Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/Ntt6vBPKVhISSsZNCsUHVkezO1w.roa
File: Ntt6vBPKVhISSsZNCsUHVkezO1w.roa (raw, json)
Hash identifier: jmzihfPIsWHAewfyQ9hr/FPjSMwHmLJmdAJfMECFCuo=
Subject key identifier: 36:DB:7A:BC:13:CA:56:12:12:4A:C6:4D:0A:C5:07:56:47:B3:3B:5C
Certificate issuer: /CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Certificate serial: 01856C25D0916419E5C4DCDB54F60423DDE0
Authority key identifier: F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/Ntt6vBPKVhISSsZNCsUHVkezO1w.roa
Signing time: Sun 01 Jan 2023 07:04:55 +0000
ROA not before: Sun 01 Jan 2023 07:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200480
IP address blocks: 185.105.240.0/22 maxlen: 22
2a06:38c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:d0:91:64:19:e5:c4:dc:db:54:f6:04:23:dd:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Validity
Not Before: Jan 1 07:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36db7abc13ca5612124ac64d0ac5075647b33b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:51:ab:67:ea:72:e2:73:a2:1d:3a:1b:da:04:
c5:cc:f8:16:ef:4e:da:ee:08:96:98:00:ef:28:a1:
90:16:c8:52:47:db:b5:85:5c:cc:58:58:b6:5c:3e:
1f:4b:0f:ce:9f:63:55:00:d5:75:b8:1c:36:74:71:
90:44:62:ff:d4:74:b7:52:3b:70:a1:18:2a:e5:d6:
dd:64:0d:20:2e:0f:bb:e0:0c:e4:13:ba:82:fc:36:
71:96:00:52:37:e9:0b:11:5a:c3:ea:0e:6b:78:b7:
e2:5b:fd:55:d3:a9:b4:d6:7d:4a:22:5f:28:14:92:
00:62:7d:0a:82:f7:2a:49:fb:f2:09:69:46:4b:ff:
be:71:cc:be:00:cd:1e:89:44:d5:2f:a4:96:a7:55:
d2:8d:48:54:0b:21:0b:53:03:01:74:e5:7f:46:65:
13:82:08:76:4a:58:e7:65:ff:3b:1c:d4:72:9a:e9:
9c:17:a7:f3:46:85:aa:69:ac:4f:bf:c3:66:74:5b:
aa:47:33:f6:de:6d:c9:da:68:68:12:e8:be:e0:60:
67:49:fd:8c:5a:3c:66:97:8c:ae:16:ff:6e:e0:51:
07:92:1b:bb:d3:77:40:ef:4a:c6:6f:a7:b7:8a:e3:
f4:ca:17:0e:04:38:15:de:37:74:1f:8d:7c:a5:29:
a1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DB:7A:BC:13:CA:56:12:12:4A:C6:4D:0A:C5:07:56:47:B3:3B:5C
X509v3 Authority Key Identifier:
keyid:F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/Ntt6vBPKVhISSsZNCsUHVkezO1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/9PQw0IBfQv-jvNDAt8VQgFEXkjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.240.0/22
IPv6:
2a06:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:70:1a:77:d4:11:4c:e2:cd:a3:b3:dc:1a:68:0b:a6:cc:94:
37:9d:2f:49:1d:e9:76:79:6d:0c:e0:1f:fc:6d:f5:f6:ff:ce:
69:9e:c4:fb:1b:bf:c1:18:ff:5f:45:58:18:c3:f1:84:04:0c:
61:46:13:a3:62:55:94:21:11:4e:3b:57:18:71:9d:6d:78:9b:
5a:0b:15:f1:63:3f:dd:97:c9:f5:5b:66:49:0a:7f:7e:c5:68:
84:08:ab:2a:87:7e:b1:0f:e8:ac:b9:64:b7:ba:34:18:1e:b9:
81:14:63:8d:0f:29:6c:a0:ad:d0:a4:35:07:f5:78:69:43:42:
c7:38:4b:91:bb:c6:a1:6d:f6:d9:6b:dc:23:86:d7:39:f3:64:
fe:e8:b7:b7:80:4c:7f:0b:2d:94:15:62:71:e7:89:cf:7f:b9:
d3:f5:8d:eb:d2:c0:3c:06:a1:c9:a4:4e:0e:85:e0:84:a6:6b:
7d:99:1e:de:38:ac:e8:f9:00:0b:3b:da:98:51:24:eb:1a:cf:
0b:ed:e6:4f:bf:07:40:bf:be:2b:a8:4c:e4:72:52:15:31:fe:
75:f9:f1:6e:9d:ea:69:5a:04:99:98:fe:1d:81:f4:13:c9:14:
dd:1f:12:66:91:e2:58:6f:ac:51:fe:74:1f:5f:6e:24:15:43:
cd:ed:7a:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsJdCRZBnlxNzbVPYEI93gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjQzMGQwODA1ZjQyZmZhM2JjZDBjMGI3YzU1MDgwNTEx
NzkyM2EwHhcNMjMwMTAxMDcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRiN2FiYzEzY2E1NjEyMTI0YWM2NGQwYWM1MDc1NjQ3YjMzYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlGrZ+py4nOiHTob2gTFzPgW707a
7giWmADvKKGQFshSR9u1hVzMWFi2XD4fSw/On2NVANV1uBw2dHGQRGL/1HS3Ujtw
oRgq5dbdZA0gLg+74AzkE7qC/DZxlgBSN+kLEVrD6g5reLfiW/1V06m01n1KIl8o
FJIAYn0KgvcqSfvyCWlGS/++ccy+AM0eiUTVL6SWp1XSjUhUCyELUwMBdOV/RmUT
ggh2SljnZf87HNRymumcF6fzRoWqaaxPv8NmdFuqRzP23m3J2mhoEui+4GBnSf2M
Wjxml4yuFv9u4FEHkhu703dA70rGb6e3iuP0yhcOBDgV3jd0H418pSmhjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbberwTylYSEkrGTQrFB1ZHsztcMB8GA1UdIwQY
MBaAFPT0MNCAX0L/o7zQwLfFUIBRF5I6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAt
ZjBmOTNjY2EyNDc5LzEvTnR0NnZCUEtWaElTU3NaTkNzVUhWa2V6TzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAtZjBmOTNjY2EyNDc5
LzEvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWnwMA0E
AgACMAcDBQMqBjjAMA0GCSqGSIb3DQEBCwUAA4IBAQA5cBp31BFM4s2js9waaAum
zJQ3nS9JHel2eW0M4B/8bfX2/85pnsT7G7/BGP9fRVgYw/GEBAxhRhOjYlWUIRFO
O1cYcZ1teJtaCxXxYz/dl8n1W2ZJCn9+xWiECKsqh36xD+isuWS3ujQYHrmBFGON
DylsoK3QpDUH9XhpQ0LHOEuRu8ahbfbZa9wjhtc582T+6Le3gEx/Cy2UFWJx54nP
f7nT9Y3r0sA8BqHJpE4OheCEpmt9mR7eOKzo+QALO9qYUSTrGs8L7eZPvwdAv74r
qEzkclIVMf51+fFuneppWgSZmP4dgfQTyRTdHxJmkeJYb6xR/nQfX24kFUPN7Xp2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:35 2023 by rpki-client on console-ams.rpki-client.org