Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/Nj0QnWWPbzYKwS3TEWyOqh1JxnY.roa
File: Nj0QnWWPbzYKwS3TEWyOqh1JxnY.roa (raw, json)
Hash identifier: oZkw49NRSGgbi3keP5K2W/UpGLUfBz8ZADOvdul0O9s=
Subject key identifier: 36:3D:10:9D:65:8F:6F:36:0A:C1:2D:D3:11:6C:8E:AA:1D:49:C6:76
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 01872D47BF54916D3A4D772B40DD16959719
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/Nj0QnWWPbzYKwS3TEWyOqh1JxnY.roa
Signing time: Wed 29 Mar 2023 12:11:29 +0000
ROA not before: Wed 29 Mar 2023 12:11:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42845
IP address blocks: 185.135.124.0/22 maxlen: 22
185.40.224.0/22 maxlen: 22
185.232.224.0/22 maxlen: 22
185.185.116.0/22 maxlen: 22
2a00:7200::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:47:bf:54:91:6d:3a:4d:77:2b:40:dd:16:95:97:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Mar 29 12:11:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=363d109d658f6f360ac12dd3116c8eaa1d49c676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:72:bf:1b:71:b5:b8:78:37:55:87:c5:96:
0b:78:76:60:27:f6:78:e3:75:a6:8b:12:27:02:24:
7e:2e:88:58:fb:36:23:64:cc:64:b3:54:2b:4b:2a:
0a:64:28:33:a7:79:80:10:7c:18:8f:be:6b:d4:ee:
de:e8:03:32:89:29:b6:94:7f:ab:78:6b:c0:db:4e:
f9:ef:ec:a9:ad:0b:54:ff:47:65:b9:80:b5:0f:17:
55:7b:66:11:6b:90:ab:6a:4a:5c:d3:22:a2:15:fb:
f4:47:1f:78:ed:bd:f6:42:83:ec:bf:b9:30:3f:79:
3f:fc:ae:f7:c3:d1:ca:42:93:47:45:74:c7:e0:0f:
19:7e:47:c0:5d:f1:bd:e6:c5:1a:2f:74:a5:30:b9:
9e:16:66:98:43:7e:e6:94:1a:dd:33:cc:2a:37:d0:
f7:68:a2:fc:21:17:d5:a5:61:ca:7c:57:d9:da:a6:
ac:2d:fe:98:7a:56:ea:da:f6:ed:08:8a:f8:37:da:
05:75:5a:74:76:dc:71:85:b4:6f:48:30:9b:4d:c3:
69:86:90:6d:93:4e:8a:2b:c7:0a:1b:0c:cf:12:38:
aa:3f:b5:30:3a:32:0e:58:c6:d2:09:6f:9f:2b:22:
ae:03:53:65:99:77:76:1f:47:ba:00:a0:63:4b:2b:
ab:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3D:10:9D:65:8F:6F:36:0A:C1:2D:D3:11:6C:8E:AA:1D:49:C6:76
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/Nj0QnWWPbzYKwS3TEWyOqh1JxnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.224.0/22
185.135.124.0/22
185.185.116.0/22
185.232.224.0/22
IPv6:
2a00:7200::/32
Signature Algorithm: sha256WithRSAEncryption
95:e9:bb:7a:02:e8:c1:18:5f:52:1a:ad:a2:1d:f5:f9:d2:7a:
cb:6c:82:e3:5b:b8:81:bc:2b:f0:c4:78:e5:35:12:26:90:4b:
99:88:fa:c8:23:77:54:b5:61:e3:42:bf:cb:e8:12:4a:87:e1:
b6:e4:e4:e7:46:95:14:e2:ee:51:72:33:5a:d2:67:fd:2c:38:
d5:f1:88:dd:2c:fc:df:8d:64:cc:ab:53:76:f9:22:7d:a9:83:
67:be:f6:83:05:82:76:3b:c8:7c:24:3c:f1:37:3a:2b:29:7a:
47:cd:88:20:1b:cf:93:03:d2:50:91:59:68:a6:60:59:fd:f2:
e7:98:d2:57:71:ca:07:18:66:98:d6:94:ac:a2:6f:56:e2:ed:
35:cf:cf:8b:ea:9e:73:c5:6f:5c:bf:0f:ea:14:cb:45:e7:a6:
7e:7e:96:f4:fd:a3:17:68:64:7e:0a:70:68:39:af:47:ff:0c:
db:50:c1:52:74:42:61:a2:70:e8:02:e4:10:f4:7f:2a:5b:b5:
2e:51:6a:14:ad:f7:9b:10:76:e2:85:a2:48:af:e3:fe:18:53:
6e:c3:69:f0:7b:6f:ce:f6:3d:c2:80:7c:7e:ea:e9:3e:e2:65:
ab:16:0a:35:9a:be:5c:81:42:b6:72:9e:e7:3d:a2:a5:87:9d:
db:9f:25:65
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYctR79UkW06TXcrQN0WlZcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjMwMzI5MTIxMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNkMTA5ZDY1OGY2ZjM2MGFjMTJkZDMxMTZjOGVhYTFkNDljNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZZyvxtxtbh4N1WHxZYLeHZgJ/Z4
43WmixInAiR+LohY+zYjZMxks1QrSyoKZCgzp3mAEHwYj75r1O7e6AMyiSm2lH+r
eGvA20757+yprQtU/0dluYC1DxdVe2YRa5Crakpc0yKiFfv0Rx947b32QoPsv7kw
P3k//K73w9HKQpNHRXTH4A8ZfkfAXfG95sUaL3SlMLmeFmaYQ37mlBrdM8wqN9D3
aKL8IRfVpWHKfFfZ2qasLf6Yelbq2vbtCIr4N9oFdVp0dtxxhbRvSDCbTcNphpBt
k06KK8cKGwzPEjiqP7UwOjIOWMbSCW+fKyKuA1NlmXd2H0e6AKBjSyur5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDY9EJ1lj282CsEt0xFsjqodScZ2MB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvTmowUW5XV1BiellLd1MzVEVXeU9xaDFKeG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSjgAwQC
uYd8AwQCubl0AwQCuejgMA0EAgACMAcDBQAqAHIAMA0GCSqGSIb3DQEBCwUAA4IB
AQCV6bt6AujBGF9SGq2iHfX50nrLbILjW7iBvCvwxHjlNRImkEuZiPrII3dUtWHj
Qr/L6BJKh+G25OTnRpUU4u5RcjNa0mf9LDjV8YjdLPzfjWTMq1N2+SJ9qYNnvvaD
BYJ2O8h8JDzxNzorKXpHzYggG8+TA9JQkVlopmBZ/fLnmNJXccoHGGaY1pSsom9W
4u01z8+L6p5zxW9cvw/qFMtF56Z+fpb0/aMXaGR+CnBoOa9H/wzbUMFSdEJhonDo
AuQQ9H8qW7UuUWoUrfebEHbihaJIr+P+GFNuw2nwe2/O9j3CgHx+6uk+4mWrFgo1
mr5cgUK2cp7nPaKlh53bnyVl
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net