Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/nNd6Ts32I59HclLaEfRvBPbEUtM.roa
File: nNd6Ts32I59HclLaEfRvBPbEUtM.roa (raw, json)
Hash identifier: W9eiRSU3rpLDiOfeGSlAdmjFWtdMYigHek322XouovM=
Subject key identifier: 9C:D7:7A:4E:CD:F6:23:9F:47:72:52:DA:11:F4:6F:04:F6:C4:52:D3
Certificate issuer: /CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Certificate serial: 018571D7D6200E7E720A6B6D4E2ED932BADE
Authority key identifier: C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/nNd6Ts32I59HclLaEfRvBPbEUtM.roa
Signing time: Mon 02 Jan 2023 09:37:28 +0000
ROA not before: Mon 02 Jan 2023 09:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12941
IP address blocks: 185.101.184.0/22 maxlen: 22
213.135.0.0/19 maxlen: 19
185.101.132.0/22 maxlen: 24
2a02:430::/32 maxlen: 32
2a06:1e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d6:20:0e:7e:72:0a:6b:6d:4e:2e:d9:32:ba:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Validity
Not Before: Jan 2 09:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd77a4ecdf6239f477252da11f46f04f6c452d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:39:c1:af:ef:c4:d7:a8:18:ee:fb:12:7d:
6b:dd:5a:09:55:d7:f7:80:69:df:75:66:b6:d9:2f:
35:af:e0:74:f0:25:08:49:43:ac:40:a6:c2:7a:ae:
6e:1f:40:5c:82:03:a7:e7:1a:25:c9:62:ba:2b:7a:
96:ff:26:25:82:4e:29:aa:c2:3a:e0:6d:dd:d3:5e:
d2:0b:de:dc:27:1e:39:ea:76:5f:0b:2f:4d:7d:ba:
dc:b7:bb:b5:82:25:e9:4b:f3:20:43:1e:04:8d:b5:
95:98:bd:a2:33:66:57:8c:51:81:f2:50:f2:a0:a7:
0f:91:a9:38:b1:bd:91:01:16:fb:ac:ad:6c:b9:12:
6b:67:8d:c8:22:09:e3:20:45:65:eb:40:19:dc:19:
2b:94:80:aa:28:83:dc:14:f2:2e:8c:a8:bd:33:fd:
6a:2e:44:19:c9:83:26:81:9d:c2:0f:60:ad:03:72:
85:24:bc:59:77:d6:79:54:20:ba:39:0f:f7:3c:f2:
09:cc:fb:51:5a:a6:7c:a0:74:de:9b:c4:9d:fb:c5:
4f:ae:5d:c2:c6:1d:dc:84:03:d5:ec:a4:a3:71:54:
5c:29:8a:79:58:58:d6:a0:eb:99:d1:0f:06:60:99:
d4:ee:66:15:64:1d:9c:60:51:d6:d1:13:3c:69:78:
13:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D7:7A:4E:CD:F6:23:9F:47:72:52:DA:11:F4:6F:04:F6:C4:52:D3
X509v3 Authority Key Identifier:
keyid:C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/nNd6Ts32I59HclLaEfRvBPbEUtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.132.0/22
185.101.184.0/22
213.135.0.0/19
IPv6:
2a02:430::/32
2a06:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:1c:ca:9d:84:31:94:38:7e:19:c4:9b:12:eb:29:19:19:e8:
e7:a8:0d:71:68:9a:bd:93:bf:bd:d6:21:88:27:eb:f9:3f:42:
9a:db:55:25:9a:53:2e:c5:16:ac:2d:b2:5d:58:78:d9:29:72:
35:64:1a:9e:fe:bb:93:6a:84:4f:96:fe:c0:60:ec:6a:c8:f9:
1a:15:c8:03:bf:4b:16:ae:ff:8b:e3:35:7e:93:d1:7d:24:8b:
b8:de:b3:69:e1:30:e9:6e:59:a9:3b:cc:7a:8e:b9:d8:10:7d:
57:fb:ad:72:dc:43:89:ac:4b:a3:f3:36:60:b0:3e:87:66:98:
26:37:06:9e:22:15:ee:d7:ab:64:ca:79:21:ba:2a:12:7d:a6:
b3:38:75:42:53:87:a7:ef:a2:b6:25:92:6d:81:23:58:db:df:
f1:f8:c1:b6:ad:76:7f:06:1a:c0:b8:e7:5c:d5:86:5d:b9:f3:
5a:74:32:35:e7:d4:62:1c:c0:12:9f:24:cb:d6:ee:38:2e:1f:
d1:87:4b:f0:b8:78:ba:f2:71:2f:f2:e9:68:8c:54:fe:fb:53:
c6:bf:77:80:07:34:a3:e7:3a:15:19:33:69:a0:fe:8b:55:c4:
24:c3:58:5d:5f:ac:96:e0:b8:f4:69:47:23:54:1e:c0:77:7a:
f4:5d:f5:4a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVx19YgDn5yCmttTi7ZMrreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTk2OGVkYjcyYzE1ZjVmOTU2N2ZkMzQyNjdiODc0ODVl
ZjM2ZDEwHhcNMjMwMTAyMDkzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q3N2E0ZWNkZjYyMzlmNDc3MjUyZGExMWY0NmYwNGY2YzQ1MmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt085wa/vxNeoGO77En1r3VoJVdf3
gGnfdWa22S81r+B08CUISUOsQKbCeq5uH0BcggOn5xolyWK6K3qW/yYlgk4pqsI6
4G3d017SC97cJx456nZfCy9Nfbrct7u1giXpS/MgQx4EjbWVmL2iM2ZXjFGB8lDy
oKcPkak4sb2RARb7rK1suRJrZ43IIgnjIEVl60AZ3BkrlICqKIPcFPIujKi9M/1q
LkQZyYMmgZ3CD2CtA3KFJLxZd9Z5VCC6OQ/3PPIJzPtRWqZ8oHTem8Sd+8VPrl3C
xh3chAPV7KSjcVRcKYp5WFjWoOuZ0Q8GYJnU7mYVZB2cYFHW0RM8aXgTKwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJzXek7N9iOfR3JS2hH0bwT2xFLTMB8GA1UdIwQY
MBaAFMWpaO23LBX1+VZ/00JnuHSF7zbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMt
YjJjMGRmYThhMGUxLzEvbk5kNlRzMzJJNTlIY2xMYUVmUnZCUGJFVXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMtYjJjMGRmYThhMGUx
LzEveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuWWEAwQC
uWW4AwQF1YcAMBQEAgACMA4DBQAqAgQwAwUDKgYeQDANBgkqhkiG9w0BAQsFAAOC
AQEAohzKnYQxlDh+GcSbEuspGRno56gNcWiavZO/vdYhiCfr+T9CmttVJZpTLsUW
rC2yXVh42SlyNWQanv67k2qET5b+wGDsasj5GhXIA79LFq7/i+M1fpPRfSSLuN6z
aeEw6W5ZqTvMeo652BB9V/utctxDiaxLo/M2YLA+h2aYJjcGniIV7terZMp5Iboq
En2mszh1QlOHp++itiWSbYEjWNvf8fjBtq12fwYawLjnXNWGXbnzWnQyNefUYhzA
Ep8ky9buOC4f0YdL8Lh4uvJxL/LpaIxU/vtTxr93gAc0o+c6FRkzaaD+i1XEJMNY
XV+sluC49GlHI1QewHd69F31Sg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:51 2024 by rpki-client on console.sobornost.net