Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/CXadM5n_y_vMcRkyc-rEUcx3iD4.roa
File: CXadM5n_y_vMcRkyc-rEUcx3iD4.roa (raw, json)
Hash identifier: YFlGTsAN3dhItdWzS1GnZaYWXKp7o80Lg+uJXlvi6xg=
Subject key identifier: 09:76:9D:33:99:FF:CB:FB:CC:71:19:32:73:EA:C4:51:CC:77:88:3E
Certificate issuer: /CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Certificate serial: 018572DEFA423C7C3FEC06B72AA0690E2733
Authority key identifier: 39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/CXadM5n_y_vMcRkyc-rEUcx3iD4.roa
Signing time: Mon 02 Jan 2023 14:24:53 +0000
ROA not before: Mon 02 Jan 2023 14:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206860
IP address blocks: 85.202.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:fa:42:3c:7c:3f:ec:06:b7:2a:a0:69:0e:27:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Validity
Not Before: Jan 2 14:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09769d3399ffcbfbcc71193273eac451cc77883e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:83:3c:09:b5:02:de:53:af:aa:a9:6e:03:82:
54:5f:ea:11:03:b3:eb:74:aa:f6:dd:60:2a:c9:52:
5a:7d:02:e2:ca:4e:8a:d7:97:ab:ff:76:4d:8b:e5:
51:7a:9a:49:ba:89:5c:b1:d3:03:48:c7:3f:6c:b0:
cc:db:73:74:17:52:af:e5:19:3f:3f:d6:b1:4e:89:
fb:52:66:20:92:af:81:39:5c:aa:29:4e:0c:fc:1a:
45:07:f3:58:09:17:85:04:a0:96:91:cb:51:f9:cd:
2d:a9:4e:7b:77:02:85:12:7b:7a:be:52:b8:70:45:
c2:ce:78:95:b2:fb:60:51:81:a9:44:0e:64:7e:cf:
3c:14:1c:22:41:21:90:fd:6f:ff:95:6b:14:ae:99:
40:6d:c9:b3:4c:04:0c:bb:80:08:f1:5b:fe:a0:05:
c0:6e:08:20:dd:c4:e7:47:b0:26:35:28:1f:80:19:
0d:7f:e1:67:99:9d:98:3b:45:a8:18:e4:24:2e:99:
35:2b:71:41:1c:28:35:ad:b8:b7:5b:d4:54:4c:aa:
67:d6:d2:0c:d4:9b:0f:29:ea:14:22:71:2f:7d:13:
5a:83:15:ae:66:b7:1c:d4:dc:25:9e:a3:d2:8e:25:
8b:b5:2e:50:b4:54:02:fd:d1:4a:41:d4:ea:2d:6c:
69:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:9D:33:99:FF:CB:FB:CC:71:19:32:73:EA:C4:51:CC:77:88:3E
X509v3 Authority Key Identifier:
keyid:39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/CXadM5n_y_vMcRkyc-rEUcx3iD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.201.0/24
Signature Algorithm: sha256WithRSAEncryption
23:e0:47:97:a7:96:b7:05:83:aa:0a:84:2e:f9:ee:9b:32:38:
30:28:da:c3:28:d8:72:15:d1:b0:16:a1:b6:d3:40:ec:3f:12:
07:24:0a:8c:c8:5b:50:0a:93:c2:85:2c:d9:75:58:ce:f3:96:
02:bc:26:60:04:f3:1d:be:3c:80:9b:35:9f:2f:4d:30:6f:af:
95:20:04:51:90:29:e3:f1:ff:ee:76:9c:20:b6:fc:09:ff:85:
69:e7:6a:7d:de:47:2d:4f:69:62:84:5c:27:40:7c:cb:67:88:
20:ca:4e:88:2a:6b:ee:07:52:9c:38:55:c6:74:1b:5f:1c:9b:
4b:eb:0b:c0:4e:a8:d5:66:cb:83:dc:fe:f3:71:5a:63:08:6a:
ee:9f:76:a2:1a:e4:11:ea:30:f6:ec:04:9b:67:06:19:a7:7b:
a4:b1:72:c6:5b:d8:7d:1a:ee:10:e8:de:05:67:35:85:ef:c2:
50:3d:70:73:5c:c5:07:5d:32:90:f3:28:7b:3f:b4:b8:8e:0c:
c8:b1:d3:33:38:3f:f3:5a:94:ee:c7:fb:aa:cc:57:8f:09:cc:
8e:4a:fb:df:89:db:c8:75:fe:7b:cc:af:40:a6:f5:dc:1c:dc:
09:cb:ab:c4:db:7a:00:0d:f4:4d:24:68:fe:79:ac:81:55:52:
cd:60:76:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3vpCPHw/7Aa3KqBpDiczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2E1MDY1MDQzZDI4YTJhZGMzNjM4M2ExZGY3ZDNiZWM4
MWNlOGQwHhcNMjMwMTAyMTQyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc2OWQzMzk5ZmZjYmZiY2M3MTE5MzI3M2VhYzQ1MWNjNzc4ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YM8CbUC3lOvqqluA4JUX+oRA7Pr
dKr23WAqyVJafQLiyk6K15er/3ZNi+VReppJuolcsdMDSMc/bLDM23N0F1Kv5Rk/
P9axTon7UmYgkq+BOVyqKU4M/BpFB/NYCReFBKCWkctR+c0tqU57dwKFEnt6vlK4
cEXCzniVsvtgUYGpRA5kfs88FBwiQSGQ/W//lWsUrplAbcmzTAQMu4AI8Vv+oAXA
bggg3cTnR7AmNSgfgBkNf+FnmZ2YO0WoGOQkLpk1K3FBHCg1rbi3W9RUTKpn1tIM
1JsPKeoUInEvfRNagxWuZrcc1NwlnqPSjiWLtS5QtFQC/dFKQdTqLWxpmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl2nTOZ/8v7zHEZMnPqxFHMd4g+MB8GA1UdIwQY
MBaAFDnKUGUEPSiircNjg6HffTvsgc6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2Njgt
ODcwYWNmZWNiY2RmLzEvQ1hhZE01bl95X3ZNY1JreWMtckVVY3gzaUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2NjgtODcwYWNmZWNiY2Rm
LzEvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcrJMA0G
CSqGSIb3DQEBCwUAA4IBAQAj4EeXp5a3BYOqCoQu+e6bMjgwKNrDKNhyFdGwFqG2
00DsPxIHJAqMyFtQCpPChSzZdVjO85YCvCZgBPMdvjyAmzWfL00wb6+VIARRkCnj
8f/udpwgtvwJ/4Vp52p93kctT2lihFwnQHzLZ4ggyk6IKmvuB1KcOFXGdBtfHJtL
6wvATqjVZsuD3P7zcVpjCGrun3aiGuQR6jD27ASbZwYZp3uksXLGW9h9Gu4Q6N4F
ZzWF78JQPXBzXMUHXTKQ8yh7P7S4jgzIsdMzOD/zWpTux/uqzFePCcyOSvvfidvI
df57zK9ApvXcHNwJy6vE23oADfRNJGj+eayBVVLNYHZh
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:30 2024 by rpki-client on console-ams.rpki-client.org