Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/kdNwFjfSWniqRKQ8J44Rg_yukiY.roa
File: kdNwFjfSWniqRKQ8J44Rg_yukiY.roa (raw, json)
Hash identifier: RhTY4AkWl9RE2qa6A9h1Ew+FpHVIzfYufHxHd2yYdWg=
Subject key identifier: 91:D3:70:16:37:D2:5A:78:AA:44:A4:3C:27:8E:11:83:FC:AE:92:26
Certificate issuer: /CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Certificate serial: 018CC3B710501ED404AE3F6318191132A79F
Authority key identifier: 50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/kdNwFjfSWniqRKQ8J44Rg_yukiY.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51618
IP address blocks: 185.132.214.0/24 maxlen: 24
185.132.214.0/23 maxlen: 23
185.132.215.0/24 maxlen: 24
185.132.212.0/22 maxlen: 22
185.132.212.0/23 maxlen: 23
185.132.212.0/24 maxlen: 24
185.132.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:10:50:1e:d4:04:ae:3f:63:18:19:11:32:a7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91d3701637d25a78aa44a43c278e1183fcae9226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a2:68:ac:cb:92:06:f3:83:24:7d:d0:88:ce:
f3:40:16:1e:15:b7:75:ec:50:2b:90:b2:03:97:31:
01:bc:1b:09:20:8c:e2:04:06:74:4f:f1:45:4a:d6:
6f:89:0f:f4:bf:ad:30:14:e3:b0:a2:9a:4b:74:8f:
41:2e:9c:dd:52:04:45:9a:65:06:f4:81:bd:a0:94:
1e:fe:ec:b1:7e:56:88:42:27:34:21:77:59:a3:a8:
02:41:07:da:e0:e1:e9:ff:4c:48:b1:64:27:f5:da:
f9:86:4a:54:c3:3e:06:a6:a3:24:02:c9:1e:5b:05:
2a:08:e6:82:8f:a8:17:d5:b4:5e:34:fa:bd:26:0f:
c7:74:26:0f:5c:8d:08:c7:f3:c6:5e:ec:72:fd:59:
0a:88:0e:3b:ce:02:4f:49:28:00:0c:1f:fa:fa:51:
0c:63:78:d6:9f:44:60:d7:28:d6:42:c5:6c:b8:3c:
f7:d7:82:0c:46:f6:98:2b:1e:3d:29:3f:d8:95:51:
f0:e4:fc:67:b8:22:21:bc:0e:17:b1:c8:78:d4:f5:
a0:c6:76:71:dd:17:63:04:32:d4:a2:29:da:2d:a9:
b4:de:78:d7:10:ff:02:aa:af:e0:9a:70:96:a0:a0:
b8:41:6e:16:23:f3:d8:12:ba:4e:d5:67:b9:55:08:
46:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D3:70:16:37:D2:5A:78:AA:44:A4:3C:27:8E:11:83:FC:AE:92:26
X509v3 Authority Key Identifier:
keyid:50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/kdNwFjfSWniqRKQ8J44Rg_yukiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/UMAG1kAe9C-lDiQJVQCy_a-tW6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:71:df:a7:e2:8d:1d:e8:af:e1:93:b4:e9:a6:6b:2d:72:eb:
ce:7e:6e:30:43:09:bd:dc:d3:06:0c:2f:20:e4:5c:9b:97:00:
54:e6:46:7f:62:3b:4c:61:da:00:62:65:f4:43:2a:47:c6:41:
be:fb:a2:4c:97:fc:7a:70:a0:9a:ce:aa:0b:6c:bd:cc:c6:d2:
b9:7a:c3:99:a7:aa:d6:7b:7f:3b:b9:62:30:8a:48:98:6a:a5:
c7:9a:4d:6f:03:2f:db:fc:a7:52:35:26:c5:da:9b:09:40:d4:
3c:92:88:c8:2b:d9:82:3b:68:96:f4:67:d7:29:89:34:9c:df:
da:6b:dd:62:3e:3e:24:ae:bf:45:be:b8:df:29:50:6e:93:5c:
90:1f:7d:0f:3b:89:d2:7d:a7:70:c9:73:29:26:95:8a:ae:15:
ee:d2:cc:1f:43:b0:25:93:e5:05:2a:bf:d1:5c:0c:c4:01:0c:
d6:22:4a:27:49:e5:5d:28:fb:38:4b:13:2e:b3:8a:32:a0:00:
21:f1:b0:03:e5:40:3b:bb:90:5f:a5:99:72:37:fc:c4:40:7e:
c5:5e:55:5e:76:d0:aa:41:f2:91:84:dc:79:57:39:f7:2f:30:
d4:4c:77:9b:ea:d8:c6:36:0e:fb:b5:b1:c1:1c:e3:cc:9b:a5:
16:16:54:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtxBQHtQErj9jGBkRMqefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzAwNmQ2NDAxZWY0MmZhNTBlMjQwOTU1MDBiMmZkYWZh
ZDViYWEwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQzNzAxNjM3ZDI1YTc4YWE0NGE0M2MyNzhlMTE4M2ZjYWU5MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqJorMuSBvODJH3QiM7zQBYeFbd1
7FArkLIDlzEBvBsJIIziBAZ0T/FFStZviQ/0v60wFOOwoppLdI9BLpzdUgRFmmUG
9IG9oJQe/uyxflaIQic0IXdZo6gCQQfa4OHp/0xIsWQn9dr5hkpUwz4GpqMkAske
WwUqCOaCj6gX1bReNPq9Jg/HdCYPXI0Ix/PGXuxy/VkKiA47zgJPSSgADB/6+lEM
Y3jWn0Rg1yjWQsVsuDz314IMRvaYKx49KT/YlVHw5PxnuCIhvA4Xsch41PWgxnZx
3RdjBDLUoinaLam03njXEP8Cqq/gmnCWoKC4QW4WI/PYErpO1We5VQhGOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHTcBY30lp4qkSkPCeOEYP8rpImMB8GA1UdIwQY
MBaAFFDABtZAHvQvpQ4kCVUAsv2vrVuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1BRzFrQWU5Qy1sRGlRSlZRQ3lfYS10VzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kZmFiMzYtNjU3Zi00ZTAyLTgzNjEt
YzJkY2RjODVlNTg0LzEva2ROd0ZqZlNXbmlxUktROEo0NFJnX3l1a2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kZmFiMzYtNjU3Zi00ZTAyLTgzNjEtYzJkY2RjODVlNTg0
LzEvVU1BRzFrQWU5Qy1sRGlRSlZRQ3lfYS10VzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYTUMA0G
CSqGSIb3DQEBCwUAA4IBAQBLcd+n4o0d6K/hk7TppmstcuvOfm4wQwm93NMGDC8g
5FyblwBU5kZ/YjtMYdoAYmX0QypHxkG++6JMl/x6cKCazqoLbL3MxtK5esOZp6rW
e387uWIwikiYaqXHmk1vAy/b/KdSNSbF2psJQNQ8kojIK9mCO2iW9GfXKYk0nN/a
a91iPj4krr9FvrjfKVBuk1yQH30PO4nSfadwyXMpJpWKrhXu0swfQ7Alk+UFKr/R
XAzEAQzWIkonSeVdKPs4SxMus4oyoAAh8bAD5UA7u5BfpZlyN/zEQH7FXlVedtCq
QfKRhNx5Vzn3LzDUTHeb6tjGNg77tbHBHOPMm6UWFlSJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:10 2025 by rpki-client