63:5e:06:55:e3:26:e4:27:04:33:0d:8c:66:fb:15:
6f:fb:8a:40:79:27:13:a9:6c:ca:11:c3:d4:96:f9:
2f:4e:1a:cc:3e:9a:c5:d3:eb:0d:48:2e:53:60:9c:
42:d4:26:15:8b:cc:8f:43:e4:fb:66:33:7f:fc:43:
a9:aa:a3:d9:49:ef:33:61:a8:3e:b3:7b:5c:76:17:
da:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:79:CF:B4:83:BA:BB:31:06:1A:86:32:F2:25:0A:1E:97:13:E8:1F
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CnnPtIO6uzEGGoYy8iUKHpcT6B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.152.0/23
85.121.14.0/23
Signature Algorithm: sha256WithRSAEncryption
18:56:4b:54:99:ff:1b:fa:f0:73:4f:04:88:f1:47:92:0c:cd:
5a:57:7f:6f:8c:bd:d2:32:97:4f:74:ce:86:e7:87:70:27:f1:
44:ce:6e:1a:32:6d:33:13:78:68:12:5c:d1:e0:c8:67:dc:1c:
78:32:47:bb:aa:60:2a:2f:9c:7f:38:ee:45:c9:53:5f:e5:0c:
4a:c7:e7:a9:19:11:ad:17:c4:f2:7e:c9:a4:4b:df:5e:97:a5:
db:2e:64:30:fd:58:2e:92:58:ca:61:1a:55:5f:59:49:a0:a2:
ce:4c:2b:4f:4d:73:fc:05:14:3c:81:9c:29:47:56:94:38:69:
34:60:5f:55:b3:f9:4e:45:1b:ab:40:00:02:c4:ce:04:2e:42:
dc:5d:1e:c7:18:c3:b7:15:19:16:16:93:dc:66:f9:6f:c5:73:
12:db:b5:09:5e:b3:4b:0e:89:db:a7:71:2f:12:32:7c:74:d1:
b4:be:98:99:09:6c:ab:59:a4:2f:db:6a:5a:98:72:58:c4:53:
2b:87:21:90:dc:6e:0c:ae:97:28:73:e9:83:0b:62:f4:6d:b9:
4f:4c:b9:14:2d:d4:26:b8:d5:11:bc:27:8f:22:e4:ad:35:ee:
ef:c4:cb:6f:3c:3b:5f:52:c8:b9:68:7d:ca:c8:ad:ef:ef:f1:
b6:62:5b:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFOxFhEp6h4J49sw03+NSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc5Y2ZiNDgzYmFiYjMxMDYxYTg2MzJmMjI1MGExZTk3MTNlODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAXafZKuMNIDmI45vyH+w7LqNgUj
BB/SBI7tPvywt8lpy2TMB0aEMgTzLDU8aAzTdQ/9TPld7cvo+U3+rm5Z6RydB50X
HH0aBC6ZL0V8f6Jw0OrpmJc41te38ziVCp5AnaODH+T2CrYsjW6PEydQvZ93GRLz
EWM4bdsWlviRNpn8nPG+kxWS4QWLtJ6Lx0wWLtp7XPQv1pe0XkwjWQHSfpvEXp2k
q1RZ2zGKMc6CJNffh31jXgZV4ybkJwQzDYxm+xVv+4pAeScTqWzKEcPUlvkvThrM
PprF0+sNSC5TYJxC1CYVi8yPQ+T7ZjN//EOpqqPZSe8zYag+s3tcdhfayQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAp5z7SDursxBhqGMvIlCh6XE+gfMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQ25uUHRJTzZ1ekVHR29ZeThpVUtIcGNUNkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXiYAwQB
VXkOMA0GCSqGSIb3DQEBCwUAA4IBAQAYVktUmf8b+vBzTwSI8UeSDM1aV39vjL3S
MpdPdM6G54dwJ/FEzm4aMm0zE3hoElzR4Mhn3Bx4Mke7qmAqL5x/OO5FyVNf5QxK
x+epGRGtF8TyfsmkS99el6XbLmQw/VgukljKYRpVX1lJoKLOTCtPTXP8BRQ8gZwp
R1aUOGk0YF9Vs/lORRurQAACxM4ELkLcXR7HGMO3FRkWFpPcZvlvxXMS27UJXrNL
Donbp3EvEjJ8dNG0vpiZCWyrWaQv22pamHJYxFMrhyGQ3G4Mrpcoc+mDC2L0bblP
TLkULdQmuNURvCePIuStNe7vxMtvPDtfUsi5aH3KyK3v7/G2YluC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org