Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/xFVEjlUnM9FjvdJJVkrGOqmKR1E.roa
File: xFVEjlUnM9FjvdJJVkrGOqmKR1E.roa (raw, json)
Hash identifier: 2kKVkHzIXuFgPHZH1PntLSb0Vf7Xyvk6BJEUpQEWEu4=
Subject key identifier: C4:55:44:8E:55:27:33:D1:63:BD:D2:49:56:4A:C6:3A:A9:8A:47:51
Certificate issuer: /CN=9c4950779d597551d79c43e616a50907de8cdf77
Certificate serial: 01857271296E547D2526BF947134A4F20FAA
Authority key identifier: 9C:49:50:77:9D:59:75:51:D7:9C:43:E6:16:A5:09:07:DE:8C:DF:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nElQd51ZdVHXnEPmFqUJB96M33c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/xFVEjlUnM9FjvdJJVkrGOqmKR1E.roa
Signing time: Mon 02 Jan 2023 12:24:56 +0000
ROA not before: Mon 02 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201595
IP address blocks: 185.58.212.0/24 maxlen: 24
185.58.213.0/24 maxlen: 24
185.58.215.0/24 maxlen: 24
185.58.214.0/24 maxlen: 24
185.130.160.0/24 maxlen: 24
185.130.163.0/24 maxlen: 24
185.130.161.0/24 maxlen: 24
185.130.162.0/24 maxlen: 24
2a04:e200::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:29:6e:54:7d:25:26:bf:94:71:34:a4:f2:0f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4950779d597551d79c43e616a50907de8cdf77
Validity
Not Before: Jan 2 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c455448e552733d163bdd249564ac63aa98a4751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3e:2a:65:28:d8:39:5f:64:a3:63:bd:2d:2b:
77:ae:d1:99:52:26:e7:71:8c:58:f6:f7:d8:9c:c8:
6b:94:9e:a8:43:44:ac:94:2a:48:3e:a7:bb:ea:4f:
60:90:26:6b:b1:76:7c:96:46:06:df:d7:6c:fb:ee:
e2:91:ac:dd:63:57:5a:c1:d5:4d:08:cc:6e:79:d5:
1f:49:a0:7e:86:7b:a5:f3:c8:0d:31:f0:df:9a:14:
55:36:89:42:fe:a1:2a:2b:58:8c:59:ed:08:11:ed:
c4:ab:c7:cf:27:ef:5c:2d:22:7f:b6:4c:d6:e5:b7:
9d:d2:2d:d6:c3:89:cc:5c:d6:fc:00:16:e6:59:93:
06:9a:92:09:6d:26:1a:f7:f2:64:76:15:2f:c5:fc:
b0:61:1f:1d:35:9f:ba:f3:d8:0b:8b:bb:ca:01:5c:
92:92:5c:0b:66:d3:f2:b4:05:76:5e:21:4d:62:6e:
97:81:cb:c2:ec:c1:90:01:e2:c9:ad:cf:aa:33:83:
c3:3b:fa:4e:a1:8b:86:d6:4a:66:97:23:09:c5:dd:
4c:10:93:ce:7e:53:c6:d6:b7:bf:9d:40:be:19:ec:
ed:09:fa:2b:3c:90:45:c2:d2:93:6e:12:ba:21:1b:
8c:c5:69:33:ea:bc:b4:d6:df:50:f8:1f:83:7d:ff:
7e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:55:44:8E:55:27:33:D1:63:BD:D2:49:56:4A:C6:3A:A9:8A:47:51
X509v3 Authority Key Identifier:
keyid:9C:49:50:77:9D:59:75:51:D7:9C:43:E6:16:A5:09:07:DE:8C:DF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nElQd51ZdVHXnEPmFqUJB96M33c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/xFVEjlUnM9FjvdJJVkrGOqmKR1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/nElQd51ZdVHXnEPmFqUJB96M33c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.212.0/22
