Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5531a6-964a-419e-95ff-a60f13198d5d/1/X4HXGWhz4QOZCJ0SbCgV3twYbJ0.roa
File: X4HXGWhz4QOZCJ0SbCgV3twYbJ0.roa (raw, json)
Hash identifier: PNnOe3y7lU+PhC+L4xjx58ICq05RwJa5cSwWXyYYbrc=
Subject key identifier: 5F:81:D7:19:68:73:E1:03:99:08:9D:12:6C:28:15:DE:DC:18:6C:9D
Certificate issuer: /CN=0cd27fea3baa3ef680e8f7a07a5f194ac49892a5
Certificate serial: 018570FBC43CCB0932D3120D918D4869F9C3
Authority key identifier: 0C:D2:7F:EA:3B:AA:3E:F6:80:E8:F7:A0:7A:5F:19:4A:C4:98:92:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNJ_6juqPvaA6Pegel8ZSsSYkqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5531a6-964a-419e-95ff-a60f13198d5d/1/X4HXGWhz4QOZCJ0SbCgV3twYbJ0.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25491
IP address blocks: 185.104.244.0/24 maxlen: 24
185.104.245.0/24 maxlen: 24
185.104.246.0/24 maxlen: 24
185.104.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c4:3c:cb:09:32:d3:12:0d:91:8d:48:69:f9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd27fea3baa3ef680e8f7a07a5f194ac49892a5
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f81d7196873e10399089d126c2815dedc186c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:79:9f:e9:4e:63:7b:cd:25:08:88:28:0a:bc:
02:6f:a0:f2:e6:ba:3e:51:5d:29:02:13:3b:bf:a7:
c5:a0:f1:19:c4:92:61:51:05:f6:25:95:41:e0:45:
ea:3e:aa:4e:e0:9c:92:23:50:6d:48:86:65:d4:93:
cc:5f:46:1a:d3:97:e8:ca:b6:4e:f6:42:96:67:cd:
23:bc:5f:00:a2:df:d8:da:fd:cc:b0:2e:ae:88:b9:
20:16:48:c1:5c:41:f5:bc:b7:a9:6d:dc:4c:e5:6c:
fd:c3:41:c7:9b:27:71:6f:04:9f:60:38:b0:f0:2c:
1d:da:2e:46:7e:24:71:85:19:bd:a8:08:1b:a6:e5:
68:6d:56:4f:a4:b2:31:a7:12:ad:aa:f1:16:51:df:
af:29:b8:2a:ab:ab:93:64:8d:c4:ea:5b:f0:7d:62:
45:0e:09:89:bd:52:19:3b:90:46:4f:76:8b:d2:74:
1f:4a:d8:ef:d4:35:29:04:9a:5e:8b:fb:a2:a3:bf:
e0:8a:7a:57:ec:6f:42:4b:ae:5d:a5:b0:98:d4:32:
8c:f3:14:63:72:8e:5f:6a:b1:31:ef:f7:64:0c:f5:
62:48:0e:0a:8d:e3:b8:96:dc:62:5f:52:b5:7b:7d:
f7:69:0a:1f:2b:76:41:aa:fc:c5:e2:81:01:bb:d4:
e1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:81:D7:19:68:73:E1:03:99:08:9D:12:6C:28:15:DE:DC:18:6C:9D
X509v3 Authority Key Identifier:
keyid:0C:D2:7F:EA:3B:AA:3E:F6:80:E8:F7:A0:7A:5F:19:4A:C4:98:92:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNJ_6juqPvaA6Pegel8ZSsSYkqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5531a6-964a-419e-95ff-a60f13198d5d/1/X4HXGWhz4QOZCJ0SbCgV3twYbJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5531a6-964a-419e-95ff-a60f13198d5d/1/DNJ_6juqPvaA6Pegel8ZSsSYkqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.244.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:ef:54:b6:66:cc:d3:0f:d9:c9:5f:aa:46:35:06:34:ae:70:
