Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/TqLw0RKI-oYWaEoigFso-m5RUes.roa
File: TqLw0RKI-oYWaEoigFso-m5RUes.roa (raw, json)
Hash identifier: A7AbIfTDQkACnw6c3d8Maat9p3CVMa59kkYuMMDVEyw=
Subject key identifier: 4E:A2:F0:D1:12:88:FA:86:16:68:4A:22:80:5B:28:FA:6E:51:51:EB
Certificate issuer: /CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Certificate serial: 018ACB1D6A706B2F2E2D5D0AFB849EC95129
Authority key identifier: 50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/TqLw0RKI-oYWaEoigFso-m5RUes.roa
Signing time: Mon 25 Sep 2023 06:53:37 +0000
ROA not before: Mon 25 Sep 2023 06:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12813
IP address blocks: 212.11.224.0/24 maxlen: 24
212.11.224.0/19 maxlen: 19
212.11.226.0/24 maxlen: 24
212.11.225.0/24 maxlen: 24
212.11.227.0/24 maxlen: 24
212.11.235.0/24 maxlen: 24
212.11.240.0/24 maxlen: 24
212.11.245.0/24 maxlen: 24
212.11.242.0/24 maxlen: 24
212.11.244.0/24 maxlen: 24
212.11.241.0/24 maxlen: 24
2a00:1278::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:1d:6a:70:6b:2f:2e:2d:5d:0a:fb:84:9e:c9:51:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Validity
Not Before: Sep 25 06:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ea2f0d11288fa8616684a22805b28fa6e5151eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:f2:68:9d:4c:cc:4b:c0:fa:a5:3d:88:e3:
47:40:86:65:f2:c1:45:4a:73:3b:ab:c1:7e:eb:1f:
a5:a8:dd:31:64:ee:c9:ce:22:74:b6:a0:b3:96:c7:
b8:0c:46:46:6f:7a:7a:c3:8e:8b:1c:3a:3f:65:37:
30:fa:5b:1e:d4:1a:6a:48:75:86:70:90:02:29:37:
bc:16:c7:23:f7:2c:e1:69:f5:56:96:5a:50:37:c4:
a9:62:a9:b5:11:c4:c0:7a:a2:cb:e5:b5:86:90:62:
55:19:af:9c:83:e2:21:b5:52:23:47:e1:7c:81:d0:
16:13:c0:c4:86:17:89:99:d6:a2:f1:4e:da:a0:24:
db:f6:6e:68:a4:a6:ee:06:f2:e2:17:25:39:e1:d7:
3d:ed:71:ad:ad:44:5a:54:16:ce:c2:20:07:14:6a:
fd:dd:24:d4:b6:0f:b7:7b:32:1b:cd:a1:48:ef:ab:
9e:63:0a:a8:c4:81:61:98:a5:6c:68:68:c6:13:12:
fb:ae:8b:02:d7:1c:3c:b6:c6:a1:00:e0:8a:1f:34:
35:eb:ae:b3:f1:fc:dc:3b:0e:1c:85:c2:3b:37:d9:
a6:3a:c5:e1:57:86:94:ae:6c:78:ef:ad:7c:ba:1b:
76:cc:d5:23:8e:75:84:1f:4e:25:dd:96:73:5f:7c:
c5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A2:F0:D1:12:88:FA:86:16:68:4A:22:80:5B:28:FA:6E:51:51:EB
X509v3 Authority Key Identifier:
keyid:50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/TqLw0RKI-oYWaEoigFso-m5RUes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.224.0/19
IPv6:
