Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/Xg9IblLbvT8PMmglv-3MGJjY3OE.roa
File: Xg9IblLbvT8PMmglv-3MGJjY3OE.roa (raw, json)
Hash identifier: jsgs+B1wA2ckd5O9ZZ7Z3KK3UHusXBq7W98Rol1kpcE=
Subject key identifier: 5E:0F:48:6E:52:DB:BD:3F:0F:32:68:25:BF:ED:CC:18:98:D8:DC:E1
Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481
Certificate serial: 01856D8AAC76164B848469C0CE4BCABDA78A
Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/Xg9IblLbvT8PMmglv-3MGJjY3OE.roa
Signing time: Sun 01 Jan 2023 13:34:42 +0000
ROA not before: Sun 01 Jan 2023 13:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205101
IP address blocks: 185.219.132.0/22 maxlen: 22
185.219.132.0/24 maxlen: 24
185.219.135.0/24 maxlen: 24
185.219.134.0/24 maxlen: 24
185.219.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ac:76:16:4b:84:84:69:c0:ce:4b:ca:bd:a7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481
Validity
Not Before: Jan 1 13:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e0f486e52dbbd3f0f326825bfedcc1898d8dce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:99:c9:50:e9:ec:f5:97:12:8f:82:17:46:
0a:ad:e1:95:cc:32:6b:7c:df:31:22:40:0c:95:e1:
5f:45:da:fc:5a:ac:72:03:b1:1a:e3:91:6e:0b:91:
4c:ed:80:ff:36:5e:0b:64:d7:9d:e1:88:fc:f0:06:
80:f2:34:5a:f3:85:9c:ed:bb:fa:5d:04:ac:87:90:
0e:11:40:0f:2a:a1:e6:ab:90:a1:56:b2:48:4b:03:
91:9b:a9:6b:e6:9f:82:ed:25:be:9f:64:6d:58:03:
14:1f:10:d0:87:7d:91:66:36:96:c4:1f:02:c9:20:
57:1e:96:97:ae:af:9f:93:2b:b8:a9:04:fc:28:2f:
73:da:01:df:70:e0:1e:8c:61:a0:39:9b:34:4a:39:
6c:1d:35:68:76:b0:6e:b4:0f:ed:6e:6c:de:bc:0f:
2f:56:e3:9f:0a:a2:1f:08:d7:cf:8d:8a:32:e5:c5:
3b:7c:f5:97:24:56:48:07:14:8e:43:72:e0:46:e2:
a1:d4:45:54:88:dc:62:34:9b:38:e0:cd:60:c8:95:
59:e9:72:61:68:95:bc:01:ac:f4:fd:a8:3d:c8:55:
ca:e0:3b:4f:ee:4a:e8:42:fc:6d:65:b1:63:e4:71:
67:01:1d:36:e0:03:f5:b5:a9:00:b3:66:37:58:dc:
fe:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0F:48:6E:52:DB:BD:3F:0F:32:68:25:BF:ED:CC:18:98:D8:DC:E1
X509v3 Authority Key Identifier:
keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/Xg9IblLbvT8PMmglv-3MGJjY3OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.132.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:16:ad:6a:52:bf:04:8a:10:db:e6:48:52:d0:1c:8e:e8:66:
a9:3b:5a:ed:20:26:ff:30:f7:c0:c9:20:11:ed:0b:2c:4b:d2:
86:21:d7:0d:60:98:86:41:e9:53:86:f0:24:f2:ab:65:c4:12:
64:91:90:9e:81:53:ec:5b:0d:ba:cc:60:4f:83:b8:51:b7:f9:
3a:18:a0:f6:d1:8e:c4:79:b6:5e:d3:e7:e0:0e:cb:58:2e:6d:
61:62:ca:a6:f7:9f:d5:1b:28:84:a0:d9:31:66:f3:7d:fc:aa:
1e:f6:0a:77:48:58:12:63:a7:57:86:36:b4:1f:55:b4:d6:39:
17:4f:87:4f:32:22:6e:bc:63:40:2b:50:51:37:48:f8:c6:d1:
5a:8e:8a:85:b4:f0:49:17:23:06:75:14:5f:ae:a6:e3:f2:cc:
4a:38:5b:83:ee:e3:79:7d:74:8b:2d:6b:ef:e3:06:56:8f:ca:
d3:ef:d9:73:9b:76:80:2a:9d:cf:24:76:02:9b:11:e0:f9:74:
b4:fa:dd:bb:39:41:30:25:23:64:25:cc:81:96:cf:a9:80:8e:
7c:b1:19:eb:87:10:86:3a:57:c5:7b:b4:6f:38:8d:b6:20:e6:
f6:fd:af:22:de:b8:39:29:f9:f6:79:40:58:d3:52:5e:fc:02:
96:c0:45:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiqx2FkuEhGnAzkvKvaeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Nzc4MmJlYTQ2ZmQyNzE3NjhmZjQ2ZDliNDVjMDU3YTlk
ZjU0ODEwHhcNMjMwMTAxMTMzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBmNDg2ZTUyZGJiZDNmMGYzMjY4MjViZmVkY2MxODk4ZDhkY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB+ZyVDp7PWXEo+CF0YKreGVzDJr
fN8xIkAMleFfRdr8WqxyA7Ea45FuC5FM7YD/Nl4LZNed4Yj88AaA8jRa84Wc7bv6
XQSsh5AOEUAPKqHmq5ChVrJISwORm6lr5p+C7SW+n2RtWAMUHxDQh32RZjaWxB8C
ySBXHpaXrq+fkyu4qQT8KC9z2gHfcOAejGGgOZs0SjlsHTVodrButA/tbmzevA8v
VuOfCqIfCNfPjYoy5cU7fPWXJFZIBxSOQ3LgRuKh1EVUiNxiNJs44M1gyJVZ6XJh
aJW8Aaz0/ag9yFXK4DtP7kroQvxtZbFj5HFnAR024AP1takAs2Y3WNz+AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4PSG5S270/DzJoJb/tzBiY2NzhMB8GA1UdIwQY
MBaAFBZ3gr6kb9Jxdo/0bZtFwFep31SBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEt
OWEzNTgzNjI4MjljLzEvWGc5SWJsTGJ2VDhQTW1nbHYtM01HSmpZM09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEtOWEzNTgzNjI4Mjlj
LzEvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuduEMA0G
CSqGSIb3DQEBCwUAA4IBAQANFq1qUr8EihDb5khS0ByO6GapO1rtICb/MPfAySAR
7QssS9KGIdcNYJiGQelThvAk8qtlxBJkkZCegVPsWw26zGBPg7hRt/k6GKD20Y7E
ebZe0+fgDstYLm1hYsqm95/VGyiEoNkxZvN9/Koe9gp3SFgSY6dXhja0H1W01jkX
T4dPMiJuvGNAK1BRN0j4xtFajoqFtPBJFyMGdRRfrqbj8sxKOFuD7uN5fXSLLWvv
4wZWj8rT79lzm3aAKp3PJHYCmxHg+XS0+t27OUEwJSNkJcyBls+pgI58sRnrhxCG
OlfFe7RvOI22IOb2/a8i3rg5Kfn2eUBY01Je/AKWwEXB
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:31 2024 by rpki-client on console-fra.rpki-client.org