Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/3bA_T1O3e9fWTMf5_0SD1yrLzZY.roa
File: 3bA_T1O3e9fWTMf5_0SD1yrLzZY.roa (raw, json)
Hash identifier: W8ZlIEP3t/Y7V3jyNqgt+dDfyyw4u7y2t3dFwlahnjw=
Subject key identifier: DD:B0:3F:4F:53:B7:7B:D7:D6:4C:C7:F9:FF:44:83:D7:2A:CB:CD:96
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 0185739F1067E94217A595C2DF28BF1B54DF
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/3bA_T1O3e9fWTMf5_0SD1yrLzZY.roa
Signing time: Mon 02 Jan 2023 17:54:42 +0000
ROA not before: Mon 02 Jan 2023 17:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42811
IP address blocks: 95.176.0.0/17 maxlen: 17
185.147.220.0/22 maxlen: 22
81.14.0.0/17 maxlen: 17
2a00:be80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:9f:10:67:e9:42:17:a5:95:c2:df:28:bf:1b:54:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 2 17:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddb03f4f53b77bd7d64cc7f9ff4483d72acbcd96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1b:da:47:c3:a9:fd:49:bd:fe:b5:aa:9b:84:
d3:a5:e4:f2:60:26:17:fd:25:8a:59:3d:5a:ba:85:
72:c0:88:81:cb:14:7e:0f:26:d3:07:92:1d:65:81:
36:d6:c0:fa:ce:15:a9:31:fd:17:13:06:ae:4e:cf:
30:99:22:de:51:e7:d6:88:95:bc:93:7a:f9:6d:1e:
78:ca:2e:6b:dc:e4:09:c0:ce:42:5e:ba:0e:8d:51:
d9:36:ff:1a:2c:6d:ff:12:b7:79:c9:39:66:26:e9:
5f:5b:90:55:3f:36:10:5b:aa:39:ac:c0:5d:48:d2:
97:49:42:38:e7:b3:c5:29:84:2f:97:e4:d1:ed:44:
d6:cd:50:0e:69:d8:ec:89:a7:fe:24:89:01:7c:d3:
ce:2e:14:e8:4c:92:b6:37:b1:1f:87:38:3a:31:e8:
b4:bf:fe:6c:32:70:c5:e4:1e:68:6f:13:fe:d2:5d:
a6:9d:bc:80:80:e0:10:83:9e:c3:26:6b:40:20:c0:
1c:34:70:9c:dc:61:af:8e:8a:6b:a4:b7:50:5d:5e:
7f:11:eb:fb:39:87:a0:e9:74:ca:3f:5b:3f:0d:e0:
c7:1a:4e:ac:f2:0a:61:eb:3b:f6:1d:c6:82:dd:ad:
a4:6f:a5:3a:b7:4b:58:3f:d3:12:ab:89:c7:a9:1a:
7c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B0:3F:4F:53:B7:7B:D7:D6:4C:C7:F9:FF:44:83:D7:2A:CB:CD:96
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/3bA_T1O3e9fWTMf5_0SD1yrLzZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
23:12:e7:e4:72:b5:d2:84:66:43:32:9b:ed:6b:b7:40:62:62:
97:59:3b:97:5d:6c:3f:35:87:5f:d9:bd:6b:db:97:97:e0:39:
f5:61:e0:ea:4b:4c:2e:38:fb:1e:f2:39:14:f0:87:da:90:a8:
17:77:3e:75:33:c0:69:05:8f:7a:80:5d:59:fe:81:82:03:56:
f4:b0:98:cf:82:e2:d5:9f:0e:11:82:f9:76:ab:5c:d0:00:14:
2a:80:06:25:d6:cc:db:4a:69:cd:0d:61:e3:42:fc:1b:07:1e:
8d:53:2c:50:49:73:33:01:ed:49:54:c5:aa:f3:ab:1b:b7:06:
93:63:8f:95:18:6f:5f:53:97:ee:41:2d:61:3e:48:b8:75:85:
d1:0b:d0:1c:40:34:6a:d9:10:83:50:5a:7f:04:b1:15:fc:4f:
4a:59:1b:2e:ea:e6:2e:be:44:ac:7c:03:85:05:32:76:54:75:
8d:68:af:cf:b6:70:cf:4a:b6:ec:bb:63:71:d5:d6:3c:4d:56:
72:1f:38:53:cd:30:b3:fc:aa:7c:04:9b:c0:d4:51:88:ce:44:
e7:7d:66:42:c5:09:a2:4b:49:0c:d3:a2:f2:23:4d:af:85:6e:
44:2f:47:57:d5:44:ab:ea:13:1e:ad:b7:08:5f:da:70:1c:78:
8b:36:c1:c4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVznxBn6UIXpZXC3yi/G1TfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTI4NzkyN2FkN2IxZGI0NzlhZTVhYjkyYWI4N2M0YTRm
YWY0OTYwHhcNMjMwMTAyMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIwM2Y0ZjUzYjc3YmQ3ZDY0Y2M3ZjlmZjQ0ODNkNzJhY2JjZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxvaR8Op/Um9/rWqm4TTpeTyYCYX
/SWKWT1auoVywIiByxR+DybTB5IdZYE21sD6zhWpMf0XEwauTs8wmSLeUefWiJW8
k3r5bR54yi5r3OQJwM5CXroOjVHZNv8aLG3/Erd5yTlmJulfW5BVPzYQW6o5rMBd
SNKXSUI457PFKYQvl+TR7UTWzVAOadjsiaf+JIkBfNPOLhToTJK2N7Efhzg6Mei0
v/5sMnDF5B5obxP+0l2mnbyAgOAQg57DJmtAIMAcNHCc3GGvjoprpLdQXV5/Eev7
OYeg6XTKP1s/DeDHGk6s8gph6zv2HcaC3a2kb6U6t0tYP9MSq4nHqRp8LQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN2wP09Tt3vX1kzH+f9Eg9cqy82WMB8GA1UdIwQY
MBaAFBASh5J617HbR5rlq5Krh8Sk+vSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMt
NzNhNDUyYmFmYjQ2LzEvM2JBX1QxTzNlOWZXVE1mNV8wU0QxeXJMelpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMtNzNhNDUyYmFmYjQ2
LzEvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHUQ4AAwQH
X7AAAwQCuZPcMA0EAgACMAcDBQAqAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQAjEufk
crXShGZDMpvta7dAYmKXWTuXXWw/NYdf2b1r25eX4Dn1YeDqS0wuOPse8jkU8Ifa
kKgXdz51M8BpBY96gF1Z/oGCA1b0sJjPguLVnw4Rgvl2q1zQABQqgAYl1szbSmnN
DWHjQvwbBx6NUyxQSXMzAe1JVMWq86sbtwaTY4+VGG9fU5fuQS1hPki4dYXRC9Ac
QDRq2RCDUFp/BLEV/E9KWRsu6uYuvkSsfAOFBTJ2VHWNaK/PtnDPSrbsu2Nx1dY8
TVZyHzhTzTCz/Kp8BJvA1FGIzkTnfWZCxQmiS0kM06LyI02vhW5EL0dX1USr6hMe
rbcIX9pwHHiLNsHE
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:16 2024 by rpki-client on console-fra.rpki-client.org