Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/XMy6KT4rcOnb9p_FliHForxcZok.roa
File: XMy6KT4rcOnb9p_FliHForxcZok.roa (raw, json)
Hash identifier: j6GobubZ4RyKU6G8dmiY7AlqQsX+rYU8CzYEXZXu3hU=
Subject key identifier: 5C:CC:BA:29:3E:2B:70:E9:DB:F6:9F:C5:96:21:C5:A2:BC:5C:66:89
Certificate issuer: /CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Certificate serial: 019427B6076366B49A2F3BC71221E2D51B71
Authority key identifier: 4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/XMy6KT4rcOnb9p_FliHForxcZok.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21183
IP address blocks: 185.204.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 20 Jan 2025 14:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:07:63:66:b4:9a:2f:3b:c7:12:21:e2:d5:1b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cccba293e2b70e9dbf69fc59621c5a2bc5c6689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:14:4d:3e:20:90:88:f9:fe:55:1e:40:52:87:
38:00:7b:45:57:71:a4:06:91:ea:eb:fa:57:7c:1a:
da:5f:59:dd:0c:02:0d:9c:8f:92:58:8a:ac:9f:f8:
0c:f3:ff:6a:47:71:7c:e5:91:9c:9b:16:c9:5b:38:
83:82:c5:46:31:6d:de:b3:3d:bc:f3:a2:d1:6a:8c:
ab:a5:55:9a:98:95:90:3e:36:2d:15:d5:0d:85:d4:
92:12:07:47:2f:5b:89:45:b4:6b:3c:19:42:38:d9:
8f:94:03:5d:83:3d:b3:ad:3f:79:cf:81:7d:3a:9a:
2b:54:7f:ae:9f:be:40:ac:6f:1f:bb:54:a6:45:d7:
57:b3:97:95:62:70:d3:1f:bf:ee:0a:43:ea:0e:eb:
ca:74:5f:d4:7e:c2:e6:1f:5c:ac:91:a9:f2:23:c4:
b3:de:ce:7f:12:41:ba:c8:5a:87:75:a2:86:f5:ac:
4c:a4:ff:1e:b0:d3:10:7f:14:25:7e:e4:2a:47:82:
3b:88:75:d8:7b:01:e8:a3:49:1a:3c:c1:80:42:ff:
fd:7e:a3:21:b6:a2:92:30:26:28:22:44:5e:28:4e:
c9:79:08:9e:43:a7:d3:97:a2:e2:d5:12:82:d8:2c:
b1:c1:1a:c0:05:31:b2:92:10:85:cb:e5:df:9d:bc:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CC:BA:29:3E:2B:70:E9:DB:F6:9F:C5:96:21:C5:A2:BC:5C:66:89
X509v3 Authority Key Identifier:
keyid:4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/XMy6KT4rcOnb9p_FliHForxcZok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/T51fuq92qApl4OksAgYeiVsrgRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.32.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:a3:db:82:a8:76:e4:6f:f5:b1:90:a7:a7:f4:2f:96:fc:a5:
4f:31:44:c3:0c:bd:e4:0c:ae:8b:e3:5e:f8:2f:ab:64:f6:13:
bc:11:d9:ec:0e:4c:86:e2:ea:2b:bd:26:34:e0:81:d4:da:a1:
4e:07:09:91:0e:0a:e2:26:3e:95:17:44:ed:bf:d1:9c:f7:ca:
0d:c0:92:6a:d5:88:16:b2:f2:67:4a:96:39:34:38:be:07:5e:
3b:ba:6c:7c:6b:56:e0:7b:7d:42:e8:0a:db:5f:ae:df:1c:f2:
9e:dc:03:52:b5:7d:ce:a6:bb:6b:7d:bf:a2:26:56:4f:1d:9c:
08:32:95:04:08:37:78:2e:16:7a:c7:e5:7d:24:f8:41:27:de:
7b:3f:fe:dd:6b:08:75:2b:9c:a8:b8:fb:01:a5:9c:67:1c:f2:
c1:e0:5b:72:4b:38:54:a6:e5:57:eb:9a:82:72:4b:2b:55:9b:
4e:fd:59:d2:9c:fd:0f:75:27:46:93:bc:7a:d5:88:0b:ea:63:
3b:bf:93:12:67:b7:69:ab:5b:4a:57:f4:83:db:0b:73:03:21:
19:ac:47:47:0a:1d:59:a6:72:99:31:a6:bd:2e:c4:03:e1:e4:
2c:54:98:f6:8f:c3:5a:4e:7f:eb:5d:26:39:8b:1b:04:08:4e:
0b:8b:0b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntgdjZrSaLzvHEiHi1RtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOWQ1ZmJhYWY3NmE4MGE2NWUwZTkyYzAyMDYxZTg5NWIy
YjgxMTcwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NjYmEyOTNlMmI3MGU5ZGJmNjlmYzU5NjIxYzVhMmJjNWM2Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BRNPiCQiPn+VR5AUoc4AHtFV3Gk
BpHq6/pXfBraX1ndDAINnI+SWIqsn/gM8/9qR3F85ZGcmxbJWziDgsVGMW3esz28
86LRaoyrpVWamJWQPjYtFdUNhdSSEgdHL1uJRbRrPBlCONmPlANdgz2zrT95z4F9
OporVH+un75ArG8fu1SmRddXs5eVYnDTH7/uCkPqDuvKdF/UfsLmH1yskanyI8Sz
3s5/EkG6yFqHdaKG9axMpP8esNMQfxQlfuQqR4I7iHXYewHoo0kaPMGAQv/9fqMh
tqKSMCYoIkReKE7JeQieQ6fTl6Li1RKC2CyxwRrABTGykhCFy+XfnbyrrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzMuik+K3Dp2/afxZYhxaK8XGaJMB8GA1UdIwQY
MBaAFE+dX7qvdqgKZeDpLAIGHolbK4EXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTct
NjBmNmZhOTExMGUyLzEvWE15NktUNHJjT25iOXBfRmxpSEZvcnhjWm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNzA5MjgtY2VkZS00YjYyLTg5YTctNjBmNmZhOTExMGUy
LzEvVDUxZnVxOTJxQXBsNE9rc0FnWWVpVnNyZ1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucwgMA0G
CSqGSIb3DQEBCwUAA4IBAQDBo9uCqHbkb/WxkKen9C+W/KVPMUTDDL3kDK6L4174
L6tk9hO8EdnsDkyG4uorvSY04IHU2qFOBwmRDgriJj6VF0Ttv9Gc98oNwJJq1YgW
svJnSpY5NDi+B147umx8a1bge31C6ArbX67fHPKe3ANStX3Oprtrfb+iJlZPHZwI
MpUECDd4LhZ6x+V9JPhBJ957P/7dawh1K5youPsBpZxnHPLB4FtySzhUpuVX65qC
cksrVZtO/VnSnP0PdSdGk7x61YgL6mM7v5MSZ7dpq1tKV/SD2wtzAyEZrEdHCh1Z
pnKZMaa9LsQD4eQsVJj2j8NaTn/rXSY5ixsECE4Liws2
-----END CERTIFICATE-----
Generated at Mon Jan 20 19:38:49 2025 by rpki-client on console.sobornost.net