Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ndhscns1wpKdhEXmdeb5YYbIPjM.roa
File: ndhscns1wpKdhEXmdeb5YYbIPjM.roa (raw, json)
Hash identifier: KwwnhMFi3XclLcHcIplrbuB/FbQYwsqOkff3UrLR0VM=
Subject key identifier: 9D:D8:6C:72:7B:35:C2:92:9D:84:45:E6:75:E6:F9:61:86:C8:3E:33
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E50B4B9C96D95D13D46D59A47EDF102AF
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ndhscns1wpKdhEXmdeb5YYbIPjM.roa
Signing time: Mon 18 Mar 2024 08:36:44 +0000
ROA not before: Mon 18 Mar 2024 08:36:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 18 Mar 2024 11:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:b4:b9:c9:6d:95:d1:3d:46:d5:9a:47:ed:f1:02:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 18 08:36:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd86c727b35c2929d8445e675e6f96186c83e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c2:db:dc:63:22:d1:9a:9f:10:07:db:3b:f2:
ef:b2:63:37:ef:23:94:8f:92:d8:48:ea:e2:fa:f7:
e6:85:da:34:e9:59:81:0b:91:0a:3a:a9:f2:c4:ba:
43:c9:91:20:f2:99:61:43:ae:45:cb:04:28:86:b2:
0e:98:fc:d1:5a:d9:8b:5d:24:61:69:13:b7:11:ec:
35:bc:f9:b7:1d:58:75:94:b7:49:70:17:5b:3d:b9:
5b:91:65:9e:9e:ce:62:f6:cb:8b:0c:eb:fe:ea:11:
bf:0a:25:13:b3:a8:8e:11:47:60:08:09:c3:56:29:
fc:0f:83:0b:e3:81:57:39:e7:d5:af:02:f0:bd:d2:
2e:32:a1:be:fa:2e:d6:49:4c:1a:31:89:a5:b1:0e:
63:07:4f:2c:1c:1c:02:07:11:dc:42:57:54:d7:6c:
ed:c0:2d:60:f6:ef:28:58:cc:86:11:fc:09:49:3f:
68:56:50:98:18:75:72:c4:50:92:41:71:51:0f:ff:
26:1e:f6:2b:77:cc:d1:e5:37:5c:9f:b0:75:56:4a:
b7:4f:19:34:4c:63:fa:63:24:bd:ba:66:5d:8f:94:
54:96:ea:7f:7d:de:e6:eb:0d:3d:2e:1c:4e:8a:25:
dd:f6:b8:44:25:82:94:57:df:32:14:d0:d3:96:c8:
6d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D8:6C:72:7B:35:C2:92:9D:84:45:E6:75:E6:F9:61:86:C8:3E:33
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ndhscns1wpKdhEXmdeb5YYbIPjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:35:38:b3:b4:44:22:75:d7:ec:c6:55:aa:e4:7a:06:86:aa:
ac:0d:b0:4f:7b:84:34:2b:32:7f:aa:e2:6b:15:a3:ec:f8:84:
cf:32:a3:07:49:17:d9:e5:9b:e8:ec:35:54:49:e8:12:34:ed:
68:79:51:21:60:fb:9a:97:00:0d:e3:41:30:7c:a3:11:28:16:
6b:cf:9f:f8:e0:17:0d:f2:76:70:7d:ef:a7:e6:aa:da:c9:03:
23:75:28:e0:28:61:21:74:17:78:26:85:15:f1:58:15:ae:0d:
10:8c:16:2d:02:b6:77:24:8e:a9:7d:86:ed:66:64:f0:2f:4f:
a9:fb:cc:35:8e:8d:c0:5d:95:52:0e:9f:ff:01:03:01:6a:15:
89:69:26:01:00:75:8e:89:14:17:3d:ce:33:1c:6d:cb:f4:97:
f0:fc:25:26:83:9d:97:74:83:cd:a2:c5:1c:c3:a0:4f:dc:36:
28:50:23:3d:ee:04:d0:ae:d5:97:41:97:ca:f7:92:2e:50:1f:
22:c3:56:27:61:e6:2d:11:f1:30:65:5b:4b:98:a1:20:17:d9:
9e:02:f3:43:95:b6:87:27:53:71:51:58:40:e2:26:f3:b0:4a:
79:5b:75:19:2e:d9:95:53:6f:23:ba:23:bd:87:eb:31:5c:8c:
b0:a8:e8:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5QtLnJbZXRPUbVmkft8QKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzE4MDgzNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ4NmM3MjdiMzVjMjkyOWQ4NDQ1ZTY3NWU2Zjk2MTg2YzgzZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8Lb3GMi0ZqfEAfbO/LvsmM37yOU
j5LYSOri+vfmhdo06VmBC5EKOqnyxLpDyZEg8plhQ65FywQohrIOmPzRWtmLXSRh
aRO3Eew1vPm3HVh1lLdJcBdbPblbkWWens5i9suLDOv+6hG/CiUTs6iOEUdgCAnD
Vin8D4ML44FXOefVrwLwvdIuMqG++i7WSUwaMYmlsQ5jB08sHBwCBxHcQldU12zt
wC1g9u8oWMyGEfwJST9oVlCYGHVyxFCSQXFRD/8mHvYrd8zR5Tdcn7B1Vkq3Txk0
TGP6YyS9umZdj5RUlup/fd7m6w09LhxOiiXd9rhEJYKUV98yFNDTlsht0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ3YbHJ7NcKSnYRF5nXm+WGGyD4zMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvbmRoc2NuczF3cEtkaEVYbWRlYjVZWWJJUGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTd2IAwQC
bXi4MA0GCSqGSIb3DQEBCwUAA4IBAQB8NTiztEQiddfsxlWq5HoGhqqsDbBPe4Q0
KzJ/quJrFaPs+ITPMqMHSRfZ5Zvo7DVUSegSNO1oeVEhYPualwAN40EwfKMRKBZr
z5/44BcN8nZwfe+n5qrayQMjdSjgKGEhdBd4JoUV8VgVrg0QjBYtArZ3JI6pfYbt
ZmTwL0+p+8w1jo3AXZVSDp//AQMBahWJaSYBAHWOiRQXPc4zHG3L9Jfw/CUmg52X
dIPNosUcw6BP3DYoUCM97gTQrtWXQZfK95IuUB8iw1YnYeYtEfEwZVtLmKEgF9me
AvNDlbaHJ1NxUVhA4ibzsEp5W3UZLtmVU28juiO9h+sxXIywqOj7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org