Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/V9HiB7vliD7w3G2YSLscADonAns.roa
File: V9HiB7vliD7w3G2YSLscADonAns.roa (raw, json)
Hash identifier: A86pT0VAJld0aKW1nRcnCKNw+viTpMtNuBKZLnm0S7w=
Subject key identifier: 57:D1:E2:07:BB:E5:88:3E:F0:DC:6D:98:48:BB:1C:00:3A:27:02:7B
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 018C63CBBF39D00ABA17A2477F8EF681AF05
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/V9HiB7vliD7w3G2YSLscADonAns.roa
Signing time: Wed 13 Dec 2023 15:29:06 +0000
ROA not before: Wed 13 Dec 2023 15:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205555
IP address blocks: 5.182.156.0/22 maxlen: 22
185.214.53.0/24 maxlen: 24
185.214.54.0/24 maxlen: 24
185.214.55.0/24 maxlen: 24
185.214.52.0/24 maxlen: 24
2a0b:95c0::/32 maxlen: 32
2a0b:95c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:cb:bf:39:d0:0a:ba:17:a2:47:7f:8e:f6:81:af:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Dec 13 15:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57d1e207bbe5883ef0dc6d9848bb1c003a27027b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:95:16:4e:2a:f4:ec:5b:4f:09:99:b0:04:
c4:c0:55:89:7d:3f:38:46:9d:ad:4a:4b:82:2b:ae:
86:bf:ab:ab:bf:01:f8:48:51:e1:6e:29:2c:68:f4:
97:57:8e:d1:df:44:14:71:e4:75:fa:51:74:a4:5e:
b5:bf:f9:44:37:69:31:95:a1:58:36:5f:e0:fc:e4:
27:eb:00:57:fa:ef:42:90:5e:4e:71:65:61:d0:28:
20:49:15:18:79:4b:7e:67:cb:5e:af:0e:a6:32:1b:
ff:ae:52:d1:7f:49:41:b2:7f:1a:35:9c:14:88:01:
58:2c:27:f7:b3:da:82:ab:4f:5a:3e:fe:21:1d:fd:
cb:01:ef:be:54:a4:6d:c4:f2:c4:83:78:7a:17:34:
10:14:d9:46:2c:c8:bc:f0:7d:f4:60:8d:ef:ac:28:
30:bb:f0:c3:39:a8:5f:f2:96:d8:5f:fa:05:af:c6:
fe:4d:11:c1:60:e3:76:8f:95:25:58:ef:ab:10:d6:
3e:2f:c8:4f:fc:8a:35:c1:a9:7a:db:40:93:5f:89:
a2:76:44:c7:c5:cf:0c:64:30:9c:0b:5c:ff:1a:64:
b3:5a:d9:49:7c:45:59:9d:f8:f0:f2:26:3a:d3:46:
0f:9b:48:86:07:e2:a3:3e:f3:b5:c1:dc:d3:df:6e:
9c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D1:E2:07:BB:E5:88:3E:F0:DC:6D:98:48:BB:1C:00:3A:27:02:7B
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/V9HiB7vliD7w3G2YSLscADonAns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.156.0/22
185.214.52.0/22
IPv6:
2a0b:95c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:b1:6e:31:cf:13:16:5a:2b:67:8f:24:f8:4e:b4:8f:1f:a2:
d8:12:bd:d1:34:56:c2:78:9e:9d:5c:a5:40:0c:0d:0f:2c:d9:
da:a1:fd:a4:e0:03:84:11:e5:75:30:10:f5:e5:63:2c:ad:25:
4a:f6:cf:bc:fd:d3:24:94:c5:50:c8:46:8f:ca:68:aa:f1:f3:
e3:d1:82:c8:ed:64:78:01:c4:ac:0e:6c:f3:b2:ba:41:62:f3:
39:50:03:a7:30:17:7d:3c:c5:69:3b:e9:a5:4a:20:e8:bb:c2:
89:43:40:a4:a5:bb:f1:99:62:0e:f8:2c:d1:9d:ee:ed:af:16:
38:02:ab:d4:3e:a0:88:df:96:08:cb:34:f8:77:2e:79:90:57:
22:aa:87:e7:62:b3:19:ad:de:8d:17:d9:85:ea:95:51:78:14:
60:2d:0d:f6:4a:5d:fa:d8:e1:96:bf:14:00:3c:c0:9c:65:1c:
c6:bf:e6:8b:a5:bc:bd:11:e3:8f:7a:8f:60:4b:e7:38:85:b4:
6a:a8:16:20:d2:a7:d2:ac:30:f1:c2:90:8a:6d:47:53:92:ce:
26:6c:46:e7:48:d1:b6:e2:de:7a:66:17:4f:f2:60:14:ca:6e:
a9:f0:16:72:7b:01:b4:65:e6:71:c0:f4:52:49:94:35:f4:bd:
55:ca:97:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxjy7850Aq6F6JHf472ga8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjMxMjEzMTUyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QxZTIwN2JiZTU4ODNlZjBkYzZkOTg0OGJiMWMwMDNhMjcwMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzaVFk4q9OxbTwmZsATEwFWJfT84
Rp2tSkuCK66Gv6urvwH4SFHhbiksaPSXV47R30QUceR1+lF0pF61v/lEN2kxlaFY
Nl/g/OQn6wBX+u9CkF5OcWVh0CggSRUYeUt+Z8terw6mMhv/rlLRf0lBsn8aNZwU
iAFYLCf3s9qCq09aPv4hHf3LAe++VKRtxPLEg3h6FzQQFNlGLMi88H30YI3vrCgw
u/DDOahf8pbYX/oFr8b+TRHBYON2j5UlWO+rENY+L8hP/Io1wal620CTX4midkTH
xc8MZDCcC1z/GmSzWtlJfEVZnfjw8iY600YPm0iGB+KjPvO1wdzT326cKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFfR4ge75Yg+8NxtmEi7HAA6JwJ7MB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvVjlIaUI3dmxpRDd3M0cyWVNMc2NBRG9uQW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbacAwQC
udY0MA0EAgACMAcDBQAqC5XAMA0GCSqGSIb3DQEBCwUAA4IBAQB6sW4xzxMWWitn
jyT4TrSPH6LYEr3RNFbCeJ6dXKVADA0PLNnaof2k4AOEEeV1MBD15WMsrSVK9s+8
/dMklMVQyEaPymiq8fPj0YLI7WR4AcSsDmzzsrpBYvM5UAOnMBd9PMVpO+mlSiDo
u8KJQ0CkpbvxmWIO+CzRne7trxY4AqvUPqCI35YIyzT4dy55kFciqofnYrMZrd6N
F9mF6pVReBRgLQ32Sl362OGWvxQAPMCcZRzGv+aLpby9EeOPeo9gS+c4hbRqqBYg
0qfSrDDxwpCKbUdTks4mbEbnSNG24t56ZhdP8mAUym6p8BZyewG0ZeZxwPRSSZQ1
9L1VypdY
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:39 2024 by rpki-client on console.sobornost.net