Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/DnnnBzPOpngNPsrSUsOZh9-C2jY.roa
File: DnnnBzPOpngNPsrSUsOZh9-C2jY.roa (raw, json)
Hash identifier: 06WK1WYz8l1m3wC5v2I5szjjStV9QfdmKiwgqosnC1Q=
Subject key identifier: 0E:79:E7:07:33:CE:A6:78:0D:3E:CA:D2:52:C3:99:87:DF:82:DA:36
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14F8B90F889C9BAFF581169845C0A1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/DnnnBzPOpngNPsrSUsOZh9-C2jY.roa
Signing time: Sun 01 Jan 2023 20:45:23 +0000
ROA not before: Sun 01 Jan 2023 20:45:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.120.144.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 10:32:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f8:b9:0f:88:9c:9b:af:f5:81:16:98:45:c0:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e79e70733cea6780d3ecad252c39987df82da36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:b4:76:76:fb:ee:05:57:0e:92:db:1a:64:
b9:a6:47:84:f8:0e:26:34:88:22:df:a6:cf:23:69:
17:ad:54:17:23:f8:d0:d7:04:19:a5:7c:09:17:c1:
51:04:e1:aa:ea:ce:3c:13:f7:bc:ee:95:69:a2:13:
a7:9e:9c:e6:22:4e:a5:d5:25:99:20:d2:74:a2:8f:
57:ee:a6:7f:bf:c3:dd:e1:46:33:03:fd:13:48:ed:
00:5c:5c:c0:a4:be:49:c7:a4:0e:79:20:4a:c7:01:
b0:c6:88:ec:ea:87:6b:c7:de:b9:c7:b0:f9:8f:f1:
47:cf:60:d1:04:5f:98:db:cb:fd:4f:85:ec:a0:d3:
34:75:cc:63:a2:ca:1d:ad:ba:61:91:8b:fc:44:eb:
69:4d:79:e8:bb:37:a9:34:2c:16:58:b8:2d:45:43:
6b:5f:ca:82:5d:28:0f:ee:f9:8f:8c:56:1b:28:96:
59:a4:b7:c6:df:04:59:20:22:2d:47:13:79:f3:34:
0b:fb:34:5c:12:76:47:fe:f0:a2:75:af:53:a7:53:
6d:4c:f7:67:05:28:8b:04:8e:bd:29:b8:df:3e:66:
6a:42:93:2e:58:dc:72:60:4e:40:ac:46:d2:50:d6:
15:9e:1d:94:7d:8f:aa:1c:cd:ed:8d:c3:9c:ff:19:
07:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:79:E7:07:33:CE:A6:78:0D:3E:CA:D2:52:C3:99:87:DF:82:DA:36
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/DnnnBzPOpngNPsrSUsOZh9-C2jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.144.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:86:87:b1:ae:48:e7:37:d7:0f:bb:14:5b:e5:2f:7e:f1:66:
84:ec:fb:79:ab:f3:eb:c5:83:8b:3c:53:47:d5:74:61:76:5e:
6b:8c:cc:33:5b:57:8a:fd:77:fe:40:b1:b3:24:26:cb:68:d7:
6b:97:1f:a8:90:30:9c:dd:66:f6:15:e3:01:df:f8:2f:74:ec:
b0:4c:c8:a8:5f:90:fe:78:8f:4b:90:bd:cc:6c:33:7f:54:32:
80:d9:79:bb:c0:49:9b:e9:5a:b3:a7:a0:6e:75:f8:2e:ae:80:
0e:06:14:b2:a6:f4:ae:df:ef:7c:55:7e:1f:f7:06:95:c2:74:
74:87:d7:da:05:28:e0:3c:96:f3:58:47:28:5c:6e:1a:c3:16:
36:92:c0:dd:f6:89:51:fe:41:57:33:32:a2:78:31:62:1e:d2:
1f:01:3e:41:9d:6e:80:ae:b5:93:0e:a2:b5:ba:c7:cf:0a:d6:
c1:80:3c:66:a0:b3:15:57:98:0d:03:bc:bb:e9:9b:30:84:0e:
e5:bc:1f:2c:2d:ed:ef:fc:45:29:4b:cd:b0:01:81:53:58:e5:
30:8d:4e:fb:7e:66:f7:17:d2:0f:aa:5a:9e:10:1d:fd:33:82:
58:3a:27:cd:39:ba:47:a1:3e:d0:62:aa:fb:6a:60:c0:50:7a:
fa:99:5d:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFPi5D4icm6/1gRaYRcChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc5ZTcwNzMzY2VhNjc4MGQzZWNhZDI1MmMzOTk4N2RmODJkYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr20dnb77gVXDpLbGmS5pkeE+A4m
NIgi36bPI2kXrVQXI/jQ1wQZpXwJF8FRBOGq6s48E/e87pVpohOnnpzmIk6l1SWZ
INJ0oo9X7qZ/v8Pd4UYzA/0TSO0AXFzApL5Jx6QOeSBKxwGwxojs6odrx965x7D5
j/FHz2DRBF+Y28v9T4XsoNM0dcxjosodrbphkYv8ROtpTXnouzepNCwWWLgtRUNr
X8qCXSgP7vmPjFYbKJZZpLfG3wRZICItRxN58zQL+zRcEnZH/vCida9Tp1NtTPdn
BSiLBI69KbjfPmZqQpMuWNxyYE5ArEbSUNYVnh2UfY+qHM3tjcOc/xkHgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA555wczzqZ4DT7K0lLDmYffgto2MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvRG5ubkJ6UE9wbmdOUHNyU1VzT1poOS1DMmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXiQAwQA
2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQBLhoexrkjnN9cPuxRb5S9+8WaE7Pt5q/Pr
xYOLPFNH1XRhdl5rjMwzW1eK/Xf+QLGzJCbLaNdrlx+okDCc3Wb2FeMB3/gvdOyw
TMioX5D+eI9LkL3MbDN/VDKA2Xm7wEmb6Vqzp6BudfguroAOBhSypvSu3+98VX4f
9waVwnR0h9faBSjgPJbzWEcoXG4awxY2ksDd9olR/kFXMzKieDFiHtIfAT5BnW6A
rrWTDqK1usfPCtbBgDxmoLMVV5gNA7y76ZswhA7lvB8sLe3v/EUpS82wAYFTWOUw
jU77fmb3F9IPqlqeEB39M4JYOifNObpHoT7QYqr7amDAUHr6mV3N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org