Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/2Jd01L-MbnfSCzL92zpK7HjFTpA.roa
File: 2Jd01L-MbnfSCzL92zpK7HjFTpA.roa (raw, json)
Hash identifier: cQNXy6fwySFqxTgOW4nyHwJX/pyxUQjffW7+d9g5Mrg=
Subject key identifier: D8:97:74:D4:BF:8C:6E:77:D2:0B:32:FD:DB:3A:4A:EC:78:C5:4E:90
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0188785F023AEC546F448616C25DB62F4F86
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/2Jd01L-MbnfSCzL92zpK7HjFTpA.roa
Signing time: Thu 01 Jun 2023 19:11:12 +0000
ROA not before: Thu 01 Jun 2023 19:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 85.239.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:78:5f:02:3a:ec:54:6f:44:86:16:c2:5d:b6:2f:4f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jun 1 19:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d89774d4bf8c6e77d20b32fddb3a4aec78c54e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e7:8a:70:f8:f5:b4:37:2d:5b:a3:5c:9f:0d:
26:ce:81:87:38:6d:c0:2d:28:22:93:b9:41:e1:77:
68:a9:ff:5d:cc:f3:80:7c:d4:c5:47:2a:d3:02:df:
63:81:68:f2:b8:bb:4a:19:14:bd:b5:93:66:8e:b9:
d6:1e:bc:b9:c5:f8:de:32:9f:bb:bf:55:47:42:fd:
eb:6b:fc:32:15:26:ae:ce:06:84:e2:43:83:9e:5b:
ba:7c:2f:37:a2:2d:ff:af:13:c4:a1:46:e2:0c:0e:
bd:8e:5c:16:ed:da:aa:78:8e:56:a4:d3:12:1a:8d:
fc:6c:8f:06:70:d4:f3:14:6a:5d:90:de:e2:89:bc:
1a:19:d3:f3:a4:2e:44:14:ac:d2:aa:b2:60:8f:12:
8b:7f:b1:26:f4:ae:07:6e:8f:42:b3:d9:ab:13:f6:
bc:42:92:db:b8:4d:26:0c:98:63:46:23:5f:ac:74:
ce:cc:5c:87:7b:09:4e:17:cf:b2:6b:d8:69:19:22:
33:42:07:4a:ee:6e:91:74:82:9f:0d:c4:f0:7e:26:
75:c8:a4:c6:ba:9a:7d:5e:76:c8:11:4f:09:a0:d9:
41:17:a8:c2:bf:40:63:ac:40:ed:20:7c:c8:72:a1:
d5:75:c6:f9:34:04:b4:4e:b0:ce:6b:bb:2e:1c:7c:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:97:74:D4:BF:8C:6E:77:D2:0B:32:FD:DB:3A:4A:EC:78:C5:4E:90
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/2Jd01L-MbnfSCzL92zpK7HjFTpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
Signature Algorithm: sha256WithRSAEncryption
93:bd:6e:18:1c:39:b3:78:b0:82:52:0c:9b:1f:cd:56:1b:92:
0c:2c:22:b5:25:6d:89:6b:2c:50:82:07:44:b4:e4:ee:8a:0b:
75:6b:da:22:45:c8:7f:e4:a9:af:da:6a:83:b5:81:aa:5e:ef:
d3:01:77:5c:33:9b:b5:67:6d:af:c1:69:b4:24:a5:e5:68:e0:
91:de:0e:55:d8:dc:5a:ed:b4:bc:09:47:fc:98:96:31:c2:37:
27:84:44:fa:9c:0b:91:f5:40:41:27:72:00:84:97:39:a0:b0:
9a:29:63:fa:fb:fd:79:82:bd:91:c4:0a:14:1f:53:a3:09:1a:
a6:bb:8d:8a:98:a6:a3:c2:5a:c7:8b:91:ac:6a:c1:dd:8c:13:
0b:a7:cf:f5:e7:5d:0d:89:9a:c8:5f:0d:ea:07:d7:be:43:58:
ff:61:d0:6b:d9:ca:ac:3a:e1:c6:88:61:ea:b2:64:ec:b3:ec:
11:97:98:66:62:ed:27:fd:a8:17:0a:19:da:26:5b:b6:d3:0a:
a2:e6:b1:4b:56:00:82:10:32:bb:fa:95:28:5f:28:b4:ef:da:
bd:f5:96:0a:25:b8:38:b9:a2:33:33:60:3d:7c:25:25:14:f8:
af:9a:5a:5e:53:9c:d0:e3:97:1e:de:e2:03:3b:ef:b5:65:95:
13:33:c3:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh4XwI67FRvRIYWwl22L0+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwNjAxMTkxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk3NzRkNGJmOGM2ZTc3ZDIwYjMyZmRkYjNhNGFlYzc4YzU0ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmueKcPj1tDctW6Ncnw0mzoGHOG3A
LSgik7lB4Xdoqf9dzPOAfNTFRyrTAt9jgWjyuLtKGRS9tZNmjrnWHry5xfjeMp+7
v1VHQv3ra/wyFSauzgaE4kODnlu6fC83oi3/rxPEoUbiDA69jlwW7dqqeI5WpNMS
Go38bI8GcNTzFGpdkN7iibwaGdPzpC5EFKzSqrJgjxKLf7Em9K4Hbo9Cs9mrE/a8
QpLbuE0mDJhjRiNfrHTOzFyHewlOF8+ya9hpGSIzQgdK7m6RdIKfDcTwfiZ1yKTG
upp9XnbIEU8JoNlBF6jCv0BjrEDtIHzIcqHVdcb5NAS0TrDOa7suHHwVpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiXdNS/jG530gsy/ds6Sux4xU6QMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvMkpkMDFMLU1ibmZTQ3pMOTJ6cEs3SGpGVHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe8kMA0G
CSqGSIb3DQEBCwUAA4IBAQCTvW4YHDmzeLCCUgybH81WG5IMLCK1JW2JayxQggdE
tOTuigt1a9oiRch/5Kmv2mqDtYGqXu/TAXdcM5u1Z22vwWm0JKXlaOCR3g5V2Nxa
7bS8CUf8mJYxwjcnhET6nAuR9UBBJ3IAhJc5oLCaKWP6+/15gr2RxAoUH1OjCRqm
u42KmKajwlrHi5GsasHdjBMLp8/1510NiZrIXw3qB9e+Q1j/YdBr2cqsOuHGiGHq
smTss+wRl5hmYu0n/agXChnaJlu20wqi5rFLVgCCEDK7+pUoXyi079q99ZYKJbg4
uaIzM2A9fCUlFPivmlpeU5zQ45ce3uIDO++1ZZUTM8Mr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org