Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/782447-ec8b-4289-9c1c-28f960eb7a39/1/CzRFI0beBIcaTtj51H9tXfPxZdA.roa
File: CzRFI0beBIcaTtj51H9tXfPxZdA.roa (raw, json)
Hash identifier: SXAee5CnGjAwRX6nY7bnam1hLWp76UEk1qLfb4iSzAI=
Subject key identifier: 0B:34:45:23:46:DE:04:87:1A:4E:D8:F9:D4:7F:6D:5D:F3:F1:65:D0
Certificate issuer: /CN=79df50e26894bb0e81359606d82b7190c17598cc
Certificate serial: 01856F1DC0CDD1297C9DBD12DF3BB9D9F2CE
Authority key identifier: 79:DF:50:E2:68:94:BB:0E:81:35:96:06:D8:2B:71:90:C1:75:98:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ed9Q4miUuw6BNZYG2CtxkMF1mMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/782447-ec8b-4289-9c1c-28f960eb7a39/1/CzRFI0beBIcaTtj51H9tXfPxZdA.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201059
IP address blocks: 185.81.148.0/22 maxlen: 22
2a05:68c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c0:cd:d1:29:7c:9d:bd:12:df:3b:b9:d9:f2:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79df50e26894bb0e81359606d82b7190c17598cc
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b34452346de04871a4ed8f9d47f6d5df3f165d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:be:9c:8e:54:d4:78:3b:c8:1f:c6:8d:ca:
c9:8f:d3:8a:b3:1c:01:24:96:2f:ff:13:cf:15:a4:
20:61:1b:0d:55:6d:a0:e4:23:b4:e4:99:3d:1a:00:
61:a0:54:db:c5:f9:f3:2f:56:f5:3d:38:b0:f1:5b:
4a:0d:82:4b:79:19:3b:b1:8c:01:a8:eb:8a:a2:5d:
9d:96:72:b1:65:52:54:0b:12:0a:e4:7d:b3:4f:71:
03:0e:c9:7c:fc:5c:8d:db:3b:5b:55:32:2a:e4:78:
64:ba:00:dd:d3:c4:36:56:0e:63:b3:19:6d:8e:6a:
c7:a8:4f:27:02:ee:4a:2b:44:74:f1:f5:18:f8:c6:
e1:7b:25:ae:22:0d:d1:7a:1a:75:b4:b6:a4:07:15:
36:07:88:4c:1e:57:2b:5f:f6:90:a7:5b:52:2b:8d:
7c:53:90:ed:17:91:65:be:0f:0e:c6:60:28:49:d7:
d4:85:f8:ff:b2:e6:c7:6e:8a:0d:08:89:77:04:2a:
ba:74:7f:c7:e7:a1:38:63:97:98:47:dc:0d:e6:3a:
55:90:3e:41:62:af:cc:58:28:31:a3:e3:57:b6:67:
ff:c9:70:bb:be:85:a7:63:a1:84:52:97:bc:50:34:
a2:64:dd:6c:74:38:37:ba:2b:4d:4f:8f:c0:88:e5:
41:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:34:45:23:46:DE:04:87:1A:4E:D8:F9:D4:7F:6D:5D:F3:F1:65:D0
X509v3 Authority Key Identifier:
keyid:79:DF:50:E2:68:94:BB:0E:81:35:96:06:D8:2B:71:90:C1:75:98:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed9Q4miUuw6BNZYG2CtxkMF1mMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/782447-ec8b-4289-9c1c-28f960eb7a39/1/CzRFI0beBIcaTtj51H9tXfPxZdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/782447-ec8b-4289-9c1c-28f960eb7a39/1/ed9Q4miUuw6BNZYG2CtxkMF1mMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.148.0/22
IPv6:
