Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/VueqXX_mAvpgMKRIOrpV52RVuYA.roa
File: VueqXX_mAvpgMKRIOrpV52RVuYA.roa (raw, json)
Hash identifier: 5+FZJWikVdhTW8HFGrI9L4OR+f6eo2qwxfARLbOrtwg=
Subject key identifier: 56:E7:AA:5D:7F:E6:02:FA:60:30:A4:48:3A:BA:55:E7:64:55:B9:80
Certificate issuer: /CN=c70dbf555870b556acfab428c74eacee56f7b222
Certificate serial: 01856E78D0ACA6CCB8C375A7E9FFA8A23B75
Authority key identifier: C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/VueqXX_mAvpgMKRIOrpV52RVuYA.roa
Signing time: Sun 01 Jan 2023 17:54:49 +0000
ROA not before: Sun 01 Jan 2023 17:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202096
IP address blocks: 185.53.138.0/23 maxlen: 23
185.53.136.0/23 maxlen: 23
185.53.136.0/22 maxlen: 22
2a02:2d20::/32 maxlen: 32
2a02:2d20::/48 maxlen: 48
2a02:2d20:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d0:ac:a6:cc:b8:c3:75:a7:e9:ff:a8:a2:3b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c70dbf555870b556acfab428c74eacee56f7b222
Validity
Not Before: Jan 1 17:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56e7aa5d7fe602fa6030a4483aba55e76455b980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:34:3b:ee:fa:fc:c4:b9:75:09:bf:c1:3b:
f1:0a:b8:f7:67:16:67:ec:c6:37:2d:ac:65:88:67:
f7:9f:f7:ed:c0:66:65:5f:dd:5f:1c:75:69:17:33:
17:ff:69:74:97:71:03:f0:7d:fa:75:12:cb:f6:db:
0a:b9:63:c8:c9:8c:95:c5:4e:d9:a2:c6:85:67:6d:
f6:eb:e1:9b:e5:c7:ce:82:cc:ba:37:4c:7c:95:b4:
3f:64:94:d5:ea:25:8b:b0:da:56:40:85:b4:1b:a1:
f8:7a:e6:b2:6b:a3:70:4a:4c:c8:67:06:59:ac:be:
58:2a:91:4e:df:15:55:2c:ae:70:aa:0d:c8:36:b7:
d7:8b:12:a5:ea:25:7c:fb:0b:fe:6a:75:35:e8:cb:
05:ef:f5:ee:d8:3f:0a:a5:db:a2:04:35:4a:84:d6:
05:65:cc:ef:d0:85:f4:db:6c:76:f0:11:e5:61:ff:
3e:ac:a1:5b:08:86:df:74:18:e1:a6:d4:fd:43:87:
8d:c8:18:48:b7:36:41:a7:b0:86:8d:18:07:1f:2a:
c2:64:77:85:a4:ff:18:4c:7d:6e:13:a0:b8:6c:24:
f8:8c:7c:36:f2:ea:bc:fc:79:4d:a6:ff:95:91:f2:
56:86:15:f4:f3:ba:f4:23:65:7f:40:a3:16:74:93:
67:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E7:AA:5D:7F:E6:02:FA:60:30:A4:48:3A:BA:55:E7:64:55:B9:80
X509v3 Authority Key Identifier:
keyid:C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/VueqXX_mAvpgMKRIOrpV52RVuYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.136.0/22
IPv6:
2a02:2d20::/32
Signature Algorithm: sha256WithRSAEncryption
08:4f:39:e0:53:bb:f7:ac:ed:75:66:37:9b:7e:9a:1a:c8:f6:
80:d7:78:ef:0e:b8:1a:89:dc:cc:b3:7c:57:76:5f:e0:10:52:
3f:fa:56:87:e3:bb:c8:5f:85:a3:5d:0c:34:60:71:21:7c:cd:
05:3f:31:33:db:f5:b0:a3:98:b5:98:7d:97:19:d2:5f:b3:76:
55:c8:c9:77:8a:28:39:fc:c2:8d:69:7c:14:67:1b:5b:cb:2f:
d6:a6:c1:87:97:59:db:b8:2d:91:db:53:c4:4d:a9:11:a0:5b:
e0:54:d9:1a:9b:c4:0c:ef:7b:ff:79:63:8a:64:70:39:47:fe:
89:b3:3d:c3:e5:f7:f7:19:23:d2:cd:db:dd:da:f8:ab:50:64:
1a:60:00:be:21:e4:32:b5:48:b0:af:29:14:e2:67:81:74:57:
21:fc:f7:cf:c0:4a:91:f3:77:f9:c8:dc:cc:8d:26:f4:e6:cc:
5b:b7:9d:76:a3:34:70:d3:df:67:6b:35:13:25:15:5f:99:e3:
d5:15:64:66:3c:f1:2b:25:4e:81:39:b2:2c:25:12:80:7c:30:
ff:fd:ec:f0:d4:08:2b:28:80:50:8e:6e:23:dc:cd:e4:fc:f7:
34:62:c2:64:99:5c:24:4c:ef:98:fa:9f:a1:85:80:43:0a:9c:
68:a7:ca:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueNCspsy4w3Wn6f+oojt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGRiZjU1NTg3MGI1NTZhY2ZhYjQyOGM3NGVhY2VlNTZm
N2IyMjIwHhcNMjMwMTAxMTc1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmU3YWE1ZDdmZTYwMmZhNjAzMGE0NDgzYWJhNTVlNzY0NTViOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig40O+76/MS5dQm/wTvxCrj3ZxZn
7MY3LaxliGf3n/ftwGZlX91fHHVpFzMX/2l0l3ED8H36dRLL9tsKuWPIyYyVxU7Z
osaFZ2326+Gb5cfOgsy6N0x8lbQ/ZJTV6iWLsNpWQIW0G6H4euaya6NwSkzIZwZZ
rL5YKpFO3xVVLK5wqg3INrfXixKl6iV8+wv+anU16MsF7/Xu2D8KpduiBDVKhNYF
Zczv0IX022x28BHlYf8+rKFbCIbfdBjhptT9Q4eNyBhItzZBp7CGjRgHHyrCZHeF
pP8YTH1uE6C4bCT4jHw28uq8/HlNpv+VkfJWhhX087r0I2V/QKMWdJNnOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFbnql1/5gL6YDCkSDq6VedkVbmAMB8GA1UdIwQY
MBaAFMcNv1VYcLVWrPq0KMdOrO5W97IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUt
MzJkYTFkYjRiMjAzLzEvVnVlcVhYX21BdnBnTUtSSU9ycFY1MlJWdVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUtMzJkYTFkYjRiMjAz
LzEveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTWIMA0E
AgACMAcDBQAqAi0gMA0GCSqGSIb3DQEBCwUAA4IBAQAITzngU7v3rO11Zjebfpoa
yPaA13jvDrgaidzMs3xXdl/gEFI/+laH47vIX4WjXQw0YHEhfM0FPzEz2/Wwo5i1
mH2XGdJfs3ZVyMl3iig5/MKNaXwUZxtbyy/WpsGHl1nbuC2R21PETakRoFvgVNka
m8QM73v/eWOKZHA5R/6Jsz3D5ff3GSPSzdvd2virUGQaYAC+IeQytUiwrykU4meB
dFch/PfPwEqR83f5yNzMjSb05sxbt512ozRw099nazUTJRVfmePVFWRmPPErJU6B
ObIsJRKAfDD//ezw1AgrKIBQjm4j3M3k/Pc0YsJkmVwkTO+Y+p+hhYBDCpxop8rt
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:19 2024 by rpki-client on console.sobornost.net