185.130.160.0/22
IPv6:
2a04:e200::/29
Signature Algorithm: sha256WithRSAEncryption
6a:f1:04:13:13:eb:71:ff:72:f4:f3:4e:11:90:a0:18:3a:c2:
ef:22:66:a5:2f:ae:7d:21:b7:70:1f:97:0b:2c:fb:0b:91:fb:
97:75:3f:f9:54:3e:14:01:85:ed:2f:f8:25:39:5c:93:bf:c8:
a0:f9:f9:4c:18:94:fa:45:f9:21:bf:93:89:c5:53:0a:cc:e8:
de:e2:b9:9b:a2:83:cc:64:5c:af:4f:80:34:cc:c5:86:49:6d:
23:52:f7:90:06:41:cf:18:0c:da:e4:c2:95:ab:3d:83:94:51:
f1:17:5b:f7:66:bc:9b:5e:37:cb:45:5d:8f:68:2f:6c:08:8a:
27:e3:2f:3d:e3:4d:a3:01:65:b4:cd:ba:a3:bf:f0:6a:82:6e:
6c:46:24:59:a3:e9:30:d5:21:5c:63:e2:4b:b8:c9:ca:14:b1:
d4:06:5d:43:ca:74:a2:40:b6:a5:55:29:d6:1b:b6:73:d9:a1:
bb:40:e7:aa:bf:a1:5b:83:31:83:74:a6:63:6a:22:6a:26:2d:
f2:c1:49:4d:eb:0f:e8:90:55:9e:de:5b:c9:34:88:be:af:ec:
e0:36:8f:0c:ff:48:b9:0e:e3:de:76:1a:b4:45:f5:6c:b0:9e:
6c:09:de:ce:4f:7c:cc:22:fa:6c:80:6d:b9:73:96:76:d6:bd:
bf:8b:2a:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVycSluVH0lJr+UcTSk8g+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNDk1MDc3OWQ1OTc1NTFkNzljNDNlNjE2YTUwOTA3ZGU4
Y2RmNzcwHhcNMjMwMTAyMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU1NDQ4ZTU1MjczM2QxNjNiZGQyNDk1NjRhYzYzYWE5OGE0NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD4qZSjYOV9ko2O9LSt3rtGZUibn
cYxY9vfYnMhrlJ6oQ0SslCpIPqe76k9gkCZrsXZ8lkYG39ds++7ikazdY1dawdVN
CMxuedUfSaB+hnul88gNMfDfmhRVNolC/qEqK1iMWe0IEe3Eq8fPJ+9cLSJ/tkzW
5bed0i3Ww4nMXNb8ABbmWZMGmpIJbSYa9/JkdhUvxfywYR8dNZ+689gLi7vKAVyS
klwLZtPytAV2XiFNYm6XgcvC7MGQAeLJrc+qM4PDO/pOoYuG1kpmlyMJxd1MEJPO
flPG1re/nUC+GeztCforPJBFwtKTbhK6IRuMxWkz6ry01t9Q+B+Dff9+kQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMRVRI5VJzPRY73SSVZKxjqpikdRMB8GA1UdIwQY
MBaAFJxJUHedWXVR15xD5halCQfejN93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVsUWQ1MVpkVkhYbkVQbUZxVUpCOTZNMzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9iY2UzOTctMzcyZC00ZDJmLWFkMGEt
YTQ4ZWJkMzAxNjcxLzEveEZWRWpsVW5NOUZqdmRKSlZrckdPcW1LUjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9iY2UzOTctMzcyZC00ZDJmLWFkMGEtYTQ4ZWJkMzAxNjcx
LzEvbkVsUWQ1MVpkVkhYbkVQbUZxVUpCOTZNMzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTrUAwQC
uYKgMA0EAgACMAcDBQMqBOIAMA0GCSqGSIb3DQEBCwUAA4IBAQBq8QQTE+tx/3L0
804RkKAYOsLvImalL659IbdwH5cLLPsLkfuXdT/5VD4UAYXtL/glOVyTv8ig+flM
GJT6Rfkhv5OJxVMKzOje4rmbooPMZFyvT4A0zMWGSW0jUveQBkHPGAza5MKVqz2D
lFHxF1v3ZrybXjfLRV2PaC9sCIon4y89402jAWW0zbqjv/Bqgm5sRiRZo+kw1SFc
Y+JLuMnKFLHUBl1DynSiQLalVSnWG7Zz2aG7QOeqv6FbgzGDdKZjaiJqJi3ywUlN
6w/okFWe3lvJNIi+r+zgNo8M/0i5DuPedhq0RfVssJ5sCd7OT3zMIvpsgG25c5Z2
1r2/iypk
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:43 2024 by rpki-client on console.sobornost.net