Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nAeaDlbX-l2wZY9J377oSgCc2IE.roa
File: nAeaDlbX-l2wZY9J377oSgCc2IE.roa (raw, json)
Hash identifier: Q7iMGAeSVidKzbHV0uLRJayl/NIXOjCzaQrios2VufA=
Subject key identifier: 9C:07:9A:0E:56:D7:FA:5D:B0:65:8F:49:DF:BE:E8:4A:00:9C:D8:81
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018CC8DE1719EAD56BE0B7516A0A1605DBE5
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nAeaDlbX-l2wZY9J377oSgCc2IE.roa
Signing time: Tue 02 Jan 2024 06:30:47 +0000
ROA not before: Tue 02 Jan 2024 06:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197477
IP address blocks: 95.214.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 21:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:17:19:ea:d5:6b:e0:b7:51:6a:0a:16:05:db:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 2 06:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c079a0e56d7fa5db0658f49dfbee84a009cd881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b1:ec:98:52:0e:03:5d:2b:18:19:1e:78:e2:
f6:5a:a8:01:e7:27:66:d0:1e:93:1f:26:c4:df:58:
45:3c:ad:e2:a4:6d:58:9b:66:57:d6:04:b7:d2:72:
66:82:0b:2d:96:07:02:04:0e:4b:94:b5:25:df:05:
5d:73:e5:a5:21:89:3b:71:92:2f:f2:ca:e8:c0:22:
3f:f8:db:6b:5a:4f:f5:92:f5:16:8d:de:5b:0c:f1:
2a:4c:8d:fe:6c:a0:9d:3e:39:56:1a:54:9e:f5:49:
26:82:d1:a1:ae:f7:6a:2e:44:5f:a7:d3:a0:a9:2c:
b8:8d:3d:c5:37:f7:13:e7:88:36:d3:d1:4c:9e:60:
a3:c5:6f:0f:aa:9e:95:8f:9f:39:f8:9c:cc:aa:d0:
2a:58:09:0d:f4:37:3f:7a:ee:4d:0a:d6:3d:be:3b:
92:73:40:8d:7f:a4:94:6b:9a:b1:24:12:dd:77:b3:
3b:dd:63:ea:97:77:85:fd:35:cb:d9:c0:89:09:30:
2a:4c:a2:21:19:84:3d:e5:ec:bd:bd:9b:e4:26:3e:
88:13:41:30:65:09:cf:fb:00:33:d9:e9:d9:af:82:
ea:0d:ca:b5:30:59:63:99:2c:f2:55:26:ca:55:aa:
1f:75:08:1f:91:c0:10:6e:b2:50:f6:d2:b8:b7:7f:
93:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:07:9A:0E:56:D7:FA:5D:B0:65:8F:49:DF:BE:E8:4A:00:9C:D8:81
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nAeaDlbX-l2wZY9J377oSgCc2IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
Signature Algorithm: sha256WithRSAEncryption
04:21:a5:43:50:03:e5:b6:98:d9:f5:9c:53:68:69:fa:a2:4c:
ff:41:dd:4f:cd:2c:6d:28:e9:84:9f:61:51:d3:24:5d:d0:bc:
80:b0:bd:54:9d:a3:3e:94:97:5f:82:34:21:67:f1:9d:9d:f6:
bd:2b:0b:bb:85:7f:3e:cb:4e:0d:a6:e2:4e:a4:b5:08:3e:ec:
4a:f5:83:1f:1e:e9:5f:68:d8:e8:86:5d:4e:45:f3:ea:75:b3:
d8:3f:70:f9:53:58:50:85:b8:aa:7c:c4:8e:a9:ae:04:97:65:
40:1e:b0:2f:c7:72:11:5f:47:15:dc:b0:5d:7c:29:d0:b5:80:
be:ad:f9:47:ce:31:0d:5e:c0:78:25:29:09:24:a1:82:cb:b9:
55:7f:9a:e5:39:5b:6c:ee:e2:73:0c:3f:e0:46:3a:83:89:74:
e1:65:e8:1c:88:91:84:69:60:46:51:37:28:7b:2c:bf:88:13:
f7:04:71:f9:aa:f0:89:60:b7:e2:35:d6:3d:1f:17:d5:8d:1b:
35:71:83:8a:10:6d:87:2c:a0:44:5c:16:36:65:a0:19:23:8d:
8b:15:fe:0c:f0:86:3e:7f:87:00:6e:ee:72:56:29:ce:2c:87:
3e:88:40:db:fc:89:cf:f6:8a:66:09:db:b0:2b:e9:f1:86:3c:
e7:ae:f0:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3hcZ6tVr4LdRagoWBdvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwMTAyMDYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA3OWEwZTU2ZDdmYTVkYjA2NThmNDlkZmJlZTg0YTAwOWNkODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbHsmFIOA10rGBkeeOL2WqgB5ydm
0B6THybE31hFPK3ipG1Ym2ZX1gS30nJmggstlgcCBA5LlLUl3wVdc+WlIYk7cZIv
8srowCI/+NtrWk/1kvUWjd5bDPEqTI3+bKCdPjlWGlSe9UkmgtGhrvdqLkRfp9Og
qSy4jT3FN/cT54g209FMnmCjxW8Pqp6Vj585+JzMqtAqWAkN9Dc/eu5NCtY9vjuS
c0CNf6SUa5qxJBLdd7M73WPql3eF/TXL2cCJCTAqTKIhGYQ95ey9vZvkJj6IE0Ew
ZQnP+wAz2enZr4LqDcq1MFljmSzyVSbKVaofdQgfkcAQbrJQ9tK4t3+TowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwHmg5W1/pdsGWPSd++6EoAnNiBMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvbkFlYURsYlgtbDJ3Wlk5SjM3N29TZ0NjMklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9asMA0G
CSqGSIb3DQEBCwUAA4IBAQAEIaVDUAPltpjZ9ZxTaGn6okz/Qd1PzSxtKOmEn2FR
0yRd0LyAsL1UnaM+lJdfgjQhZ/Gdnfa9Kwu7hX8+y04NpuJOpLUIPuxK9YMfHulf
aNjohl1ORfPqdbPYP3D5U1hQhbiqfMSOqa4El2VAHrAvx3IRX0cV3LBdfCnQtYC+
rflHzjENXsB4JSkJJKGCy7lVf5rlOVts7uJzDD/gRjqDiXThZegciJGEaWBGUTco
eyy/iBP3BHH5qvCJYLfiNdY9HxfVjRs1cYOKEG2HLKBEXBY2ZaAZI42LFf4M8IY+
f4cAbu5yVinOLIc+iEDb/InP9opmCduwK+nxhjznrvD8
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:01:18 2025 by rpki-client