Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3isuP0v_g3AISXCvzhIYSK6CU0k.roa
File: 3isuP0v_g3AISXCvzhIYSK6CU0k.roa (raw, json)
Hash identifier: MpIu6yNrQfPVE+BtPuZNFDiJl7sDVb8zoxlfEnHMFxM=
Subject key identifier: DE:2B:2E:3F:4B:FF:83:70:08:49:70:AF:CE:12:18:48:AE:82:53:49
Certificate issuer: /CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Certificate serial: 01856BC12881EDFC55D932B798D3A77125AD
Authority key identifier: DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3isuP0v_g3AISXCvzhIYSK6CU0k.roa
Signing time: Sun 01 Jan 2023 05:14:59 +0000
ROA not before: Sun 01 Jan 2023 05:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43070
IP address blocks: 89.187.192.0/22 maxlen: 22
89.187.196.0/23 maxlen: 23
77.95.40.0/21 maxlen: 21
185.45.136.0/22 maxlen: 22
2a02:910::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:28:81:ed:fc:55:d9:32:b7:98:d3:a7:71:25:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Validity
Not Before: Jan 1 05:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de2b2e3f4bff8370084970afce121848ae825349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:c6:38:fa:8b:0e:33:ce:70:75:be:b3:72:
68:b4:0e:3b:02:7c:45:07:f9:27:4f:89:4c:95:1f:
99:8c:29:55:70:04:50:d5:e3:09:48:57:3d:24:92:
ed:87:cc:fb:70:b0:32:ac:ec:81:05:fc:06:3a:68:
a1:fe:01:85:5b:1a:d8:a5:5c:71:9c:f4:ce:70:7b:
41:7e:1e:32:e6:0d:47:b5:8e:23:67:6e:7e:be:55:
f8:af:68:68:a2:c7:32:b0:db:13:7c:a3:5e:2a:03:
4e:4b:ac:85:7b:3a:d2:a3:13:f0:36:dc:7d:b7:ea:
ff:ff:e5:24:bc:a1:63:7d:e1:1b:af:cf:8f:c8:16:
0c:82:a3:6b:9e:13:a4:84:e4:64:6a:e9:e1:fd:f8:
d0:b6:8c:a6:ea:17:b1:a6:ee:19:09:08:c1:26:61:
bc:43:6f:09:0b:2c:0f:49:80:13:df:29:3f:5e:cd:
ab:b1:33:c0:f3:e4:fc:e0:2c:dd:90:30:44:93:94:
da:c5:17:d0:8b:ed:1b:ea:1a:a4:04:b0:44:d9:97:
23:af:01:6a:59:79:e5:b5:af:92:bd:29:fd:31:04:
35:b0:bf:10:15:e2:45:36:89:d1:fc:dd:7c:4a:cc:
46:cc:4e:14:37:74:c6:f1:8c:ed:a8:8e:87:51:58:
29:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2B:2E:3F:4B:FF:83:70:08:49:70:AF:CE:12:18:48:AE:82:53:49
X509v3 Authority Key Identifier:
keyid:DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3isuP0v_g3AISXCvzhIYSK6CU0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.40.0/21
89.187.192.0-89.187.197.255
185.45.136.0/22
IPv6:
2a02:910::/32
Signature Algorithm: sha256WithRSAEncryption
55:77:34:27:ee:47:81:24:d1:a8:72:28:88:d5:47:6d:d2:f7:
00:cb:34:ff:38:51:f4:15:e6:ca:7e:4d:32:2d:65:da:7f:a6:
57:8a:41:f9:39:cd:97:f3:54:a5:48:48:05:c5:a6:db:85:10:
69:85:5d:8f:7d:ab:06:51:ec:f2:51:79:4c:97:a2:0e:c4:44:
35:f5:33:80:a1:f8:5a:5f:93:8d:4a:fe:2c:28:af:08:dd:42:
c9:26:76:8c:2c:04:1f:04:6a:f6:f4:ef:10:71:49:89:3b:93:
e7:01:30:b9:b0:5c:ff:6c:76:9c:55:89:4c:04:c8:a6:bc:33:
a7:24:96:c0:61:ef:2a:3b:94:8f:d6:09:41:6b:7d:0c:17:89:
08:0d:aa:0e:a7:df:27:ac:f2:97:32:1f:0e:f2:91:6f:37:50:
0b:41:9c:8f:f6:bb:a1:e7:9b:f8:1f:eb:91:df:19:68:14:fd:
9d:3c:61:b8:16:fc:72:b9:b7:7f:36:0b:f1:c7:5b:8b:a6:fd:
d8:2a:c4:5e:ea:d6:3f:8d:2f:04:a0:3f:e9:0f:05:0f:59:a2:
4a:34:a0:92:8c:8b:fb:0d:a7:e1:d1:b9:4d:1d:9b:47:80:f5:
95:45:34:41:5d:78:7f:25:f2:93:c4:dc:a8:1a:50:60:16:4a:
25:c6:f1:9e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVrwSiB7fxV2TK3mNOncSWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTU3MmZjYmQ2NjVmNzJlMDBlNWZmZGI4ZGI4MDJkMWNi
ZWM4OTQwHhcNMjMwMTAxMDUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJiMmUzZjRiZmY4MzcwMDg0OTcwYWZjZTEyMTg0OGFlODI1MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph7GOPqLDjPOcHW+s3JotA47AnxF
B/knT4lMlR+ZjClVcARQ1eMJSFc9JJLth8z7cLAyrOyBBfwGOmih/gGFWxrYpVxx
nPTOcHtBfh4y5g1HtY4jZ25+vlX4r2hooscysNsTfKNeKgNOS6yFezrSoxPwNtx9
t+r//+UkvKFjfeEbr8+PyBYMgqNrnhOkhORkaunh/fjQtoym6hexpu4ZCQjBJmG8
Q28JCywPSYAT3yk/Xs2rsTPA8+T84CzdkDBEk5TaxRfQi+0b6hqkBLBE2ZcjrwFq
WXnlta+SvSn9MQQ1sL8QFeJFNonR/N18SsxGzE4UN3TG8YztqI6HUVgpUQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFN4rLj9L/4NwCElwr84SGEiuglNJMB8GA1UdIwQY
MBaAFN6Vcvy9Zl9y4A5f/bjbgC0cvsiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODct
YTkyOTM0Y2IxZGU4LzEvM2lzdVAwdl9nM0FJU1hDdnpoSVlTSzZDVTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODctYTkyOTM0Y2IxZGU4
LzEvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDTV8oMAwD
BAZZu8ADBAFZu8QDBAK5LYgwDQQCAAIwBwMFACoCCRAwDQYJKoZIhvcNAQELBQAD
ggEBAFV3NCfuR4Ek0ahyKIjVR23S9wDLNP84UfQV5sp+TTItZdp/pleKQfk5zZfz
VKVISAXFptuFEGmFXY99qwZR7PJReUyXog7ERDX1M4Ch+Fpfk41K/iworwjdQskm
dowsBB8Eavb07xBxSYk7k+cBMLmwXP9sdpxViUwEyKa8M6cklsBh7yo7lI/WCUFr
fQwXiQgNqg6n3yes8pcyHw7ykW83UAtBnI/2u6Hnm/gf65HfGWgU/Z08YbgW/HK5
t382C/HHW4um/dgqxF7q1j+NLwSgP+kPBQ9Zoko0oJKMi/sNp+HRuU0dm0eA9ZVF
NEFdeH8l8pPE3KgaUGAWSiXG8Z4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:10 2024 by rpki-client on console-fra.rpki-client.org