Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KMYM-qIV0zyrchTwYXG9ZEWq968.roa
File: KMYM-qIV0zyrchTwYXG9ZEWq968.roa (raw, json)
Hash identifier: bsWYeFS9pGdXcap1JnWv0211h3eCMjfwj+b20kJ+5zI=
Subject key identifier: 28:C6:0C:FA:A2:15:D3:3C:AB:72:14:F0:61:71:BD:64:45:AA:F7:AF
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 018B6C4AFE952CAC3D494C718F97357E8CCF
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KMYM-qIV0zyrchTwYXG9ZEWq968.roa
Signing time: Thu 26 Oct 2023 14:02:16 +0000
ROA not before: Thu 26 Oct 2023 14:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25106
IP address blocks: 176.60.4.0/22 maxlen: 22
176.60.0.0/18 maxlen: 24
176.60.44.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
46.56.56.0/22 maxlen: 24
46.56.60.0/24 maxlen: 24
46.56.60.0/23 maxlen: 23
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.40.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
134.17.208.0/22 maxlen: 24
134.17.208.0/20 maxlen: 24
46.216.152.0/21 maxlen: 21
134.17.224.0/20 maxlen: 24
46.216.246.0/24 maxlen: 24
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
178.168.168.0/21 maxlen: 24
185.20.114.0/23 maxlen: 23
134.17.24.0/22 maxlen: 22
134.17.24.0/21 maxlen: 21
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
134.17.64.0/20 maxlen: 20
176.60.176.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
176.60.184.0/22 maxlen: 22
176.60.192.0/20 maxlen: 20
178.168.144.0/23 maxlen: 23
176.60.192.0/18 maxlen: 24
134.17.0.0/20 maxlen: 24
176.60.208.0/23 maxlen: 23
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
46.216.0.0/17 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
178.168.242.0/23 maxlen: 23
134.17.96.0/19 maxlen: 19
178.168.253.0/24 maxlen: 24
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0:4000::/36 maxlen: 36
2a02:bf0:5000::/36 maxlen: 36
2a02:bf0:6000::/36 maxlen: 36
2a02:bf0:7000::/36 maxlen: 36
2a02:bf0:3000::/36 maxlen: 36
2a02:bf0::/32 maxlen: 32
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:25::/48 maxlen: 48
2a02:bf0::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:4a:fe:95:2c:ac:3d:49:4c:71:8f:97:35:7e:8c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Oct 26 14:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c60cfaa215d33cab7214f06171bd6445aaf7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4a:2c:83:38:f0:28:03:8a:e1:34:c9:21:74:
ea:c7:d9:67:66:e2:ed:25:de:7d:a7:3f:7e:d2:72:
3e:c1:19:c5:83:14:82:58:f3:92:eb:d1:6d:5a:c9:
7a:e8:3e:4a:a6:f4:1e:5a:aa:b7:49:6c:3e:30:38:
06:af:f7:bc:84:48:a3:22:82:b0:3f:c7:86:36:28:
c3:7d:82:b4:0e:4c:f2:72:32:65:80:b5:cc:7c:11:
84:61:c2:16:4a:99:74:17:3c:2b:a8:a6:67:5f:bb:
2a:df:8d:77:bf:3a:4f:68:86:86:02:c4:e8:30:9e:
08:8c:b7:6b:fc:c0:ea:f2:d8:ed:d7:05:7b:30:e4:
8e:40:fa:b7:f1:96:96:09:d6:67:86:c3:40:aa:d4:
1b:ae:be:48:de:1a:8e:b0:50:d5:9b:d9:9a:b2:ea:
8c:c2:a6:74:a3:7a:69:2b:c5:4e:a5:bc:3a:b9:ef:
f7:2b:93:93:12:40:5a:01:86:65:be:d3:f9:b5:1d:
0f:9a:d1:b1:9f:d1:84:8f:e5:49:35:39:1b:49:a7:
8f:08:48:2e:ec:cf:a1:36:8c:99:43:fd:45:81:92:
d7:db:f9:53:5b:28:eb:a0:c6:12:7c:ab:50:33:5f:
9d:d9:0c:5c:e0:d3:83:2e:18:1b:f2:3a:a3:77:ec:
84:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C6:0C:FA:A2:15:D3:3C:AB:72:14:F0:61:71:BD:64:45:AA:F7:AF
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KMYM-qIV0zyrchTwYXG9ZEWq968.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:6f:84:33:05:e5:61:34:83:05:99:0d:6e:23:71:33:b0:64:
26:df:23:a8:b4:fa:8e:b1:76:12:dd:88:1b:24:f1:31:1b:d8:
a4:45:25:13:2d:e3:fa:f4:f9:5f:39:19:bd:2a:97:61:59:92:
d7:8c:75:cb:19:50:ac:a0:48:ca:f8:41:87:c9:49:ce:ec:09:
87:cc:31:ab:c8:61:ab:d0:aa:b3:68:05:da:2f:39:15:a0:4d:
2f:8a:c2:2a:85:30:3e:08:f3:d9:4a:82:b6:f2:f1:b5:d9:45:
41:87:ab:60:7b:30:8d:5a:67:8f:04:a9:1f:be:eb:f1:4b:c5:
5f:eb:f4:8d:4f:ef:cd:9f:8c:4f:1b:ed:25:56:cc:fb:22:00:
2e:a6:d2:cd:43:f8:b0:b1:e6:40:e1:70:7c:2d:bb:a1:8f:ed:
02:24:f2:e6:7d:09:40:f7:4a:a8:bf:6b:15:7f:5d:ef:0d:50:
f2:a6:58:90:75:e4:7d:df:d8:a7:f8:24:a2:80:de:b0:05:e3:
cc:e3:86:cd:72:fa:c5:20:7c:29:67:c7:d1:db:6c:ae:8b:91:
3b:f2:2c:dd:d6:70:ea:f9:c3:20:3e:0c:8a:7b:36:dd:dd:97:
16:53:c2:71:8a:62:9a:bf:61:c4:d9:44:f4:b7:9c:79:71:1c:
9a:a3:14:00
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYtsSv6VLKw9SUxxj5c1fozPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjMxMDI2MTQwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM2MGNmYWEyMTVkMzNjYWI3MjE0ZjA2MTcxYmQ2NDQ1YWFmN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykosgzjwKAOK4TTJIXTqx9lnZuLt
Jd59pz9+0nI+wRnFgxSCWPOS69FtWsl66D5KpvQeWqq3SWw+MDgGr/e8hEijIoKw
P8eGNijDfYK0DkzycjJlgLXMfBGEYcIWSpl0FzwrqKZnX7sq3413vzpPaIaGAsTo
MJ4IjLdr/MDq8tjt1wV7MOSOQPq38ZaWCdZnhsNAqtQbrr5I3hqOsFDVm9masuqM
wqZ0o3ppK8VOpbw6ue/3K5OTEkBaAYZlvtP5tR0PmtGxn9GEj+VJNTkbSaePCEgu
7M+hNoyZQ/1FgZLX2/lTWyjroMYSfKtQM1+d2Qxc4NODLhgb8jqjd+yEvQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCjGDPqiFdM8q3IU8GFxvWRFqvevMB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvS01ZTS1xSVYwenlyY2hUd1lYRzlaRVdxOTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQAK
b4QzBeVhNIMFmQ1uI3EzsGQm3yOotPqOsXYS3YgbJPExG9ikRSUTLeP69PlfORm9
KpdhWZLXjHXLGVCsoEjK+EGHyUnO7AmHzDGryGGr0KqzaAXaLzkVoE0visIqhTA+
CPPZSoK28vG12UVBh6tgezCNWmePBKkfvuvxS8Vf6/SNT+/Nn4xPG+0lVsz7IgAu
ptLNQ/iwseZA4XB8Lbuhj+0CJPLmfQlA90qov2sVf13vDVDypliQdeR939in+CSi
gN6wBePM44bNcvrFIHwpZ8fR22yui5E78izd1nDq+cMgPgyKezbd3ZcWU8JximKa
v2HE2UT0t5x5cRyaoxQA
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net