Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/23NO1SaKuBm2OW_SYFbBH-sWFy8.roa
File: 23NO1SaKuBm2OW_SYFbBH-sWFy8.roa (raw, json)
Hash identifier: l0L7zZc7Q4Fdhg8GyMer6sjTKxHNB7f4i4RV+EoJEsY=
Subject key identifier: DB:73:4E:D5:26:8A:B8:19:B6:39:6F:D2:60:56:C1:1F:EB:16:17:2F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01876A4CAEBBBCBBFFF43FF8A4A5626430BB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/23NO1SaKuBm2OW_SYFbBH-sWFy8.roa
Signing time: Mon 10 Apr 2023 08:33:43 +0000
ROA not before: Mon 10 Apr 2023 08:33:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203039
IP address blocks: 89.36.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:4c:ae:bb:bc:bb:ff:f4:3f:f8:a4:a5:62:64:30:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 10 08:33:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db734ed5268ab819b6396fd26056c11feb16172f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6d:fe:01:8b:f7:e6:98:f3:76:31:fc:49:16:
69:a9:7e:fc:01:15:64:ab:c6:f8:49:96:7d:8e:a3:
ea:fd:db:f0:25:55:f7:c6:84:07:ea:b8:a1:5d:ce:
23:86:1b:82:9b:89:7a:c8:50:93:5f:10:1f:80:e0:
f7:6d:15:de:a2:f9:b0:ef:97:8a:ae:5c:aa:ca:ce:
53:ca:a6:3b:8d:89:31:96:3b:98:ce:30:de:ee:83:
05:5c:31:ff:ca:3c:da:54:8b:a6:04:0c:5c:c8:41:
0b:c6:42:e9:c8:53:ad:a9:56:38:8f:55:eb:73:ea:
6b:f6:34:cc:77:eb:76:ec:fa:42:88:1e:d0:5a:1a:
25:fe:ea:2f:bb:4c:8d:d7:40:1c:68:65:09:85:b1:
40:1a:da:d3:12:3a:2f:8f:87:ef:86:76:70:9b:58:
28:04:1d:9d:5e:db:6c:5d:19:71:3b:e3:f6:d7:a4:
b2:80:62:a8:85:9e:06:e8:a2:12:3b:61:7e:f6:45:
7c:b2:a3:ed:f6:a2:f1:65:ab:24:01:04:6a:b8:c7:
3a:69:39:b3:7a:b9:cb:5a:c3:f5:b5:03:0a:14:78:
74:b5:5c:b5:92:a3:d9:e1:b9:9a:aa:fc:e3:f5:f8:
1a:47:ef:f5:b9:ec:c6:cd:67:f4:2e:1a:e3:40:bc:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:4E:D5:26:8A:B8:19:B6:39:6F:D2:60:56:C1:1F:EB:16:17:2F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/23NO1SaKuBm2OW_SYFbBH-sWFy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.22.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ba:35:e2:d4:b4:99:3f:9a:6d:7b:e2:37:35:b5:11:c7:fa:
9f:c6:d5:a5:f9:26:f7:6d:0e:e3:60:28:00:dd:20:13:0a:c0:
4b:a5:4c:9d:ee:f3:6a:92:98:f9:0b:60:0a:b9:bb:ff:6e:b2:
59:ce:e4:8a:b4:b4:c3:b0:90:2d:46:00:7e:ab:31:6d:99:3e:
34:37:db:ca:47:4a:f5:81:70:76:72:60:88:90:cf:7b:31:20:
37:ee:af:1e:10:99:6a:cd:47:98:6d:e8:cd:b9:b2:2c:1d:c1:
13:6b:3b:ff:1b:00:b5:91:81:4b:48:04:ba:7f:a4:cd:ae:24:
68:a0:5c:e7:bd:e3:9e:73:e2:85:65:86:2d:7c:e0:68:53:4a:
4e:a7:b9:ac:d8:42:a6:81:71:ae:2f:b0:7a:fc:ea:72:7f:8e:
15:bc:f7:be:67:67:99:e2:04:be:41:c9:dc:0f:da:5c:fd:7b:
f1:aa:95:c6:2e:92:30:02:e8:0d:cf:cf:ee:f6:9a:1e:99:8e:
55:48:34:b0:6d:fc:89:e7:de:2d:ab:76:4a:aa:70:3d:0c:e5:
9b:c3:31:61:1d:8b:d2:28:b7:fe:ab:39:e1:fe:fe:c8:f9:90:
8a:11:50:e9:c2:27:e9:32:88:73:ce:46:4f:70:86:e5:54:97:
53:4a:fa:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdqTK67vLv/9D/4pKViZDC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDEwMDgzMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjczNGVkNTI2OGFiODE5YjYzOTZmZDI2MDU2YzExZmViMTYxNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm3+AYv35pjzdjH8SRZpqX78ARVk
q8b4SZZ9jqPq/dvwJVX3xoQH6rihXc4jhhuCm4l6yFCTXxAfgOD3bRXeovmw75eK
rlyqys5TyqY7jYkxljuYzjDe7oMFXDH/yjzaVIumBAxcyEELxkLpyFOtqVY4j1Xr
c+pr9jTMd+t27PpCiB7QWhol/uovu0yN10AcaGUJhbFAGtrTEjovj4fvhnZwm1go
BB2dXttsXRlxO+P216SygGKohZ4G6KISO2F+9kV8sqPt9qLxZaskAQRquMc6aTmz
ernLWsP1tQMKFHh0tVy1kqPZ4bmaqvzj9fgaR+/1uezGzWf0LhrjQLxXwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtzTtUmirgZtjlv0mBWwR/rFhcvMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMjNOTzFTYUt1Qm0yT1dfU1lGYkJILXNXRnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSQWMA0G
CSqGSIb3DQEBCwUAA4IBAQANujXi1LSZP5pte+I3NbURx/qfxtWl+Sb3bQ7jYCgA
3SATCsBLpUyd7vNqkpj5C2AKubv/brJZzuSKtLTDsJAtRgB+qzFtmT40N9vKR0r1
gXB2cmCIkM97MSA37q8eEJlqzUeYbejNubIsHcETazv/GwC1kYFLSAS6f6TNriRo
oFznveOec+KFZYYtfOBoU0pOp7ms2EKmgXGuL7B6/Opyf44VvPe+Z2eZ4gS+Qcnc
D9pc/XvxqpXGLpIwAugNz8/u9poemY5VSDSwbfyJ594tq3ZKqnA9DOWbwzFhHYvS
KLf+qznh/v7I+ZCKEVDpwifpMohzzkZPcIblVJdTSvr5
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org