Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/U5eBBmEME2IEddb1WIdwVIhUzDs.roa
File: U5eBBmEME2IEddb1WIdwVIhUzDs.roa (raw, json)
Hash identifier: 92kA6x0WetPAZ9oU+EyxnLG8YyStQHYwx4VtNjVXCWw=
Subject key identifier: 53:97:81:06:61:0C:13:62:04:75:D6:F5:58:87:70:54:88:54:CC:3B
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 018C6333C53BDCF100ACCBDE3AFBF31E785D
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/U5eBBmEME2IEddb1WIdwVIhUzDs.roa
Signing time: Wed 13 Dec 2023 12:43:06 +0000
ROA not before: Wed 13 Dec 2023 12:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205555
IP address blocks: 185.214.53.0/24 maxlen: 24
185.214.54.0/24 maxlen: 24
185.214.55.0/24 maxlen: 24
185.214.52.0/24 maxlen: 24
2a0b:95c0::/32 maxlen: 32
2a0b:95c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:33:c5:3b:dc:f1:00:ac:cb:de:3a:fb:f3:1e:78:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Dec 13 12:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53978106610c13620475d6f5588770548854cc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d7:8f:a9:80:59:59:13:5a:de:6f:0f:6c:83:
72:37:84:c2:04:fe:81:fa:7d:08:5d:a6:53:ec:5f:
22:c6:59:6c:f2:aa:03:14:4d:05:99:10:5c:16:05:
a9:fb:81:54:f4:8c:56:a7:4d:e0:00:36:9f:12:1e:
21:3e:88:9d:02:e8:73:18:f2:8c:e2:c3:71:38:6c:
5e:7a:74:e4:c6:78:3b:1f:03:e2:3b:ae:31:71:06:
f1:4a:32:1f:9f:26:56:e1:53:87:04:ec:8b:28:97:
23:d9:36:a3:a0:47:69:42:5a:8f:04:94:0b:5a:c7:
07:fb:ac:8f:6e:9f:e1:a9:9e:84:81:63:38:a5:de:
22:78:c9:04:09:1b:a9:28:d9:f7:e4:79:d8:3b:8f:
98:16:b4:d2:f5:92:34:8a:04:76:7d:d6:01:47:47:
67:47:0e:22:e4:ac:de:10:2e:9c:34:76:85:66:7f:
39:60:e3:63:1f:d9:1a:1f:a5:c6:20:4b:ee:93:5f:
3c:ed:94:f1:18:7f:3f:9d:b1:45:94:7a:d0:91:2c:
d7:44:33:91:4a:d8:b8:b2:1f:58:48:13:80:23:dc:
aa:66:04:2e:47:13:71:d2:8e:d3:b9:8d:53:6e:a7:
86:e6:2e:c0:e8:40:7e:dd:15:55:ab:f6:36:df:e1:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:97:81:06:61:0C:13:62:04:75:D6:F5:58:87:70:54:88:54:CC:3B
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/U5eBBmEME2IEddb1WIdwVIhUzDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.52.0/22
IPv6:
2a0b:95c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:3c:70:ff:7a:46:a9:70:41:9e:2e:d6:26:5b:a1:8d:4e:2a:
09:12:ff:0f:d3:8d:72:3e:cd:f7:95:7d:be:8b:34:d2:76:74:
e4:3c:bb:4c:b5:59:05:1b:03:b0:a4:55:3c:3a:14:b8:b4:50:
10:cf:87:ef:51:dc:3e:6b:4b:fd:5e:c1:75:35:12:3b:32:de:
0f:42:76:eb:43:27:33:02:1e:06:92:ae:ec:e3:cc:21:47:0e:
ae:5e:9c:70:b2:62:10:ea:d0:bf:21:21:e9:8b:9f:2c:f9:88:
94:a8:d4:6f:75:1b:f3:2a:b9:1b:3b:65:3c:47:98:ad:29:d6:
cc:a5:72:7a:fa:fc:ab:34:73:f6:0d:be:6a:bd:37:20:02:b1:
e5:ae:88:8a:58:a5:c0:4f:c1:2d:ec:22:9d:95:fc:a1:de:c5:
57:51:2a:21:b7:7c:f3:52:fe:7b:06:c7:9c:46:10:24:d0:94:
08:2f:20:45:bc:ff:c1:ad:1c:24:bf:01:5e:ae:f7:45:30:a6:
a2:27:9f:c5:38:06:2c:3e:29:1e:ae:69:e8:bc:9f:f3:18:ba:
5d:37:ab:41:ab:87:29:d7:00:80:36:b5:1f:9e:9d:20:4a:30:
1f:b0:99:47:26:35:cf:16:4c:51:21:45:9a:3a:de:59:0f:da:
c5:94:c7:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxjM8U73PEArMveOvvzHnhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjMxMjEzMTI0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk3ODEwNjYxMGMxMzYyMDQ3NWQ2ZjU1ODg3NzA1NDg4NTRjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydePqYBZWRNa3m8PbINyN4TCBP6B
+n0IXaZT7F8ixlls8qoDFE0FmRBcFgWp+4FU9IxWp03gADafEh4hPoidAuhzGPKM
4sNxOGxeenTkxng7HwPiO64xcQbxSjIfnyZW4VOHBOyLKJcj2TajoEdpQlqPBJQL
WscH+6yPbp/hqZ6EgWM4pd4ieMkECRupKNn35HnYO4+YFrTS9ZI0igR2fdYBR0dn
Rw4i5KzeEC6cNHaFZn85YONjH9kaH6XGIEvuk1887ZTxGH8/nbFFlHrQkSzXRDOR
Sti4sh9YSBOAI9yqZgQuRxNx0o7TuY1TbqeG5i7A6EB+3RVVq/Y23+GE5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFOXgQZhDBNiBHXW9ViHcFSIVMw7MB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvVTVlQkJtRU1FMklFZGRiMVdJZHdWSWhVekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudY0MA0E
AgACMAcDBQAqC5XAMA0GCSqGSIb3DQEBCwUAA4IBAQCMPHD/ekapcEGeLtYmW6GN
TioJEv8P041yPs33lX2+izTSdnTkPLtMtVkFGwOwpFU8OhS4tFAQz4fvUdw+a0v9
XsF1NRI7Mt4PQnbrQyczAh4Gkq7s48whRw6uXpxwsmIQ6tC/ISHpi58s+YiUqNRv
dRvzKrkbO2U8R5itKdbMpXJ6+vyrNHP2Db5qvTcgArHlroiKWKXAT8Et7CKdlfyh
3sVXUSoht3zzUv57BsecRhAk0JQILyBFvP/BrRwkvwFervdFMKaiJ5/FOAYsPike
rmnovJ/zGLpdN6tBq4cp1wCANrUfnp0gSjAfsJlHJjXPFkxRIUWaOt5ZD9rFlMcL
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net