Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/hkKEs-N6tC5d0QENhIed8683ZRc.roa
File: hkKEs-N6tC5d0QENhIed8683ZRc.roa (raw, json)
Hash identifier: HHqlUGmc+1qQYIOPvFn/w5w8mmpqmxA9ouzUdhXFkVY=
Subject key identifier: 86:42:84:B3:E3:7A:B4:2E:5D:D1:01:0D:84:87:9D:F3:AF:37:65:17
Certificate issuer: /CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Certificate serial: 01881EE0CF35356CBAD3015762E74F883AF3
Authority key identifier: 50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/hkKEs-N6tC5d0QENhIed8683ZRc.roa
Signing time: Mon 15 May 2023 10:07:09 +0000
ROA not before: Mon 15 May 2023 10:07:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12813
IP address blocks: 212.11.224.0/24 maxlen: 24
212.11.224.0/19 maxlen: 19
212.11.226.0/24 maxlen: 24
212.11.225.0/24 maxlen: 24
212.11.227.0/24 maxlen: 24
212.11.240.0/24 maxlen: 24
212.11.245.0/24 maxlen: 24
212.11.242.0/24 maxlen: 24
212.11.244.0/24 maxlen: 24
212.11.241.0/24 maxlen: 24
2a00:1278::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:e0:cf:35:35:6c:ba:d3:01:57:62:e7:4f:88:3a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Validity
Not Before: May 15 10:07:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=864284b3e37ab42e5dd1010d84879df3af376517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:10:50:f4:47:d2:97:c1:c0:68:bc:6b:d8:f7:
3c:75:86:e1:90:ac:ce:58:fc:f7:a1:fb:02:61:e0:
7e:d8:7c:03:07:aa:7f:6d:16:b6:6e:4d:8c:c8:2b:
6e:9c:d5:f8:65:ee:39:3b:59:5c:ca:ff:ee:e3:6c:
9d:28:98:53:d7:f7:1d:77:53:6b:b6:d5:e5:56:39:
63:a6:2e:99:13:52:4f:f6:57:09:46:df:c5:42:10:
26:1a:87:db:58:24:d8:02:4e:29:6e:f4:fd:55:f3:
30:be:0d:ea:00:81:69:cf:dd:01:78:dd:ae:70:a6:
c1:6b:7b:0d:64:0e:1d:dc:80:53:04:18:11:0e:ea:
f3:8d:bc:9e:d3:22:9b:15:8a:f7:1c:bd:25:c2:b4:
9d:ac:98:42:f4:e0:d8:e6:8d:8e:b6:04:4a:5e:8b:
03:f9:dd:39:32:85:6a:c5:23:a1:0f:f7:e8:2a:8a:
1e:bf:dc:f2:b6:09:1b:cb:79:7a:f1:69:55:b1:a1:
34:98:31:42:c5:a7:ca:bd:d3:6e:b8:04:33:60:19:
9c:e4:f1:73:d1:f8:b5:a6:29:d2:91:ab:74:54:d2:
5d:f9:d1:6d:76:a8:bb:42:87:99:2b:3d:5b:50:5b:
97:2e:c8:47:2c:22:06:88:40:2d:cb:8a:16:3d:b2:
aa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:42:84:B3:E3:7A:B4:2E:5D:D1:01:0D:84:87:9D:F3:AF:37:65:17
X509v3 Authority Key Identifier:
keyid:50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/hkKEs-N6tC5d0QENhIed8683ZRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.224.0/19
IPv6:
2a00:1278::/32
