Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/M3vPGpSo09pfA7NGz1e1MK8nl48.roa
File: M3vPGpSo09pfA7NGz1e1MK8nl48.roa (raw, json)
Hash identifier: 8fZRNla7CJSvX65nIoEUTgdtQi3byzgJ7PTxMXBHVUs=
Subject key identifier: 33:7B:CF:1A:94:A8:D3:DA:5F:03:B3:46:CF:57:B5:30:AF:27:97:8F
Certificate issuer: /CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Certificate serial: 018570152F39A4EECF3B9966AD0F235E4C96
Authority key identifier: 0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/M3vPGpSo09pfA7NGz1e1MK8nl48.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47505
IP address blocks: 89.36.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2f:39:a4:ee:cf:3b:99:66:ad:0f:23:5e:4c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=337bcf1a94a8d3da5f03b346cf57b530af27978f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:34:dd:53:09:51:61:d7:b2:f2:b7:7d:98:4f:
da:23:6d:d1:a3:c7:0c:5d:01:20:d9:43:7b:6c:04:
ea:fa:7f:7c:71:0b:29:f8:c9:fe:5a:17:99:e3:be:
61:00:a1:be:62:b9:a9:af:25:ae:eb:73:f2:99:db:
f3:01:c1:64:92:b7:9a:57:cf:74:30:b1:b3:40:c7:
ef:5d:b4:bd:50:17:fd:f4:fe:39:16:60:c9:24:9f:
d9:5f:62:0c:13:cf:32:98:37:41:7b:a9:e4:01:ba:
03:cb:f8:31:68:84:38:a5:06:ae:1d:b1:9d:6f:16:
37:b6:8c:45:05:f0:89:23:b0:f0:a0:0f:7d:8f:fe:
d8:23:0e:e3:ce:21:35:eb:72:e7:59:cd:9a:46:3c:
8a:9c:07:d3:a9:72:c0:e6:82:c7:6d:9e:64:49:5c:
f8:79:67:5b:e2:58:17:f7:33:a0:34:6b:e2:a1:fb:
21:87:ed:4e:c7:2d:f0:89:7f:4f:fb:0f:56:26:65:
24:c9:a6:f2:54:ac:99:d5:73:96:74:1a:ca:e9:4d:
5a:43:68:2d:38:67:c4:76:c2:83:24:f9:a7:f2:aa:
7e:0e:7d:6f:c4:30:05:37:77:da:b8:ac:7f:1b:28:
da:91:04:67:57:93:c1:96:94:6f:3e:5d:6a:a7:88:
d0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7B:CF:1A:94:A8:D3:DA:5F:03:B3:46:CF:57:B5:30:AF:27:97:8F
X509v3 Authority Key Identifier:
keyid:0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/M3vPGpSo09pfA7NGz1e1MK8nl48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.8.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:62:63:f3:bd:75:b1:42:ad:02:d7:0a:50:33:3a:b8:3c:ca:
db:e9:45:e6:54:d7:cf:07:30:c8:bf:63:3a:4f:c2:7f:b7:87:
62:a4:d4:a1:12:40:e7:c8:b0:53:0e:80:c7:39:4a:f9:2b:65:
41:46:92:38:9b:72:66:55:17:a7:56:86:36:db:c1:af:b0:f8:
42:72:b9:d5:b3:f6:cb:b8:3f:cf:d9:ca:99:fb:0b:64:b2:2e:
c6:a9:5e:3b:04:30:32:35:72:2b:82:3b:6e:67:ce:af:74:cf:
87:ef:77:14:db:9a:a6:cd:b4:fe:9b:10:af:19:bc:a9:17:4c:
ca:2e:56:ad:f6:09:b1:2f:0a:a5:e3:91:5a:db:74:fc:eb:1b:
3b:42:5a:ac:9e:62:fa:38:50:dd:ed:f1:fe:4a:9d:c9:4a:b5:
85:f0:66:6f:ef:a5:5a:70:fd:6b:79:77:f7:6f:6d:a2:28:e5:
d7:3d:cf:a2:f2:4d:aa:78:f7:30:99:b5:38:d3:66:0e:94:c0:
c9:96:86:76:33:ed:0f:8d:53:bd:0a:cb:76:9c:1d:9d:c6:82:
06:a6:a0:3c:d3:df:05:d0:eb:0c:5f:d8:54:52:13:60:4b:b4:
6a:77:17:d0:67:75:4c:f3:f2:da:98:70:3c:f0:8d:73:36:cb:
05:51:45:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFS85pO7PO5lmrQ8jXkyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmNlNjRjM2U2NWE4MjAyYTdjMWIxYjIwY2ExMWU0NWFl
NmQ1OGMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdiY2YxYTk0YThkM2RhNWYwM2IzNDZjZjU3YjUzMGFmMjc5NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzTdUwlRYdey8rd9mE/aI23Ro8cM
XQEg2UN7bATq+n98cQsp+Mn+WheZ475hAKG+YrmpryWu63PymdvzAcFkkreaV890
MLGzQMfvXbS9UBf99P45FmDJJJ/ZX2IME88ymDdBe6nkAboDy/gxaIQ4pQauHbGd
bxY3toxFBfCJI7DwoA99j/7YIw7jziE163LnWc2aRjyKnAfTqXLA5oLHbZ5kSVz4
eWdb4lgX9zOgNGviofshh+1Oxy3wiX9P+w9WJmUkyabyVKyZ1XOWdBrK6U1aQ2gt
OGfEdsKDJPmn8qp+Dn1vxDAFN3fauKx/GyjakQRnV5PBlpRvPl1qp4jQjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDN7zxqUqNPaXwOzRs9XtTCvJ5ePMB8GA1UdIwQY
MBaAFAws5kw+ZaggKnwbGyDKEeRa5tWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTkt
NWM0Yjc2ZjQ4ZDUwLzEvTTN2UEdwU28wOXBmQTdOR3oxZTFNSzhubDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTktNWM0Yjc2ZjQ4ZDUw
LzEvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWSQIMA0G
CSqGSIb3DQEBCwUAA4IBAQA7YmPzvXWxQq0C1wpQMzq4PMrb6UXmVNfPBzDIv2M6
T8J/t4dipNShEkDnyLBTDoDHOUr5K2VBRpI4m3JmVRenVoY228GvsPhCcrnVs/bL
uD/P2cqZ+wtksi7GqV47BDAyNXIrgjtuZ86vdM+H73cU25qmzbT+mxCvGbypF0zK
Llat9gmxLwql45Fa23T86xs7QlqsnmL6OFDd7fH+Sp3JSrWF8GZv76VacP1reXf3
b22iKOXXPc+i8k2qePcwmbU402YOlMDJloZ2M+0PjVO9Cst2nB2dxoIGpqA8098F
0OsMX9hUUhNgS7RqdxfQZ3VM8/LamHA88I1zNssFUUUE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org