Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3sgeVesDuGRnEE2rPtpDIRKg3k4.roa
File: 3sgeVesDuGRnEE2rPtpDIRKg3k4.roa (raw, json)
Hash identifier: KYL1l2cuRNlYNtHa1fk8dMcrrSn9+H+2Q1sHgSPQ3i8=
Subject key identifier: DE:C8:1E:55:EB:03:B8:64:67:10:4D:AB:3E:DA:43:21:12:A0:DE:4E
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018944448FD352750095A1E254F7D2587429
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3sgeVesDuGRnEE2rPtpDIRKg3k4.roa
Signing time: Tue 11 Jul 2023 09:24:51 +0000
ROA not before: Tue 11 Jul 2023 09:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29632
IP address blocks: 95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
195.214.212.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.72.0/22 maxlen: 22
95.164.80.0/22 maxlen: 22
95.164.92.0/22 maxlen: 22
95.164.172.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.128.0/19 maxlen: 20
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.50.0/24 maxlen: 24
95.164.49.0/24 maxlen: 24
2a01:d0:8000::/33 maxlen: 33
2a01:d0::/32 maxlen: 32
2a01:d0:ffff::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:44:8f:d3:52:75:00:95:a1:e2:54:f7:d2:58:74:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 11 09:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dec81e55eb03b86467104dab3eda432112a0de4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:61:09:66:10:10:78:b6:87:ba:d0:a6:f5:a4:
21:41:7d:02:65:39:6f:84:ed:ed:9d:f4:c0:ea:24:
bf:94:86:86:eb:c2:4a:8d:df:ca:30:d9:bb:93:58:
f9:8a:cd:1f:40:76:0c:cc:45:c9:1b:6b:74:30:30:
da:2c:73:5f:7c:6f:8a:bf:5d:67:20:66:17:ac:a1:
59:d2:9d:d0:27:de:68:f9:2b:fa:7a:9f:13:a7:01:
43:4d:3a:c1:42:91:23:16:b4:b6:29:df:3d:64:14:
c7:5d:3c:1a:fa:48:21:a9:5f:8a:02:97:4b:2d:8f:
3a:76:75:53:56:a1:be:71:2e:dd:23:fb:9e:aa:c3:
4b:9e:66:5c:df:a3:db:30:cd:b9:a8:a1:b0:15:29:
6f:cb:f0:7f:3b:86:4e:37:96:6d:db:01:1d:b5:09:
b8:1f:9d:ef:05:97:13:94:78:89:69:0b:be:91:93:
75:ba:1c:04:4a:ab:66:12:23:a7:31:e5:1f:45:9c:
c4:f8:13:be:da:30:1f:b6:e4:4f:36:63:e1:4e:a0:
1f:83:0a:83:f1:a9:fa:a6:fc:72:56:90:2b:a5:1b:
df:fa:33:4c:81:bf:a1:a1:df:f8:85:29:27:39:80:
71:ea:5e:b4:6c:3b:72:f6:50:3f:04:7f:ab:35:9d:
1b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C8:1E:55:EB:03:B8:64:67:10:4D:AB:3E:DA:43:21:12:A0:DE:4E
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3sgeVesDuGRnEE2rPtpDIRKg3k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/22
95.164.170.0-95.164.175.255
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:8f:be:6b:96:f6:42:c3:62:3e:2b:ef:ed:5c:5e:e0:d2:78:
13:f6:48:f8:26:16:60:5e:e7:5e:ef:fa:12:b7:3d:ce:01:6a:
b1:28:07:a9:52:34:55:cc:c6:d8:a4:a1:8d:a9:d1:9d:8c:24:
91:63:cd:d8:1b:7b:64:9f:2e:56:b6:39:a1:e9:8c:53:c8:4b:
cf:d9:d2:d6:db:8c:0e:1d:2c:ea:05:40:df:a9:68:d6:06:41:
8f:ba:e3:a4:61:be:88:c5:d9:58:2d:ff:ec:05:ea:be:22:1d:
3b:23:9c:5c:60:5e:1d:4a:38:bb:10:94:28:c0:29:52:c4:e2:
20:3a:53:60:b7:9f:7b:01:c8:fa:8b:d9:98:b2:51:26:c9:42:
0a:23:4c:d2:c1:5f:aa:a9:2f:12:7e:4f:65:3e:31:85:75:bf:
95:6a:98:c9:c4:83:e9:44:e6:86:4b:a7:28:23:f3:76:a1:a5:
ea:b9:c9:ed:7c:02:f5:66:51:cd:77:8f:63:26:da:b9:80:30:
8c:40:25:d9:06:5a:ea:b5:d2:77:74:36:28:5e:25:94:40:19:
72:15:1f:02:0c:e2:d3:83:99:a3:cd:48:4a:a6:54:ef:43:d7:
2c:1f:ac:7f:ea:48:51:65:98:4b:ac:3a:57:7b:e2:71:70:23:
12:01:d9:5d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYlERI/TUnUAlaHiVPfSWHQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNzExMDkyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM4MWU1NWViMDNiODY0NjcxMDRkYWIzZWRhNDMyMTEyYTBkZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimEJZhAQeLaHutCm9aQhQX0CZTlv
hO3tnfTA6iS/lIaG68JKjd/KMNm7k1j5is0fQHYMzEXJG2t0MDDaLHNffG+Kv11n
IGYXrKFZ0p3QJ95o+Sv6ep8TpwFDTTrBQpEjFrS2Kd89ZBTHXTwa+kghqV+KApdL
LY86dnVTVqG+cS7dI/ueqsNLnmZc36PbMM25qKGwFSlvy/B/O4ZON5Zt2wEdtQm4
H53vBZcTlHiJaQu+kZN1uhwESqtmEiOnMeUfRZzE+BO+2jAftuRPNmPhTqAfgwqD
8an6pvxyVpArpRvf+jNMgb+hod/4hSknOYBx6l60bDty9lA/BH+rNZ0bewIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFN7IHlXrA7hkZxBNqz7aQyESoN5OMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvM3NnZVZlc0R1R1JuRUUyclB0cERJUktnM2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFPs2A
AwQBXoMAAwQAXoMEAwQAXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kODAMAwQDX6RIAwQAX6RMAwQCX6RQAwQCX6RcMAwDBAFfpKoDBARf
pKADBAPD1tAwDQQCAAIwBwMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAG+PvmuW
9kLDYj4r7+1cXuDSeBP2SPgmFmBe517v+hK3Pc4BarEoB6lSNFXMxtikoY2p0Z2M
JJFjzdgbe2SfLla2OaHpjFPIS8/Z0tbbjA4dLOoFQN+paNYGQY+646RhvojF2Vgt
/+wF6r4iHTsjnFxgXh1KOLsQlCjAKVLE4iA6U2C3n3sByPqL2ZiyUSbJQgojTNLB
X6qpLxJ+T2U+MYV1v5VqmMnEg+lE5oZLpygj83ahpeq5ye18AvVmUc13j2Mm2rmA
MIxAJdkGWuq10nd0NiheJZRAGXIVHwIM4tODmaPNSEqmVO9D1ywfrH/qSFFlmEus
Old74nFwIxIB2V0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net