Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Jx504txLI1pMCqjP0_vLfMG0rY.roa
File: 3Jx504txLI1pMCqjP0_vLfMG0rY.roa (raw, json)
Hash identifier: hWZnEc/a1/vEZ/JZVYc1qXSwnvRk0BVQ1p7s1F7mxZE=
Subject key identifier: DC:9C:79:D3:8B:71:2C:8D:69:30:2A:A3:3F:4F:EF:2D:F3:06:D2:B6
Certificate issuer: /CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Certificate serial: 01857139F65D77617C2D3612E99C567B6CEE
Authority key identifier: 57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Jx504txLI1pMCqjP0_vLfMG0rY.roa
Signing time: Mon 02 Jan 2023 06:45:01 +0000
ROA not before: Mon 02 Jan 2023 06:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12365
IP address blocks: 185.78.136.0/22 maxlen: 22
89.146.84.0/22 maxlen: 22
89.146.80.0/22 maxlen: 22
82.215.92.0/22 maxlen: 22
89.146.88.0/22 maxlen: 22
82.215.112.0/22 maxlen: 22
89.146.96.0/22 maxlen: 22
89.146.92.0/22 maxlen: 22
89.146.104.0/22 maxlen: 22
81.95.224.0/20 maxlen: 20
82.215.116.0/22 maxlen: 22
89.146.100.0/22 maxlen: 22
89.146.112.0/22 maxlen: 22
82.215.124.0/22 maxlen: 22
89.146.108.0/22 maxlen: 22
82.215.120.0/22 maxlen: 22
89.146.116.0/22 maxlen: 22
89.146.124.0/22 maxlen: 22
89.146.120.0/22 maxlen: 22
82.215.68.0/23 maxlen: 23
82.215.66.0/23 maxlen: 23
89.146.64.0/22 maxlen: 22
82.215.77.0/24 maxlen: 24
82.215.78.0/23 maxlen: 23
82.215.72.0/22 maxlen: 22
82.215.85.0/24 maxlen: 24
89.146.68.0/22 maxlen: 22
89.146.64.0/18 maxlen: 18
82.215.80.0/22 maxlen: 22
89.146.76.0/22 maxlen: 22
82.215.88.0/21 maxlen: 21
82.215.88.0/22 maxlen: 22
82.215.86.0/23 maxlen: 23
89.146.72.0/22 maxlen: 22
2a00:8841::/32 maxlen: 32
2a00:8840::/32 maxlen: 32
2a00:8842::/32 maxlen: 32
2a00:8846::/32 maxlen: 32
2a00:8843::/32 maxlen: 32
2a00:8844::/32 maxlen: 32
2a00:8845::/32 maxlen: 32
2a00:8847::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:f6:5d:77:61:7c:2d:36:12:e9:9c:56:7b:6c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574cca899ef5bf4237f0f6bdd1779221b20052f3
Validity
Not Before: Jan 2 06:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc9c79d38b712c8d69302aa33f4fef2df306d2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7b:98:f9:35:81:01:ed:92:e4:de:25:e3:1a:
58:33:4d:dd:16:bd:be:d4:13:fc:89:8f:c0:58:6f:
0d:f3:1d:e9:4e:93:23:75:19:68:b7:87:df:45:9a:
ac:f4:5d:40:bc:5a:3a:7f:ad:27:90:6f:37:3d:7a:
c7:93:e9:95:9f:8c:51:58:5e:24:d0:45:46:e4:f8:
5e:4c:b2:e7:6a:0c:5f:ca:cd:d4:f1:3b:8b:d2:bb:
6a:63:53:67:d7:4d:ab:80:3b:57:ff:a4:4f:ca:4c:
27:e1:2d:ce:2f:ca:86:ee:16:e1:9c:ac:c6:41:8a:
ab:14:46:1c:b4:90:e2:f7:c4:fd:69:93:10:f5:cf:
b2:64:c8:cd:c4:cf:4d:1a:8a:78:1d:cb:2d:df:fb:
12:1e:7d:b8:56:16:bb:4d:6b:fe:73:5b:8b:d5:b4:
cd:c6:25:c5:be:a0:5a:16:1a:e5:3c:e2:e0:04:2b:
af:1e:59:2b:ba:34:16:96:35:9c:13:7c:b1:c7:17:
3f:48:69:7f:03:fb:6e:87:26:e1:7f:71:a3:9f:47:
bb:b3:cf:ce:21:78:08:d3:c9:a1:12:7b:6a:d1:0b:
f5:98:ad:11:e2:0c:57:a2:e7:57:4d:85:17:5b:90:
36:34:d7:ea:bc:81:e0:ac:65:ea:ea:cc:8b:ac:48:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9C:79:D3:8B:71:2C:8D:69:30:2A:A3:3F:4F:EF:2D:F3:06:D2:B6
X509v3 Authority Key Identifier:
