Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/ndCfyJDTYspkisXp5DEmjkO4NEc.roa
File: ndCfyJDTYspkisXp5DEmjkO4NEc.roa (raw, json)
Hash identifier: 590RTvO/omdDNp6ZLEOXoeKETY6W4e2a8oSrxK5swTg=
Subject key identifier: 9D:D0:9F:C8:90:D3:62:CA:64:8A:C5:E9:E4:31:26:8E:43:B8:34:47
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 018AA879D0A4B9052C8D33604BD76BED124C
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/ndCfyJDTYspkisXp5DEmjkO4NEc.roa
Signing time: Mon 18 Sep 2023 13:27:50 +0000
ROA not before: Mon 18 Sep 2023 13:27:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/30 maxlen: 30
185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
185.220.137.4/30 maxlen: 30
185.220.136.16/29 maxlen: 29
185.220.137.8/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:79:d0:a4:b9:05:2c:8d:33:60:4b:d7:6b:ed:12:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Sep 18 13:27:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd09fc890d362ca648ac5e9e431268e43b83447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9f:bd:26:6a:0b:cb:ee:a9:a2:35:aa:51:7b:
48:fd:68:e4:de:23:6a:7b:b2:9c:c5:8d:7c:d2:44:
3b:17:99:cb:f8:8e:47:32:a6:8e:a5:36:c2:ab:b7:
c4:da:2d:86:64:48:c2:53:90:dc:ab:d8:86:b7:c1:
c1:3a:bd:fa:43:e5:a0:50:47:69:37:80:44:7e:a6:
92:ef:ac:3f:cb:91:fe:43:32:ec:e0:36:2e:4e:dc:
4c:bf:5b:ff:39:6c:3d:a9:af:f3:35:8a:2e:43:17:
cf:97:d4:f5:dc:d3:f6:6d:e8:9f:25:f4:25:56:bf:
a8:15:4d:59:c6:9f:f0:83:5d:aa:ba:af:35:0c:ff:
2e:e3:09:a7:bf:3f:ed:61:aa:09:49:5e:a9:cb:0d:
74:1e:da:56:db:8d:bf:36:f4:cd:5a:d3:7d:01:28:
aa:49:1b:e8:6c:9e:61:09:64:48:88:dc:2a:68:87:
a7:07:9e:db:06:f5:83:8c:91:7c:24:0f:6e:b1:a9:
87:9e:52:a5:47:c2:96:37:09:e7:bb:88:81:36:a1:
72:8d:2a:12:5d:ae:40:f7:23:32:8f:31:ec:f1:2e:
8f:6b:6a:39:d5:39:0d:6e:54:25:63:ef:b3:ed:cf:
7a:6f:ce:03:1e:f8:40:51:fb:ba:40:34:48:1b:b4:
85:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:9F:C8:90:D3:62:CA:64:8A:C5:E9:E4:31:26:8E:43:B8:34:47
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/ndCfyJDTYspkisXp5DEmjkO4NEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:93:a7:84:15:f8:aa:f0:7f:47:81:ca:b1:46:12:04:c6:1e:
a0:dd:34:c9:e8:5f:cf:90:3d:56:c3:3b:7f:1d:d9:96:5e:fd:
fe:9e:b8:8d:31:31:d2:0f:d7:9e:ec:29:4a:37:e7:16:9e:20:
18:2f:ed:29:f2:3e:94:45:cc:3b:1f:c2:f1:9c:7b:5b:f5:85:
91:9e:62:93:33:4c:92:7d:65:5b:92:9a:ec:06:ed:ab:e0:fd:
70:56:be:62:1a:15:6c:8c:49:86:a3:e4:0c:e8:83:60:7d:89:
5a:45:ae:54:14:bf:3e:1c:62:25:fb:90:04:99:6c:74:2c:87:
b6:7a:c8:81:82:aa:f9:5a:ee:25:4a:c6:c8:96:71:14:9b:bc:
2c:ce:84:5a:fa:bf:29:d1:ba:96:6d:15:af:0f:4d:eb:c5:13:
a6:fc:37:d3:66:bc:b1:9d:75:5d:43:ce:b8:ba:4f:20:86:70:
a4:d5:41:ba:a2:24:70:2b:83:65:8b:9d:4c:84:dc:af:fd:96:
9c:38:33:db:a5:3a:63:31:af:fc:d5:cc:2a:42:9c:ad:bd:0f:
e1:03:6a:c9:10:b8:2d:d8:ec:14:90:39:69:b7:43:b8:62:71:
54:a6:a3:1a:3c:ff:61:f6:36:cd:f7:76:2e:4e:f4:08:2a:d9:
aa:b7:f5:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqoedCkuQUsjTNgS9dr7RJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwOTE4MTMyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQwOWZjODkwZDM2MmNhNjQ4YWM1ZTllNDMxMjY4ZTQzYjgzNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ+9JmoLy+6pojWqUXtI/Wjk3iNq
e7KcxY180kQ7F5nL+I5HMqaOpTbCq7fE2i2GZEjCU5Dcq9iGt8HBOr36Q+WgUEdp
N4BEfqaS76w/y5H+QzLs4DYuTtxMv1v/OWw9qa/zNYouQxfPl9T13NP2beifJfQl
Vr+oFU1Zxp/wg12quq81DP8u4wmnvz/tYaoJSV6pyw10HtpW242/NvTNWtN9ASiq
SRvobJ5hCWRIiNwqaIenB57bBvWDjJF8JA9usamHnlKlR8KWNwnnu4iBNqFyjSoS
Xa5A9yMyjzHs8S6Pa2o51TkNblQlY++z7c96b84DHvhAUfu6QDRIG7SFwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3Qn8iQ02LKZIrF6eQxJo5DuDRHMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvbmRDZnlKRFRZc3BraXNYcDVERW1qa080TkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8k6eEFfiq8H9HgcqxRhIExh6g3TTJ6F/PkD1Wwzt/
HdmWXv3+nriNMTHSD9ee7ClKN+cWniAYL+0p8j6URcw7H8LxnHtb9YWRnmKTM0yS
fWVbkprsBu2r4P1wVr5iGhVsjEmGo+QM6INgfYlaRa5UFL8+HGIl+5AEmWx0LIe2
esiBgqr5Wu4lSsbIlnEUm7wszoRa+r8p0bqWbRWvD03rxROm/DfTZryxnXVdQ864
uk8ghnCk1UG6oiRwK4Nli51MhNyv/ZacODPbpTpjMa/81cwqQpytvQ/hA2rJELgt
2OwUkDlpt0O4YnFUpqMaPP9h9jbN93YuTvQIKtmqt/Um
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net