Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/3IT_CueziDm4_txxijhmxckOE6c.roa
File: 3IT_CueziDm4_txxijhmxckOE6c.roa (raw, json)
Hash identifier: NCXepehrvh/LjppVuQMGi66Tbn9bIQIEdyBmawkNu38=
Subject key identifier: DC:84:FF:0A:E7:B3:88:39:B8:FE:DC:71:8A:38:66:C5:C9:0E:13:A7
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018702FE84F47B90960827168429A5EF63B0
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/3IT_CueziDm4_txxijhmxckOE6c.roa
Signing time: Tue 21 Mar 2023 07:07:27 +0000
ROA not before: Tue 21 Mar 2023 07:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49025
IP address blocks: 185.111.108.0/22 maxlen: 22
95.173.200.0/21 maxlen: 21
95.173.204.0/22 maxlen: 22
95.173.208.0/21 maxlen: 21
95.173.216.0/21 maxlen: 21
185.2.40.0/22 maxlen: 22
2a02:a48:f000::/36 maxlen: 36
2a06:5d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 10:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:02:fe:84:f4:7b:90:96:08:27:16:84:29:a5:ef:63:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Mar 21 07:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc84ff0ae7b38839b8fedc718a3866c5c90e13a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:09:36:42:df:c6:4f:90:14:8b:13:61:e7:0b:
5f:11:83:91:b2:e1:e9:c5:bd:c1:8c:30:60:5d:32:
26:d7:00:58:ab:c3:5a:3f:e4:ed:24:7c:83:93:49:
a3:8a:26:f1:dc:66:1b:6b:86:44:91:a3:a0:0c:62:
9e:c2:f2:b3:f5:c6:01:cc:c2:c2:d9:50:d8:65:1e:
4d:ed:cc:11:a1:73:39:c9:81:ea:8b:50:f4:16:9d:
27:1a:ca:72:b3:90:d2:e9:89:57:f3:b2:38:d3:1c:
ad:07:75:b6:dc:ea:4c:eb:0f:b3:df:fe:de:0c:86:
43:7e:92:53:58:bf:09:db:cf:3f:17:54:aa:74:22:
53:91:e6:35:e6:78:a8:3c:1a:ab:a4:f0:cc:57:c6:
77:e8:cd:df:fb:cf:8b:95:d8:25:61:00:bd:76:95:
5c:4f:83:f9:63:43:fe:c8:f8:26:df:de:72:78:30:
85:61:d6:fe:70:10:7b:e7:dc:92:bc:ac:67:31:25:
56:18:4a:d7:ca:72:e6:dd:38:69:74:16:b9:aa:6e:
91:25:a6:27:3f:ab:09:f3:d5:b9:a5:36:09:14:5c:
da:0d:26:9d:db:43:0f:4b:4b:ac:a4:b7:fa:a3:fc:
02:6e:65:34:a1:c9:e7:53:7f:14:50:21:34:a1:a8:
75:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:84:FF:0A:E7:B3:88:39:B8:FE:DC:71:8A:38:66:C5:C9:0E:13:A7
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/3IT_CueziDm4_txxijhmxckOE6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0-95.173.223.255
185.2.40.0/22
185.111.108.0/22
IPv6:
2a02:a48:f000::/36
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
92:2a:4d:3c:b4:97:57:5c:70:da:40:80:8f:68:46:2d:9d:93:
ca:c9:79:d5:c8:25:ce:84:44:e7:18:4f:03:0d:f8:90:dc:6c:
d2:e4:75:46:6b:bd:bd:fd:54:d2:fe:05:3a:6b:4c:28:cb:e6:
f1:77:d4:7d:d1:85:44:72:50:41:d9:8f:c7:6c:38:27:3d:57:
1f:84:bf:76:66:4e:15:af:af:ba:5c:59:c8:9d:ce:ee:a3:0d:
d7:1e:a3:9f:bd:3b:81:5a:23:ec:42:8c:36:c6:83:b9:c2:6a:
5c:85:e1:da:a6:9b:9e:86:0d:71:39:40:16:49:de:ce:d4:83:
95:34:26:d6:b8:31:a5:4a:6f:61:1c:84:c4:33:fc:fe:a2:bc:
32:9b:1b:94:8e:af:b5:9c:b7:2a:87:01:b7:77:d9:0c:d2:a7:
87:cd:ff:4d:7d:a4:59:a0:8c:fe:38:f4:cd:4f:ca:af:99:7c:
ce:0c:68:10:2b:d6:84:b6:89:40:65:43:5e:57:52:0e:40:5c:
3b:d6:11:c9:c8:72:20:2f:08:0e:c2:b2:fc:c0:81:b3:51:e4:
24:01:05:ec:96:c8:20:24:db:eb:ee:bd:5c:58:5d:3c:db:d2:
ed:52:59:41:50:83:94:4c:73:9f:42:03:e4:8e:0c:58:f3:93:
2c:84:b6:b6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYcC/oT0e5CWCCcWhCml72OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjMwMzIxMDcwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg0ZmYwYWU3YjM4ODM5YjhmZWRjNzE4YTM4NjZjNWM5MGUxM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowk2Qt/GT5AUixNh5wtfEYORsuHp
xb3BjDBgXTIm1wBYq8NaP+TtJHyDk0mjiibx3GYba4ZEkaOgDGKewvKz9cYBzMLC
2VDYZR5N7cwRoXM5yYHqi1D0Fp0nGspys5DS6YlX87I40xytB3W23OpM6w+z3/7e
DIZDfpJTWL8J288/F1SqdCJTkeY15nioPBqrpPDMV8Z36M3f+8+LldglYQC9dpVc
T4P5Y0P+yPgm395yeDCFYdb+cBB759ySvKxnMSVWGErXynLm3ThpdBa5qm6RJaYn
P6sJ89W5pTYJFFzaDSad20MPS0uspLf6o/wCbmU0ocnnU38UUCE0oah1JwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNyE/wrns4g5uP7ccYo4ZsXJDhOnMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvM0lUX0N1ZXppRG00X3R4eGlqaG14Y2tPRTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAgBAIAATAaMAwDBANfrcgD
BAVfrcADBAK5AigDBAK5b2wwFQQCAAIwDwMGBCoCCkjwAwUAKgZdgDANBgkqhkiG
9w0BAQsFAAOCAQEAkipNPLSXV1xw2kCAj2hGLZ2Tysl51cglzoRE5xhPAw34kNxs
0uR1Rmu9vf1U0v4FOmtMKMvm8XfUfdGFRHJQQdmPx2w4Jz1XH4S/dmZOFa+vulxZ
yJ3O7qMN1x6jn707gVoj7EKMNsaDucJqXIXh2qabnoYNcTlAFkneztSDlTQm1rgx
pUpvYRyExDP8/qK8MpsblI6vtZy3KocBt3fZDNKnh83/TX2kWaCM/jj0zU/Kr5l8
zgxoECvWhLaJQGVDXldSDkBcO9YRychyIC8IDsKy/MCBs1HkJAEF7JbIICTb6+69
XFhdPNvS7VJZQVCDlExzn0ID5I4MWPOTLIS2tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org