Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XFHunZr3GBtzh5sv3CAHSlhO9xU.roa
File: XFHunZr3GBtzh5sv3CAHSlhO9xU.roa (raw, json)
Hash identifier: C0cwcHMwiDN1Wtyqhf3e9ZqRZZvvH3WrDDZQCRnH0RQ=
Subject key identifier: 5C:51:EE:9D:9A:F7:18:1B:73:87:9B:2F:DC:20:07:4A:58:4E:F7:15
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220188DB858EA41B3686142B7F7912E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XFHunZr3GBtzh5sv3CAHSlhO9xU.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 185.210.233.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
194.76.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 09:25:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:8d:b8:58:ea:41:b3:68:61:42:b7:f7:91:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c51ee9d9af7181b73879b2fdc20074a584ef715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9d:57:1a:37:13:b1:1a:f3:ad:0e:fd:10:22:
83:64:5d:88:2d:65:cc:a9:b6:4b:d4:78:b9:98:04:
2f:68:05:5c:5b:91:b6:b5:b3:08:0d:6e:b7:bb:18:
6a:67:9d:e2:0c:17:68:02:9a:4b:44:8a:73:46:f9:
47:06:25:e0:d9:04:58:bd:42:58:43:03:4b:4f:e8:
35:68:3c:35:6e:ef:dd:bb:2f:4f:c5:80:f1:2b:1b:
1b:79:65:6f:ec:80:d4:a8:e9:45:06:db:99:36:ca:
8e:0d:ac:49:df:c3:0a:b2:4f:b3:f6:53:43:c3:e5:
39:9e:29:34:26:49:4a:4e:e0:0d:5f:eb:6f:f7:42:
20:d4:10:c6:b0:6c:d8:1b:96:1e:c8:02:56:bf:00:
ad:89:29:cf:3d:d7:0e:fd:77:21:aa:ad:29:3c:57:
78:98:09:b7:57:ea:82:6b:ac:bd:1c:95:90:df:26:
0c:27:8b:52:93:1e:71:4e:4e:01:ae:54:69:ab:1d:
8b:9a:84:25:61:ec:9a:75:33:ca:0c:73:cf:cd:05:
8d:b7:c5:c0:a2:fe:3e:d7:77:15:85:57:7b:82:87:
ad:d6:af:01:fb:da:c6:18:2a:41:05:08:a5:15:46:
71:a4:36:55:a8:7d:c8:c3:7a:a3:43:73:78:91:bd:
d9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:51:EE:9D:9A:F7:18:1B:73:87:9B:2F:DC:20:07:4A:58:4E:F7:15
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XFHunZr3GBtzh5sv3CAHSlhO9xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.233.0/24
185.223.80.0/24
194.76.173.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:91:b1:51:41:e2:46:54:74:05:ea:94:64:2b:b9:92:15:51:
90:47:31:1c:db:d8:0d:ab:bd:0c:c5:3a:c4:2e:b3:3a:bd:94:
94:6e:06:5c:1b:74:62:01:46:15:e1:3b:e1:b1:1c:bc:34:a9:
5c:c2:dd:31:50:98:ba:6f:94:fd:78:ca:93:4a:f3:c0:ce:56:
4f:25:07:9d:10:a2:6e:f7:04:ea:64:43:66:9d:b9:c3:b0:5e:
7a:4f:3d:6b:c8:70:63:87:51:df:c4:15:e8:82:91:a0:c2:78:
d9:da:c4:42:26:18:c8:b2:ba:29:5a:d4:38:5a:75:3b:80:b9:
41:5c:f0:0a:e1:9c:6c:d7:4b:26:17:7a:d6:56:85:da:1f:36:
31:7f:af:90:0f:0a:30:b4:f2:cf:82:33:68:0c:f4:fe:75:62:
35:b7:f6:f0:bd:62:34:3f:2d:00:27:ec:73:36:dd:29:9a:49:
53:9a:f6:ac:1e:c0:7f:3c:2d:ea:eb:b4:3e:6a:c4:3a:13:b5:
83:58:ed:2c:fb:e2:ec:23:84:9d:d9:1a:a9:ba:5c:8d:1a:2b:
09:76:3e:3d:3a:a7:62:f3:96:cb:7f:5e:d1:ae:4d:b5:0d:19:
c8:e5:4a:c3:17:f0:93:2f:30:4a:67:b2:fa:88:f2:f5:e6:05:
32:33:bc:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiIBiNuFjqQbNoYUK395EuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzUxZWU5ZDlhZjcxODFiNzM4NzliMmZkYzIwMDc0YTU4NGVmNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA351XGjcTsRrzrQ79ECKDZF2ILWXM
qbZL1Hi5mAQvaAVcW5G2tbMIDW63uxhqZ53iDBdoAppLRIpzRvlHBiXg2QRYvUJY
QwNLT+g1aDw1bu/duy9PxYDxKxsbeWVv7IDUqOlFBtuZNsqODaxJ38MKsk+z9lND
w+U5nik0JklKTuANX+tv90Ig1BDGsGzYG5YeyAJWvwCtiSnPPdcO/Xchqq0pPFd4
mAm3V+qCa6y9HJWQ3yYMJ4tSkx5xTk4BrlRpqx2LmoQlYeyadTPKDHPPzQWNt8XA
ov4+13cVhVd7goet1q8B+9rGGCpBBQilFUZxpDZVqH3Iw3qjQ3N4kb3Z5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFxR7p2a9xgbc4ebL9wgB0pYTvcVMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWEZIdW5acjNHQnR6aDVzdjNDQUhTbGhPOXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAudLpAwQA
ud9QAwQAwkytMA0GCSqGSIb3DQEBCwUAA4IBAQA7kbFRQeJGVHQF6pRkK7mSFVGQ
RzEc29gNq70MxTrELrM6vZSUbgZcG3RiAUYV4TvhsRy8NKlcwt0xUJi6b5T9eMqT
SvPAzlZPJQedEKJu9wTqZENmnbnDsF56Tz1ryHBjh1HfxBXogpGgwnjZ2sRCJhjI
sropWtQ4WnU7gLlBXPAK4Zxs10smF3rWVoXaHzYxf6+QDwowtPLPgjNoDPT+dWI1
t/bwvWI0Py0AJ+xzNt0pmklTmvasHsB/PC3q67Q+asQ6E7WDWO0s++LsI4Sd2Rqp
ulyNGisJdj49Oqdi85bLf17Rrk21DRnI5UrDF/CTLzBKZ7L6iPL15gUyM7yu
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:46 2025 by rpki-client