a6:96:c5:1e:85:25:34:4c:2b:42:7d:42:d2:14:55:b5:1e:b3:
15:9b:72:3d:67:8d:29:5c:32:4d:90:ca:a8:9f:40:c3:48:49:
3d:48:01:1f:12:65:1e:25:48:8f:ce:fa:65:98:47:14:eb:08:
2e:31:95:76:64:7d:3e:f0:00:74:dc:33:d0:cd:78:bf:bd:23:
68:c2:74:f8:b6:83:c1:b6:97:28:b6:b1:59:0d:09:75:8c:28:
03:10:f5:ac:db:37:ed:c2:c1:ce:ed:d0:ff:b7:fb:ce:bb:d0:
31:09:fa:c1:f5:21:e9:b9:d8:07:e4:13:13:69:21:f5:70:75:
8d:d4:13:b4:99:cf:f2:9c:d7:05:fd:c4:b1:ef:14:02:8c:ff:
78:5c:9f:9d:99:84:69:74:f1:83:55:19:85:fb:c0:87:50:7b:
78:09:59:62:7f:0d:7b:78:e8:f4:4f:a1:65:63:27:24:0c:fc:
d4:50:1c:9c:51:01:de:3a:38:d6:28:fe:68:c1:95:4f:3d:13:
a1:5d:85:6d:7d:31:12:d1:ee:e8:5a:15:2e:15:02:67:31:3b:
53:54:fb:cf:80:f6:1d:1a:65:93:52:97:dd:b5:8a:55:31:c8:
7a:31:7e:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+8Q8ywky0xINkY1IafnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDI3ZmVhM2JhYTNlZjY4MGU4ZjdhMDdhNWYxOTRhYzQ5
ODkyYTUwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjgxZDcxOTY4NzNlMTAzOTkwODlkMTI2YzI4MTVkZWRjMTg2YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXmf6U5je80lCIgoCrwCb6Dy5ro+
UV0pAhM7v6fFoPEZxJJhUQX2JZVB4EXqPqpO4JySI1BtSIZl1JPMX0Ya05foyrZO
9kKWZ80jvF8Aot/Y2v3MsC6uiLkgFkjBXEH1vLepbdxM5Wz9w0HHmydxbwSfYDiw
8Cwd2i5GfiRxhRm9qAgbpuVobVZPpLIxpxKtqvEWUd+vKbgqq6uTZI3E6lvwfWJF
DgmJvVIZO5BGT3aL0nQfStjv1DUpBJpei/uio7/ginpX7G9CS65dpbCY1DKM8xRj
co5farEx7/dkDPViSA4KjeO4ltxiX1K1e333aQofK3ZBqvzF4oEBu9ThvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+B1xloc+EDmQidEmwoFd7cGGydMB8GA1UdIwQY
MBaAFAzSf+o7qj72gOj3oHpfGUrEmJKlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5KXzZqdXFQdmFBNlBlZ2VsOFpTc1NZa3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81NTMxYTYtOTY0YS00MTllLTk1ZmYt
YTYwZjEzMTk4ZDVkLzEvWDRIWEdXaHo0UU9aQ0owU2JDZ1YzdHdZYkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81NTMxYTYtOTY0YS00MTllLTk1ZmYtYTYwZjEzMTk4ZDVk
LzEvRE5KXzZqdXFQdmFBNlBlZ2VsOFpTc1NZa3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWj0MA0G
CSqGSIb3DQEBCwUAA4IBAQDE71S2ZszTD9nJX6pGNQY0rnCmlsUehSU0TCtCfULS
FFW1HrMVm3I9Z40pXDJNkMqon0DDSEk9SAEfEmUeJUiPzvplmEcU6wguMZV2ZH0+
8AB03DPQzXi/vSNownT4toPBtpcotrFZDQl1jCgDEPWs2zftwsHO7dD/t/vOu9Ax
CfrB9SHpudgH5BMTaSH1cHWN1BO0mc/ynNcF/cSx7xQCjP94XJ+dmYRpdPGDVRmF
+8CHUHt4CVlifw17eOj0T6FlYyckDPzUUBycUQHeOjjWKP5owZVPPROhXYVtfTES
0e7oWhUuFQJnMTtTVPvPgPYdGmWTUpfdtYpVMch6MX6O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:37 2024 by rpki-client on console-ams.rpki-client.org