Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/w1FdAwudizJ1hScJBiobSlaY5pA.roa
File: w1FdAwudizJ1hScJBiobSlaY5pA.roa (raw, json)
Hash identifier: OkgPSTIgRDxDayxdF1cnBJgLz3Mmsif4caHwu5vXS64=
Subject key identifier: C3:51:5D:03:0B:9D:8B:32:75:85:27:09:06:2A:1B:4A:56:98:E6:90
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 01856C53B3720576520D46F491A132E4CA13
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/w1FdAwudizJ1hScJBiobSlaY5pA.roa
Signing time: Sun 01 Jan 2023 07:55:02 +0000
ROA not before: Sun 01 Jan 2023 07:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205555
IP address blocks: 185.214.53.0/24 maxlen: 24
185.214.54.0/24 maxlen: 24
185.214.52.0/24 maxlen: 24
2a0b:95c0::/32 maxlen: 32
2a0b:95c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:b3:72:05:76:52:0d:46:f4:91:a1:32:e4:ca:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Jan 1 07:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3515d030b9d8b3275852709062a1b4a5698e690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0e:0c:73:d9:39:01:17:5f:1c:12:2a:db:20:
c5:30:00:a5:42:9e:ee:83:c2:59:4d:01:94:7d:c6:
c0:3f:c0:83:05:37:07:f4:31:d3:98:d4:8a:58:b1:
1d:ab:50:b8:d5:49:be:87:6a:91:10:ca:b3:7d:21:
78:27:c6:2e:82:a0:74:4e:40:d2:d8:16:2d:51:4d:
14:e2:83:a4:0d:e0:55:9b:a9:55:33:14:6c:e8:4e:
ca:8a:d3:30:ce:c8:3e:f9:8c:7b:25:ad:b8:61:07:
dc:ab:4d:de:ed:65:70:5e:d1:ec:c7:3c:eb:25:d6:
d3:c2:43:00:2e:9d:57:81:ab:02:08:e9:aa:33:67:
d7:30:9f:b1:62:bc:3c:04:a9:8e:06:07:21:c4:f6:
3a:fb:2a:db:61:cc:4f:b0:9f:36:b4:a1:c8:e3:80:
01:d8:b8:27:56:50:91:49:04:ed:d6:2d:94:b4:3c:
80:7a:6c:1d:ea:ea:0f:56:65:23:3a:64:b8:a8:e9:
b7:2f:94:f9:08:cf:aa:82:c7:92:f9:94:5c:22:22:
a5:89:5d:a4:46:34:21:e2:e6:f9:3a:e8:11:93:fe:
c9:a0:c8:7b:c9:ba:0e:a4:55:c4:9f:9e:36:f5:a8:
dd:7d:1e:0a:09:74:e8:51:41:94:bc:8f:e3:a7:a2:
1e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:51:5D:03:0B:9D:8B:32:75:85:27:09:06:2A:1B:4A:56:98:E6:90
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/w1FdAwudizJ1hScJBiobSlaY5pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.52.0-185.214.54.255
IPv6:
2a0b:95c0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:c1:a9:45:c8:10:28:2a:74:cc:c8:4a:68:e7:b8:e7:24:03:
f2:6d:13:7d:8e:72:ea:a6:cf:f3:d8:0c:e7:01:70:cc:84:0a:
6f:7d:65:fb:48:57:98:75:3b:ea:63:e6:92:03:9a:e0:2f:83:
ef:9e:fc:6a:d6:52:b4:9c:d8:41:b8:f9:1b:23:d8:45:fe:71:
8a:ec:1c:76:e0:3e:35:be:e7:05:91:64:84:51:38:1b:3f:84:
96:37:ad:5b:5f:b8:3c:99:f0:c2:12:7c:3a:bf:09:63:f8:f3:
3b:e6:88:64:dd:7f:a7:e9:1f:b6:24:19:22:02:e9:29:b8:df:
b0:97:2a:09:32:f2:23:76:f2:41:58:6d:8f:a9:84:18:2f:c1:
9f:ec:37:8d:f4:0c:5f:1d:55:48:18:86:30:34:a3:91:cb:52:
e6:c1:97:46:a2:4f:ec:b7:f3:5b:9b:18:0f:3f:0c:56:fa:cc:
7f:16:c7:1e:97:a2:75:f1:57:30:47:f2:51:53:18:88:dd:b7:
3b:27:eb:88:ca:fb:6c:2a:78:4c:98:2a:56:63:b5:11:40:79:
b7:4e:d5:1a:e5:c8:cf:3c:bb:e4:59:a1:0e:e9:ca:eb:8f:7c:
da:2d:ac:92:e1:37:d0:96:f5:4b:b5:8b:31:b1:22:58:cd:2d:
60:47:0e:c8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsU7NyBXZSDUb0kaEy5MoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjMwMTAxMDc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUxNWQwMzBiOWQ4YjMyNzU4NTI3MDkwNjJhMWI0YTU2OThlNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ4Mc9k5ARdfHBIq2yDFMAClQp7u
g8JZTQGUfcbAP8CDBTcH9DHTmNSKWLEdq1C41Um+h2qREMqzfSF4J8YugqB0TkDS
2BYtUU0U4oOkDeBVm6lVMxRs6E7KitMwzsg++Yx7Ja24YQfcq03e7WVwXtHsxzzr
JdbTwkMALp1XgasCCOmqM2fXMJ+xYrw8BKmOBgchxPY6+yrbYcxPsJ82tKHI44AB
2LgnVlCRSQTt1i2UtDyAemwd6uoPVmUjOmS4qOm3L5T5CM+qgseS+ZRcIiKliV2k
RjQh4ub5OugRk/7JoMh7yboOpFXEn5429ajdfR4KCXToUUGUvI/jp6IevwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMNRXQMLnYsydYUnCQYqG0pWmOaQMB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvdzFGZEF3dWRpekoxaFNjSkJpb2JTbGFZNXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK51jQD
BAC51jYwDQQCAAIwBwMFACoLlcAwDQYJKoZIhvcNAQELBQADggEBAD3BqUXIECgq
dMzISmjnuOckA/JtE32Ocuqmz/PYDOcBcMyECm99ZftIV5h1O+pj5pIDmuAvg++e
/GrWUrSc2EG4+Rsj2EX+cYrsHHbgPjW+5wWRZIRROBs/hJY3rVtfuDyZ8MISfDq/
CWP48zvmiGTdf6fpH7YkGSIC6Sm437CXKgky8iN28kFYbY+phBgvwZ/sN430DF8d
VUgYhjA0o5HLUubBl0aiT+y381ubGA8/DFb6zH8Wxx6XonXxVzBH8lFTGIjdtzsn
64jK+2wqeEyYKlZjtRFAebdO1RrlyM88u+RZoQ7pyuuPfNotrJLhN9CW9Uu1izGx
IljNLWBHDsg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net