Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vJYWp7dMmCmTh0dRP4533azVYYo.roa
File: vJYWp7dMmCmTh0dRP4533azVYYo.roa (raw, json)
Hash identifier: iGQ0uuNR6I5KCDZm8BBJgyD3DytadRRia0f328bkQSE=
Subject key identifier: BC:96:16:A7:B7:4C:98:29:93:87:47:51:3F:8E:77:DD:AC:D5:61:8A
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 018A93B558CF3FC5DFADE3C7EA5AACA50BFF
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vJYWp7dMmCmTh0dRP4533azVYYo.roa
Signing time: Thu 14 Sep 2023 12:40:50 +0000
ROA not before: Thu 14 Sep 2023 12:40:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
185.220.136.4/30 maxlen: 30
185.220.137.4/30 maxlen: 30
185.220.137.8/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:b5:58:cf:3f:c5:df:ad:e3:c7:ea:5a:ac:a5:0b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Sep 14 12:40:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc9616a7b74c9829938747513f8e77ddacd5618a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:8f:9a:3d:e0:8a:83:86:60:96:6a:fe:1b:
e5:31:95:31:43:9d:2a:6c:5f:e8:b8:e8:55:61:b6:
1f:3b:53:a0:73:59:88:c4:44:35:0f:32:11:7d:f4:
ce:a9:81:88:87:56:ec:07:9c:d1:b6:e8:33:04:6a:
93:d1:b1:7d:6e:82:17:79:e2:ab:39:b5:1a:35:07:
47:08:4d:40:93:59:6f:54:74:20:da:f8:a4:c3:c7:
63:a5:2e:84:0a:2c:e8:88:ab:34:27:97:0e:13:db:
c9:fe:62:7f:a1:bf:b3:2c:e3:77:56:38:8c:fe:6f:
0a:d8:ce:d8:41:9e:9b:38:18:d3:0d:ad:97:1a:e7:
88:50:95:d5:70:76:44:b7:d1:6b:db:f9:fc:e7:67:
78:a6:35:00:ea:a1:0b:50:b2:15:86:3c:3d:d1:9e:
7b:c3:ac:81:f5:8d:51:26:f7:24:98:42:e1:3b:21:
69:f4:c7:89:0a:c0:60:df:40:49:08:cd:86:55:bd:
b2:8d:93:f7:28:1b:c1:ef:a4:04:03:7b:e6:cc:7d:
db:ae:49:8d:20:14:87:fc:1e:d8:00:46:db:d8:c7:
aa:88:4a:53:d9:bc:ed:aa:62:00:d2:82:c8:63:24:
a6:0f:d7:37:ed:f1:db:bb:e4:2d:f3:ae:6b:2b:c6:
89:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:96:16:A7:B7:4C:98:29:93:87:47:51:3F:8E:77:DD:AC:D5:61:8A
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vJYWp7dMmCmTh0dRP4533azVYYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
61:23:55:51:28:68:31:4a:1b:51:47:3c:77:19:30:36:20:ef:
75:6e:e5:e0:23:ee:6c:da:28:1f:2c:7f:b6:85:c0:7f:49:4a:
f7:c7:0e:90:07:46:43:d1:df:b8:5d:ad:82:3a:20:5e:a5:05:
e9:3a:a4:95:a1:73:1e:05:e8:4c:2c:e7:99:25:9e:99:db:65:
17:f4:e5:2d:f8:6a:42:99:8d:39:a9:89:19:8a:6e:89:8d:b0:
15:0b:17:92:7b:85:5b:0f:83:5a:08:36:9b:a4:fb:6a:bf:df:
23:87:b6:9b:4e:5d:61:03:00:28:a9:05:d7:05:2c:1c:ca:a9:
b1:b7:f1:f7:69:b5:37:6b:94:06:f5:31:69:a0:bd:e6:48:fb:
c9:a9:8b:28:5d:59:1e:ac:91:bd:e0:47:80:ea:0b:98:13:51:
69:be:9a:d1:78:9c:b4:1a:c0:db:98:7c:2f:72:37:6c:5d:74:
e2:ab:ee:19:b6:24:d6:28:18:bd:52:5d:42:e0:c7:5e:40:bb:
df:ed:0b:20:60:23:67:26:1e:c6:74:1d:48:da:f5:ec:8d:ab:
81:58:61:8e:5a:4b:4a:30:3d:2e:de:73:82:7d:fb:64:fe:07:
5c:3c:73:92:70:88:69:24:fa:27:87:c9:23:b5:24:60:e0:e6:
b0:64:b5:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqTtVjPP8XfrePH6lqspQv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwOTE0MTI0MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzk2MTZhN2I3NGM5ODI5OTM4NzQ3NTEzZjhlNzdkZGFjZDU2MThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnICPmj3gioOGYJZq/hvlMZUxQ50q
bF/ouOhVYbYfO1Ogc1mIxEQ1DzIRffTOqYGIh1bsB5zRtugzBGqT0bF9boIXeeKr
ObUaNQdHCE1Ak1lvVHQg2vikw8djpS6ECizoiKs0J5cOE9vJ/mJ/ob+zLON3VjiM
/m8K2M7YQZ6bOBjTDa2XGueIUJXVcHZEt9Fr2/n852d4pjUA6qELULIVhjw90Z57
w6yB9Y1RJvckmELhOyFp9MeJCsBg30BJCM2GVb2yjZP3KBvB76QEA3vmzH3brkmN
IBSH/B7YAEbb2MeqiEpT2bztqmIA0oLIYySmD9c37fHbu+Qt865rK8aJ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyWFqe3TJgpk4dHUT+Od92s1WGKMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvdkpZV3A3ZE1tQ21UaDBkUlA0NTMzYXpWWVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQBhI1VRKGgxShtRRzx3GTA2IO91buXgI+5s2igfLH+2
hcB/SUr3xw6QB0ZD0d+4Xa2COiBepQXpOqSVoXMeBehMLOeZJZ6Z22UX9OUt+GpC
mY05qYkZim6JjbAVCxeSe4VbD4NaCDabpPtqv98jh7abTl1hAwAoqQXXBSwcyqmx
t/H3abU3a5QG9TFpoL3mSPvJqYsoXVkerJG94EeA6guYE1FpvprReJy0GsDbmHwv
cjdsXXTiq+4ZtiTWKBi9Ul1C4MdeQLvf7QsgYCNnJh7GdB1I2vXsjauBWGGOWktK
MD0u3nOCfftk/gdcPHOScIhpJPonh8kjtSRg4OawZLVC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net