2a00:1278::/32
Signature Algorithm: sha256WithRSAEncryption
9e:6a:72:23:f2:ad:e4:e8:00:80:1f:41:6c:bd:0c:28:d7:3e:
5d:61:da:44:67:42:a1:ef:ee:46:cd:12:42:d5:e6:35:08:89:
b2:86:2f:75:53:74:66:dd:e8:f4:8d:a1:19:e9:1d:e8:54:0b:
db:0a:a2:12:35:bf:b7:d4:50:dc:50:fc:4c:9d:b4:b3:49:f4:
33:62:41:d9:56:5e:47:de:42:87:85:a3:dd:70:82:03:c1:bf:
c6:d2:a2:ee:2b:fa:99:d1:76:d7:bf:4c:0a:46:68:73:81:bb:
02:fc:1d:35:e9:ec:85:89:89:7e:48:98:ad:90:18:30:5b:24:
b9:9f:94:0e:3a:7f:56:17:93:b8:66:51:2d:a6:d6:c6:e8:f5:
29:c0:ff:27:10:d9:bc:32:a6:f4:de:bd:16:c3:e2:78:ea:73:
d2:ac:af:ee:99:5c:5c:a0:a9:81:39:4b:b5:74:1a:c5:a9:29:
4c:8e:22:56:b0:d9:a7:88:64:86:ca:fe:98:a9:99:b0:98:d2:
56:62:12:e5:a7:c1:8b:7d:25:bb:2e:42:55:de:e6:51:a3:b2:
0e:4f:88:7b:68:74:6d:31:a4:2c:dc:21:77:49:60:89:75:ef:
39:9a:85:16:3a:4e:ee:ff:18:01:30:65:36:6a:22:df:fe:5c:
b5:92:39:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrLHWpway8uLV0K+4SeyVEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjY0YzNmMDk4MzFjY2Q4ODk3MTJmNGZhYjVjNWIxYmUw
Y2FkNTYwHhcNMjMwOTI1MDY1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWEyZjBkMTEyODhmYTg2MTY2ODRhMjI4MDViMjhmYTZlNTE1MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH/yaJ1MzEvA+qU9iONHQIZl8sFF
SnM7q8F+6x+lqN0xZO7JziJ0tqCzlse4DEZGb3p6w46LHDo/ZTcw+lse1BpqSHWG
cJACKTe8Fscj9yzhafVWllpQN8SpYqm1EcTAeqLL5bWGkGJVGa+cg+IhtVIjR+F8
gdAWE8DEhheJmdai8U7aoCTb9m5opKbuBvLiFyU54dc97XGtrURaVBbOwiAHFGr9
3STUtg+3ezIbzaFI76ueYwqoxIFhmKVsaGjGExL7rosC1xw8tsahAOCKHzQ1666z
8fzcOw4chcI7N9mmOsXhV4aUrmx47618uht2zNUjjnWEH04l3ZZzX3zF2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE6i8NESiPqGFmhKIoBbKPpuUVHrMB8GA1UdIwQY
MBaAFFAmTD8JgxzNiJcS9Pq1xbG+DK1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTIt
NzE0Zjk2MjZkMDIxLzEvVHFMdzBSS0ktb1lXYUVvaWdGc28tbTVSVWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTItNzE0Zjk2MjZkMDIx
LzEvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AvgMA0E
AgACMAcDBQAqABJ4MA0GCSqGSIb3DQEBCwUAA4IBAQCeanIj8q3k6ACAH0FsvQwo
1z5dYdpEZ0Kh7+5GzRJC1eY1CImyhi91U3Rm3ej0jaEZ6R3oVAvbCqISNb+31FDc
UPxMnbSzSfQzYkHZVl5H3kKHhaPdcIIDwb/G0qLuK/qZ0XbXv0wKRmhzgbsC/B01
6eyFiYl+SJitkBgwWyS5n5QOOn9WF5O4ZlEtptbG6PUpwP8nENm8Mqb03r0Ww+J4
6nPSrK/umVxcoKmBOUu1dBrFqSlMjiJWsNmniGSGyv6YqZmwmNJWYhLlp8GLfSW7
LkJV3uZRo7IOT4h7aHRtMaQs3CF3SWCJde85moUWOk7u/xgBMGU2aiLf/ly1kjkz
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:54 2023 by rpki-client on console.sobornost.net