Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cZLkAKf1Xazj7WvKOm4-Z4cTV0w.roa
File: cZLkAKf1Xazj7WvKOm4-Z4cTV0w.roa (raw, json)
Hash identifier: Mn3ODOgkfXQH5QGpuL7DB9Z+Ybl9wB7eP3nGsLTVCqY=
Subject key identifier: 71:92:E4:00:A7:F5:5D:AC:E3:ED:6B:CA:3A:6E:3E:67:87:13:57:4C
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F150ADD7BEA887B1B8D532B3568C5C0
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cZLkAKf1Xazj7WvKOm4-Z4cTV0w.roa
Signing time: Sun 01 Jan 2023 20:45:28 +0000
ROA not before: Sun 01 Jan 2023 20:45:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203809
IP address blocks: 85.120.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:15:0a:dd:7b:ea:88:7b:1b:8d:53:2b:35:68:c5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7192e400a7f55dace3ed6bca3a6e3e678713574c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f2:f8:3e:16:73:ae:75:f9:cd:3a:87:69:ac:
81:55:3e:f6:be:5a:b4:a4:3c:55:9a:ef:c7:5b:a1:
6d:f3:7d:89:ac:1f:76:b5:2b:8e:90:0b:ac:13:25:
9b:03:7b:de:ff:ca:cd:92:70:70:a1:12:ce:57:4e:
c8:70:11:f4:a6:4a:f4:dc:77:4b:8a:6a:51:ef:a2:
b4:8a:2e:b2:33:14:7e:9c:d1:ae:27:3d:00:18:bd:
18:b6:5a:95:e8:6a:fe:93:6f:ce:f3:8d:50:91:da:
c6:56:e4:2c:d4:04:35:ef:f8:6b:53:96:ac:1e:c8:
58:74:e4:00:60:1d:68:c8:48:df:a4:22:30:87:74:
32:75:1f:32:64:8e:cb:88:a8:63:78:a4:6d:e8:58:
11:72:18:7f:26:12:69:12:46:c5:63:63:18:0d:b6:
d4:f5:f8:29:f5:a9:21:bd:4e:97:23:3b:aa:77:ce:
12:ca:86:99:f4:8a:c6:45:dc:04:cd:a0:53:93:4e:
49:44:2d:de:bc:8c:1c:34:f3:13:e5:98:bc:75:b3:
e1:03:0a:d5:0c:9b:83:d9:d0:97:9d:3e:6a:00:2f:
47:65:f0:09:3f:8b:91:02:8c:35:2d:82:41:8a:b6:
35:83:ce:33:6f:cc:a6:6c:49:95:9f:47:df:4a:0a:
a3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:92:E4:00:A7:F5:5D:AC:E3:ED:6B:CA:3A:6E:3E:67:87:13:57:4C
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cZLkAKf1Xazj7WvKOm4-Z4cTV0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.43.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:7c:5d:93:d2:a7:f2:e5:3f:97:68:1a:10:6d:20:db:07:b2:
79:f8:23:48:1e:41:98:fa:a1:47:76:3b:45:76:7b:7d:2f:b0:
0c:1b:d7:5f:69:74:36:d7:96:1a:25:7d:60:ab:91:85:03:a9:
c0:14:5c:4c:fb:e6:85:e8:c9:47:90:6f:fe:22:14:b2:da:1f:
78:fc:ea:3c:b1:3b:d0:5f:98:94:0d:ae:f5:4d:8a:d2:b4:e5:
d8:33:98:af:d3:1c:37:f6:9b:a8:a7:bb:d2:6a:0f:af:9b:75:
69:c9:40:ee:51:82:18:c0:c6:78:5a:0b:15:50:1d:1d:96:3a:
45:e7:32:1a:7a:df:2f:ab:48:e2:4e:28:40:c5:0d:af:99:f1:
7d:3a:0b:3e:78:fc:f2:45:06:37:f5:1d:b1:45:79:4d:dd:d4:
19:16:e8:ec:ae:3b:e1:34:b2:21:11:ea:61:83:59:2c:30:ca:
5c:ef:f3:40:8a:af:c0:fd:ed:0a:94:e3:56:3f:d5:59:79:56:
58:d6:77:2f:9e:de:b2:11:f1:fb:55:6c:74:63:7b:a1:1c:62:
da:e8:46:0f:87:51:2c:ff:4a:df:b5:6c:96:7b:37:2c:50:5d:
db:52:67:cb:f9:60:aa:45:11:99:47:da:7f:50:0a:cb:36:16:
61:69:70:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFQrde+qIexuNUys1aMXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTkyZTQwMGE3ZjU1ZGFjZTNlZDZiY2EzYTZlM2U2Nzg3MTM1NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPL4PhZzrnX5zTqHaayBVT72vlq0
pDxVmu/HW6Ft832JrB92tSuOkAusEyWbA3ve/8rNknBwoRLOV07IcBH0pkr03HdL
impR76K0ii6yMxR+nNGuJz0AGL0YtlqV6Gr+k2/O841QkdrGVuQs1AQ17/hrU5as
HshYdOQAYB1oyEjfpCIwh3QydR8yZI7LiKhjeKRt6FgRchh/JhJpEkbFY2MYDbbU
9fgp9akhvU6XIzuqd84SyoaZ9IrGRdwEzaBTk05JRC3evIwcNPMT5Zi8dbPhAwrV
DJuD2dCXnT5qAC9HZfAJP4uRAow1LYJBirY1g84zb8ymbEmVn0ffSgqjjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGS5ACn9V2s4+1ryjpuPmeHE1dMMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvY1pMa0FLZjFYYXpqN1d2S09tNC1aNGNUVjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXgrMA0G
CSqGSIb3DQEBCwUAA4IBAQCrfF2T0qfy5T+XaBoQbSDbB7J5+CNIHkGY+qFHdjtF
dnt9L7AMG9dfaXQ215YaJX1gq5GFA6nAFFxM++aF6MlHkG/+IhSy2h94/Oo8sTvQ
X5iUDa71TYrStOXYM5iv0xw39puop7vSag+vm3VpyUDuUYIYwMZ4WgsVUB0dljpF
5zIaet8vq0jiTihAxQ2vmfF9Ogs+ePzyRQY39R2xRXlN3dQZFujsrjvhNLIhEeph
g1ksMMpc7/NAiq/A/e0KlONWP9VZeVZY1ncvnt6yEfH7VWx0Y3uhHGLa6EYPh1Es
/0rftWyWezcsUF3bUmfL+WCqRRGZR9p/UArLNhZhaXAa
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:06 2024 by rpki-client on console-fra.rpki-client.org