2a05:68c0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:a7:a4:19:c4:5e:c4:b6:bd:7d:aa:aa:1d:f7:89:f2:60:db:
02:41:62:5f:18:c5:9b:cd:5f:fb:46:ff:64:6d:9b:2d:c0:f9:
cf:b3:e5:0a:34:25:e4:63:c4:d8:58:5d:3d:d4:12:ba:6a:ef:
07:21:3a:4b:e4:15:13:53:ee:c1:4b:2d:38:5f:c9:9b:8a:c0:
65:cf:dd:f4:29:6a:48:bb:ec:9e:6d:19:30:3f:d2:ba:65:e0:
1d:1e:e5:e4:0e:1d:35:d4:78:bf:29:16:07:1c:a7:f8:93:8e:
1f:9c:d9:1f:f8:6c:60:3d:08:b4:7f:9b:67:19:2e:ca:12:31:
d8:e8:31:7e:52:74:b3:a4:1d:1c:20:d6:60:2b:fc:33:9f:fa:
cc:bc:d1:ee:fc:93:9a:2a:b9:ba:a7:5e:1b:83:f6:8f:ab:0e:
38:8d:70:0d:0f:84:cf:b1:82:f4:9c:21:8e:a8:ac:d7:b0:74:
04:f6:f2:42:ae:d7:99:ca:50:7c:c0:23:5c:46:94:85:72:37:
c4:24:e0:4e:f5:43:47:de:16:35:ed:9f:7a:c2:7d:a3:4a:66:
36:a1:c9:18:1a:d6:61:6f:f0:e5:39:55:10:76:d5:d3:4c:ec:
85:89:48:9c:53:87:f3:a7:3b:20:57:39:d1:46:ae:cb:51:a5:
32:79:43:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHcDN0Sl8nb0S3zu52fLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZGY1MGUyNjg5NGJiMGU4MTM1OTYwNmQ4MmI3MTkwYzE3
NTk4Y2MwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM0NDUyMzQ2ZGUwNDg3MWE0ZWQ4ZjlkNDdmNmQ1ZGYzZjE2NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0O+nI5U1Hg7yB/GjcrJj9OKsxwB
JJYv/xPPFaQgYRsNVW2g5CO05Jk9GgBhoFTbxfnzL1b1PTiw8VtKDYJLeRk7sYwB
qOuKol2dlnKxZVJUCxIK5H2zT3EDDsl8/FyN2ztbVTIq5HhkugDd08Q2Vg5jsxlt
jmrHqE8nAu5KK0R08fUY+MbheyWuIg3Rehp1tLakBxU2B4hMHlcrX/aQp1tSK418
U5DtF5Flvg8OxmAoSdfUhfj/subHbooNCIl3BCq6dH/H56E4Y5eYR9wN5jpVkD5B
Yq/MWCgxo+NXtmf/yXC7voWnY6GEUpe8UDSiZN1sdDg3uitNT4/AiOVBBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAs0RSNG3gSHGk7Y+dR/bV3z8WXQMB8GA1UdIwQY
MBaAFHnfUOJolLsOgTWWBtgrcZDBdZjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWQ5UTRtaVV1dzZCTlpZRzJDdHhrTUYxbU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83ODI0NDctZWM4Yi00Mjg5LTljMWMt
MjhmOTYwZWI3YTM5LzEvQ3pSRkkwYmVCSWNhVHRqNTFIOXRYZlB4WmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83ODI0NDctZWM4Yi00Mjg5LTljMWMtMjhmOTYwZWI3YTM5
LzEvZWQ5UTRtaVV1dzZCTlpZRzJDdHhrTUYxbU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVGUMA0E
AgACMAcDBQMqBWjAMA0GCSqGSIb3DQEBCwUAA4IBAQA9p6QZxF7Etr19qqod94ny
YNsCQWJfGMWbzV/7Rv9kbZstwPnPs+UKNCXkY8TYWF091BK6au8HITpL5BUTU+7B
Sy04X8mbisBlz930KWpIu+yebRkwP9K6ZeAdHuXkDh011Hi/KRYHHKf4k44fnNkf
+GxgPQi0f5tnGS7KEjHY6DF+UnSzpB0cINZgK/wzn/rMvNHu/JOaKrm6p14bg/aP
qw44jXAND4TPsYL0nCGOqKzXsHQE9vJCrteZylB8wCNcRpSFcjfEJOBO9UNH3hY1
7Z96wn2jSmY2ockYGtZhb/DlOVUQdtXTTOyFiUicU4fzpzsgVznRRq7LUaUyeUO6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:53 2024 by rpki-client on console-fra.rpki-client.org