Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/1W8sU3mKb1EIYGclSY-xl_SRPpY.roa
File: 1W8sU3mKb1EIYGclSY-xl_SRPpY.roa (raw, json)
Hash identifier: SeuBRunHZe7zBqKv4S8n/VUjHQ+cgya8M1zUYD19MZY=
Subject key identifier: D5:6F:2C:53:79:8A:6F:51:08:60:67:25:49:8F:B1:97:F4:91:3E:96
Certificate issuer: /CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Certificate serial: 01856F42983B607060C74382C1EE6F1706BB
Authority key identifier: 50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/1W8sU3mKb1EIYGclSY-xl_SRPpY.roa
Signing time: Sun 01 Jan 2023 21:35:13 +0000
ROA not before: Sun 01 Jan 2023 21:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51618
IP address blocks: 185.132.214.0/24 maxlen: 24
185.132.214.0/23 maxlen: 23
185.132.215.0/24 maxlen: 24
185.132.212.0/22 maxlen: 22
185.132.212.0/23 maxlen: 23
185.132.212.0/24 maxlen: 24
185.132.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:98:3b:60:70:60:c7:43:82:c1:ee:6f:17:06:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Validity
Not Before: Jan 1 21:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d56f2c53798a6f5108606725498fb197f4913e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:eb:5e:31:d7:7b:c9:05:73:5b:52:06:1b:
45:19:9e:5f:1e:45:e0:fc:0f:24:54:13:36:31:f6:
48:82:0d:3f:eb:10:64:35:23:27:e1:ff:fa:e2:61:
f6:e3:23:98:50:d6:66:03:18:7f:6e:95:66:83:28:
b7:82:a1:93:ec:14:c8:28:32:91:a0:8d:5a:a6:6e:
54:f3:85:9f:bd:d9:25:dc:43:52:fe:75:e6:c1:5d:
2e:d0:c0:2a:66:17:e2:53:cd:e6:b6:51:64:38:68:
1a:bb:7c:e8:91:16:7b:3c:1f:a4:58:b0:d9:c0:a2:
6b:5b:43:e2:61:93:7f:dd:2f:90:db:3b:ba:29:2b:
6c:5d:f1:5f:48:bc:c0:95:a6:a5:59:47:fd:c4:7b:
8c:89:bd:99:1b:90:7b:a3:36:0f:b6:a2:ae:40:0e:
8d:d6:31:b4:06:2e:90:39:29:e2:c9:81:3c:73:f7:
8b:b0:76:ca:5f:8e:7b:2a:ca:27:e6:41:62:09:f9:
6d:71:fb:6d:a9:90:bd:c2:9c:55:e7:5e:90:8f:e8:
57:d9:60:2b:9f:4a:a2:fa:f6:04:9c:f0:93:45:b4:
15:97:bb:18:11:92:49:1c:59:65:54:55:8c:fe:4a:
95:ec:b8:78:31:9f:c3:8b:57:c6:78:aa:83:63:7d:
19:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:6F:2C:53:79:8A:6F:51:08:60:67:25:49:8F:B1:97:F4:91:3E:96
X509v3 Authority Key Identifier:
keyid:50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/1W8sU3mKb1EIYGclSY-xl_SRPpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/UMAG1kAe9C-lDiQJVQCy_a-tW6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.212.0/22
Signature Algorithm: sha256WithRSAEncryption
53:82:c3:4b:8d:69:25:69:6a:65:e4:d5:b2:e4:95:d7:47:9b:
