Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/nDC1-Iw3K6DjXJXtJXZgl8oJCb0.roa
File: nDC1-Iw3K6DjXJXtJXZgl8oJCb0.roa (raw, json)
Hash identifier: S7dWstYU0kySe+MU0H2tEg8QkoOjF8NdecGRnLYOzuo=
Subject key identifier: 9C:30:B5:F8:8C:37:2B:A0:E3:5C:95:ED:25:76:60:97:CA:09:09:BD
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 0188F6231FD42027DF1C6334A7CA20D22F68
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/nDC1-Iw3K6DjXJXtJXZgl8oJCb0.roa
Signing time: Mon 26 Jun 2023 05:17:56 +0000
ROA not before: Mon 26 Jun 2023 05:17:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50495
IP address blocks: 91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
83.136.221.0/24 maxlen: 24
91.223.163.0/24 maxlen: 24
91.239.64.0/24 maxlen: 24
77.83.232.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:23:1f:d4:20:27:df:1c:63:34:a7:ca:20:d2:2f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jun 26 05:17:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c30b5f88c372ba0e35c95ed25766097ca0909bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:e4:01:69:f0:c6:f2:9b:89:0b:80:24:8b:
5a:14:e1:a4:3e:69:7d:3f:c1:24:95:f2:ee:31:02:
f9:ff:8a:a6:78:1a:a1:3c:5f:46:a9:d5:a8:58:54:
06:a3:e8:13:fa:c8:f7:35:84:a0:fd:52:26:8e:51:
ee:37:fd:0b:d3:36:cc:9e:a5:8f:0d:bd:d0:9e:51:
9c:80:cc:07:0b:90:55:ca:47:42:d3:8c:6a:a5:be:
b3:ca:c3:7d:4f:c2:e9:43:54:98:bd:39:43:e0:dc:
99:7d:96:08:a4:7c:50:f7:28:b8:f1:b6:1f:f5:ce:
04:62:0d:bf:3c:a5:76:28:40:97:48:99:16:51:b3:
38:57:6e:c5:ee:9e:c5:e9:3d:14:a4:40:8a:2b:b5:
26:ba:f8:3a:72:50:99:1b:7f:15:5a:8e:9a:e0:ab:
b7:27:77:d9:94:98:41:9f:e5:3b:9c:73:1d:43:3d:
6a:98:0c:f9:2e:7c:b8:fc:47:da:0f:06:d0:48:48:
60:ee:97:1f:05:d2:69:89:c0:8e:55:b2:a0:a1:ec:
a5:54:cb:4c:1b:7b:f9:52:29:3b:81:32:69:2a:69:
87:cf:66:fd:52:c3:1e:71:4a:2d:82:c1:58:e0:b1:
59:56:a7:df:4e:88:d9:ca:e4:4a:ee:c1:53:ea:91:
e9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:30:B5:F8:8C:37:2B:A0:E3:5C:95:ED:25:76:60:97:CA:09:09:BD
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/nDC1-Iw3K6DjXJXtJXZgl8oJCb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
83.136.221.0/24
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
91.239.64.0/24
194.39.32.0/22
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
1a:cc:ff:b2:a1:49:39:d6:6c:ac:db:d9:14:e3:dd:5d:38:ba:
78:f8:ed:56:84:e6:e9:f3:28:05:d2:8a:fd:42:bb:bb:85:99:
63:8e:90:9c:ab:00:63:3a:f0:fb:3f:b8:62:06:e2:67:24:b7:
1a:2a:1e:e4:44:bd:b6:76:3d:cc:69:a2:18:4e:55:64:6b:d0:
7f:ce:72:3e:7c:0f:77:55:84:c4:86:b4:53:88:c5:a4:d9:aa:
16:3e:ff:c5:f3:e9:24:b2:cc:a7:8b:7a:eb:b8:b7:e2:a2:e2:
46:d9:33:aa:21:82:d0:c4:68:94:e7:0e:09:4a:d6:ae:c2:6d:
81:b7:86:e0:04:11:1a:7d:2c:02:05:93:e8:a1:2a:17:35:9f:
f4:cd:74:27:c6:12:3a:d8:2d:fa:ae:be:27:28:e6:57:ae:8c:
8d:92:5b:85:cd:6a:4f:07:45:eb:f8:de:83:3b:6e:e7:b8:a7:
8f:76:37:30:96:df:33:1e:2e:85:f5:90:3b:e9:d4:ea:2c:80:
a1:86:e6:a7:a3:9d:d5:ff:3a:d7:58:71:74:73:3b:70:75:0b:
35:6f:8a:5d:c8:0c:55:15:c0:95:8a:ef:7f:f2:2f:5c:ad:27:
9b:39:6f:8d:31:87:4c:97:53:6f:6b:a7:74:02:19:72:12:d1:
3d:56:5e:73
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYj2Ix/UICffHGM0p8og0i9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwNjI2MDUxNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzMwYjVmODhjMzcyYmEwZTM1Yzk1ZWQyNTc2NjA5N2NhMDkwOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPDkAWnwxvKbiQuAJItaFOGkPml9
P8EklfLuMQL5/4qmeBqhPF9GqdWoWFQGo+gT+sj3NYSg/VImjlHuN/0L0zbMnqWP
Db3QnlGcgMwHC5BVykdC04xqpb6zysN9T8LpQ1SYvTlD4NyZfZYIpHxQ9yi48bYf
9c4EYg2/PKV2KECXSJkWUbM4V27F7p7F6T0UpECKK7Umuvg6clCZG38VWo6a4Ku3
J3fZlJhBn+U7nHMdQz1qmAz5Lny4/EfaDwbQSEhg7pcfBdJpicCOVbKgoeylVMtM
G3v5Uik7gTJpKmmHz2b9UsMecUotgsFY4LFZVqffTojZyuRK7sFT6pHpuwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJwwtfiMNyug41yV7SV2YJfKCQm9MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvbkRDMS1JdzNLNkRqWEpYdEpYWmdsOG9KQ2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCTVPoAwQA
U4jdAwQAW99jAwQAW99mAwQAW99+AwQAW9+jAwQAW+9AAwQCwicgMA0EAgACMAcD
BQAqBu9AMA0GCSqGSIb3DQEBCwUAA4IBAQAazP+yoUk51mys29kU491dOLp4+O1W
hObp8ygF0or9Qru7hZljjpCcqwBjOvD7P7hiBuJnJLcaKh7kRL22dj3MaaIYTlVk
a9B/znI+fA93VYTEhrRTiMWk2aoWPv/F8+kkssyni3rruLfiouJG2TOqIYLQxGiU
5w4JStauwm2Bt4bgBBEafSwCBZPooSoXNZ/0zXQnxhI62C36rr4nKOZXroyNkluF
zWpPB0Xr+N6DO27nuKePdjcwlt8zHi6F9ZA76dTqLIChhuano53V/zrXWHF0cztw
dQs1b4pdyAxVFcCViu9/8i9crSebOW+NMYdMl1Nva6d0AhlyEtE9Vl5z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-ams.rpki-client.org