keyid:57:4C:CA:89:9E:F5:BF:42:37:F0:F6:BD:D1:77:92:21:B2:00:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0zKiZ71v0I38Pa90XeSIbIAUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/3Jx504txLI1pMCqjP0_vLfMG0rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/938abd-1019-4e7a-aa82-ee1126a28195/1/V0zKiZ71v0I38Pa90XeSIbIAUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.224.0/20
82.215.66.0-82.215.69.255
82.215.72.0/22
82.215.77.0-82.215.83.255
82.215.85.0-82.215.95.255
82.215.112.0/20
89.146.64.0/18
185.78.136.0/22
IPv6:
2a00:8840::/29
Signature Algorithm: sha256WithRSAEncryption
bb:08:22:93:35:2e:41:a8:8f:f2:63:a0:bb:54:77:e2:08:14:
04:eb:9b:90:ae:e8:35:46:6c:b8:7c:81:43:4c:48:37:d8:90:
b0:d0:d5:37:9b:c4:e2:68:a5:1c:3f:9e:e3:f6:2d:49:c7:5a:
fa:50:85:6e:d0:b0:f7:9f:d4:25:4a:f9:d6:16:8c:08:51:8c:
6d:04:5e:97:d6:90:71:a7:8a:58:66:ee:c1:40:d4:b3:92:a6:
6e:39:0e:16:9b:a9:e6:8b:a4:d1:64:97:f0:4a:65:d1:f1:35:
ad:88:f9:71:59:f7:a6:29:b3:8c:a8:89:ae:6d:a9:5e:b8:22:
f0:50:dc:1a:26:5d:b1:88:9e:de:38:df:62:06:51:54:7f:90:
12:b3:76:29:8e:45:44:5a:81:8a:28:d5:88:f9:8e:84:01:46:
37:31:69:ba:e3:c8:fb:e3:ef:b8:54:83:da:d9:34:c3:b9:36:
9b:cb:47:10:b9:cf:b4:03:30:c9:96:b2:67:a2:c8:34:58:bf:
d8:62:67:a3:fc:b4:e2:5a:e2:08:51:03:0c:6a:0f:b7:90:58:
6a:a5:bb:17:ec:87:3f:48:d0:0f:be:c3:c7:73:05:5d:6d:63:
8c:4a:c0:dc:93:4c:8c:a1:be:ee:c7:fc:03:a0:59:69:9c:07:
43:eb:a7:39
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVxOfZdd2F8LTYS6ZxWe2zuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGNjYTg5OWVmNWJmNDIzN2YwZjZiZGQxNzc5MjIxYjIw
MDUyZjMwHhcNMjMwMTAyMDY0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzljNzlkMzhiNzEyYzhkNjkzMDJhYTMzZjRmZWYyZGYzMDZkMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnuY+TWBAe2S5N4l4xpYM03dFr2+
1BP8iY/AWG8N8x3pTpMjdRlot4ffRZqs9F1AvFo6f60nkG83PXrHk+mVn4xRWF4k
0EVG5PheTLLnagxfys3U8TuL0rtqY1Nn102rgDtX/6RPykwn4S3OL8qG7hbhnKzG
QYqrFEYctJDi98T9aZMQ9c+yZMjNxM9NGop4Hcst3/sSHn24Vha7TWv+c1uL1bTN
xiXFvqBaFhrlPOLgBCuvHlkrujQWljWcE3yxxxc/SGl/A/tuhybhf3Gjn0e7s8/O
IXgI08mhEntq0Qv1mK0R4gxXoudXTYUXW5A2NNfqvIHgrGXq6syLrEiywQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFNycedOLcSyNaTAqoz9P7y3zBtK2MB8GA1UdIwQY
MBaAFFdMyome9b9CN/D2vdF3kiGyAFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODIt
ZWUxMTI2YTI4MTk1LzEvM0p4NTA0dHhMSTFwTUNxalAwX3ZMZk1HMHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MzhhYmQtMTAxOS00ZTdhLWFhODItZWUxMTI2YTI4MTk1
LzEvVjB6S2laNzF2MEkzOFBhOTBYZVNJYklBVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEUV/gMAwD
BAFS10IDBAFS10QDBAJS10gwDAMEAFLXTQMEAlLXUDAMAwQAUtdVAwQFUtdAAwQE
UtdwAwQGWZJAAwQCuU6IMA0EAgACMAcDBQMqAIhAMA0GCSqGSIb3DQEBCwUAA4IB
AQC7CCKTNS5BqI/yY6C7VHfiCBQE65uQrug1Rmy4fIFDTEg32JCw0NU3m8TiaKUc
P57j9i1Jx1r6UIVu0LD3n9QlSvnWFowIUYxtBF6X1pBxp4pYZu7BQNSzkqZuOQ4W
m6nmi6TRZJfwSmXR8TWtiPlxWfemKbOMqImubaleuCLwUNwaJl2xiJ7eON9iBlFU
f5ASs3YpjkVEWoGKKNWI+Y6EAUY3MWm648j74++4VIPa2TTDuTaby0cQuc+0AzDJ
lrJnosg0WL/YYmej/LTiWuIIUQMMag+3kFhqpbsX7Ic/SNAPvsPHcwVdbWOMSsDc
k0yMob7ux/wDoFlpnAdD66c5
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net