17:86:e7:ac:1e:25:f2:37:61:73:f1:bb:2e:8c:0a:c5:fa:ae:
de:fc:7e:2f:2d:53:a2:1e:d2:fa:f8:93:f5:79:75:37:d3:93:
e8:27:1e:03:6b:f6:ad:08:a6:e9:1b:0d:ba:37:38:2a:ec:35:
89:88:69:27:f1:3d:37:88:e9:37:3a:06:67:7b:b6:de:90:85:
ef:d4:56:d7:9a:ed:05:0c:86:4b:d7:98:97:6d:3f:a7:14:c1:
12:ed:f8:0c:66:89:07:43:93:3e:29:b4:0a:01:b9:ea:cc:0f:
8e:38:3e:31:18:65:40:3b:41:6f:3b:5c:72:99:1f:de:16:af:
2c:e8:b0:28:2c:e7:ba:fa:61:34:58:53:91:0a:21:ec:1e:cc:
0f:60:7e:b3:b6:d7:80:5d:e4:1e:58:29:f1:37:57:d7:50:39:
46:7c:0c:4a:99:6e:5e:3a:02:d1:59:47:97:23:cf:20:74:d1:
fc:64:0a:c1:76:25:54:25:bc:92:35:0b:2f:75:55:4a:f9:1a:
67:cd:2e:46:2b:58:d9:c7:dc:5c:0e:61:0c:4d:23:2e:2e:cb:
81:7f:3b:f0:ca:f8:08:1c:b9:af:df:cf:b2:65:73:55:5a:f0:
87:9a:4a:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpg7YHBgx0OCwe5vFwa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzAwNmQ2NDAxZWY0MmZhNTBlMjQwOTU1MDBiMmZkYWZh
ZDViYWEwHhcNMjMwMTAxMjEzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTZmMmM1Mzc5OGE2ZjUxMDg2MDY3MjU0OThmYjE5N2Y0OTEzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs7rXjHXe8kFc1tSBhtFGZ5fHkXg
/A8kVBM2MfZIgg0/6xBkNSMn4f/64mH24yOYUNZmAxh/bpVmgyi3gqGT7BTIKDKR
oI1apm5U84Wfvdkl3ENS/nXmwV0u0MAqZhfiU83mtlFkOGgau3zokRZ7PB+kWLDZ
wKJrW0PiYZN/3S+Q2zu6KStsXfFfSLzAlaalWUf9xHuMib2ZG5B7ozYPtqKuQA6N
1jG0Bi6QOSniyYE8c/eLsHbKX457Kson5kFiCfltcfttqZC9wpxV516Qj+hX2WAr
n0qi+vYEnPCTRbQVl7sYEZJJHFllVFWM/kqV7Lh4MZ/Di1fGeKqDY30ZgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVvLFN5im9RCGBnJUmPsZf0kT6WMB8GA1UdIwQY
MBaAFFDABtZAHvQvpQ4kCVUAsv2vrVuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1BRzFrQWU5Qy1sRGlRSlZRQ3lfYS10VzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kZmFiMzYtNjU3Zi00ZTAyLTgzNjEt
YzJkY2RjODVlNTg0LzEvMVc4c1UzbUtiMUVJWUdjbFNZLXhsX1NSUHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kZmFiMzYtNjU3Zi00ZTAyLTgzNjEtYzJkY2RjODVlNTg0
LzEvVU1BRzFrQWU5Qy1sRGlRSlZRQ3lfYS10VzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYTUMA0G
CSqGSIb3DQEBCwUAA4IBAQBTgsNLjWklaWpl5NWy5JXXR5sXhuesHiXyN2Fz8bsu
jArF+q7e/H4vLVOiHtL6+JP1eXU305PoJx4Da/atCKbpGw26Nzgq7DWJiGkn8T03
iOk3OgZne7bekIXv1FbXmu0FDIZL15iXbT+nFMES7fgMZokHQ5M+KbQKAbnqzA+O
OD4xGGVAO0FvO1xymR/eFq8s6LAoLOe6+mE0WFORCiHsHswPYH6ztteAXeQeWCnx
N1fXUDlGfAxKmW5eOgLRWUeXI88gdNH8ZArBdiVUJbySNQsvdVVK+RpnzS5GK1jZ
x9xcDmEMTSMuLsuBfzvwyvgIHLmv38+yZXNVWvCHmkp0
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:09 2024 by rpki-client on console.sobornost.net