Signature Algorithm: sha256WithRSAEncryption
13:39:56:df:30:66:8d:8b:d7:bb:51:2b:33:73:e7:88:2a:0f:
05:28:d8:33:c4:8a:ff:49:f7:c0:58:5a:42:f0:e6:c9:39:a4:
d3:f7:9b:55:0b:0d:86:c7:51:58:ff:99:0a:10:47:0f:95:37:
d6:bf:69:b6:15:11:8c:1e:4a:71:89:17:58:7c:0d:07:2f:cc:
b9:4b:9f:bf:c1:fd:c3:51:a6:c2:cb:e8:90:64:67:58:f8:39:
72:39:27:38:9b:dc:67:e5:b1:a0:cf:45:1c:b2:c8:af:71:d4:
6b:a0:c1:ac:e4:4e:db:36:2f:96:ec:5a:7d:cb:aa:63:e6:b7:
43:66:61:05:0b:d0:bc:4a:a5:ed:0c:3f:60:42:93:f8:ae:75:
aa:60:a8:19:29:b7:fe:63:9e:6b:17:ad:66:51:9d:bf:f6:be:
21:f2:fe:10:35:da:fb:f6:18:ff:bd:2e:8a:71:53:3e:0b:ab:
98:84:96:7c:41:b8:02:ec:c0:60:1d:ea:c2:4b:02:b6:0d:a9:
3c:41:a5:c7:d3:81:b1:68:5e:46:41:77:f4:57:65:9f:e9:33:
90:10:f5:b8:f2:4b:d3:3b:c7:10:48:c4:e6:9c:6b:48:a0:94:
43:ce:8e:76:a8:fa:9e:94:77:c8:9f:9f:38:26:44:21:56:aa:
16:b7:5c:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYge4M81NWy60wFXYudPiDrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjY0YzNmMDk4MzFjY2Q4ODk3MTJmNGZhYjVjNWIxYmUw
Y2FkNTYwHhcNMjMwNTE1MTAwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQyODRiM2UzN2FiNDJlNWRkMTAxMGQ4NDg3OWRmM2FmMzc2NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxBQ9EfSl8HAaLxr2Pc8dYbhkKzO
WPz3ofsCYeB+2HwDB6p/bRa2bk2MyCtunNX4Ze45O1lcyv/u42ydKJhT1/cdd1Nr
ttXlVjljpi6ZE1JP9lcJRt/FQhAmGofbWCTYAk4pbvT9VfMwvg3qAIFpz90BeN2u
cKbBa3sNZA4d3IBTBBgRDurzjbye0yKbFYr3HL0lwrSdrJhC9ODY5o2OtgRKXosD
+d05MoVqxSOhD/foKooev9zytgkby3l68WlVsaE0mDFCxafKvdNuuAQzYBmc5PFz
0fi1pinSkat0VNJd+dFtdqi7QoeZKz1bUFuXLshHLCIGiEAty4oWPbKqKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZChLPjerQuXdEBDYSHnfOvN2UXMB8GA1UdIwQY
MBaAFFAmTD8JgxzNiJcS9Pq1xbG+DK1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTIt
NzE0Zjk2MjZkMDIxLzEvaGtLRXMtTjZ0QzVkMFFFTmhJZWQ4NjgzWlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTItNzE0Zjk2MjZkMDIx
LzEvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AvgMA0E
AgACMAcDBQAqABJ4MA0GCSqGSIb3DQEBCwUAA4IBAQATOVbfMGaNi9e7USszc+eI
Kg8FKNgzxIr/SffAWFpC8ObJOaTT95tVCw2Gx1FY/5kKEEcPlTfWv2m2FRGMHkpx
iRdYfA0HL8y5S5+/wf3DUabCy+iQZGdY+DlyOSc4m9xn5bGgz0UcssivcdRroMGs
5E7bNi+W7Fp9y6pj5rdDZmEFC9C8SqXtDD9gQpP4rnWqYKgZKbf+Y55rF61mUZ2/
9r4h8v4QNdr79hj/vS6KcVM+C6uYhJZ8QbgC7MBgHerCSwK2Dak8QaXH04GxaF5G
QXf0V2Wf6TOQEPW48kvTO8cQSMTmnGtIoJRDzo52qPqelHfIn584JkQhVqoWt1x2
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:54 2023 by rpki-client on console.sobornost.net