Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/CjNRfnrOimFS9NKBh9O05bxrim4.roa
File: CjNRfnrOimFS9NKBh9O05bxrim4.roa (raw, json)
Hash identifier: fGvtW9XFp/jI8ExSwmna6RGMboyu+ANyF725U16md9A=
Subject key identifier: 0A:33:51:7E:7A:CE:8A:61:52:F4:D2:81:87:D3:B4:E5:BC:6B:8A:6E
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 018F28BD90CFEBD52FE16812ED1A41B81D4B
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/CjNRfnrOimFS9NKBh9O05bxrim4.roa
Signing time: Mon 29 Apr 2024 07:24:23 +0000
ROA not before: Mon 29 Apr 2024 07:24:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 45.95.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 06:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:bd:90:cf:eb:d5:2f:e1:68:12:ed:1a:41:b8:1d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Apr 29 07:24:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a33517e7ace8a6152f4d28187d3b4e5bc6b8a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e6:f0:29:b2:e2:c7:c6:30:97:37:4e:38:5d:
da:e6:bc:13:32:ca:9c:6a:d5:30:19:2c:36:ff:09:
91:03:c3:99:e4:66:b1:30:19:32:78:94:7f:7d:dc:
c5:d6:2e:a5:e3:11:0d:a2:62:00:f5:76:c4:81:11:
0b:c9:46:0e:e2:36:d4:aa:82:ab:77:ba:21:2e:de:
9c:a8:f7:34:67:09:36:67:4a:dd:aa:8f:a4:4d:2c:
a6:3f:ae:32:68:f8:89:f0:a0:f0:62:b0:9a:aa:70:
9f:33:f5:e2:0d:2f:73:11:d5:87:6e:91:55:6f:e4:
94:a0:de:b7:d3:ed:76:d7:fd:6a:66:12:43:dc:a4:
ad:a9:ce:de:0c:56:fb:36:77:4d:1c:d5:1f:60:85:
4e:63:ed:ce:51:0d:d7:f3:6e:3a:44:37:a3:7b:de:
87:71:30:54:1c:5f:19:37:70:4f:59:35:f4:e7:66:
31:8d:c1:6f:ec:6e:c7:dd:2e:8b:e3:ff:42:28:2a:
4f:61:78:51:9f:f5:99:91:77:ba:66:6c:1e:fa:96:
18:fe:d5:ed:a4:0f:10:56:db:1a:1c:20:74:ac:c3:
a6:08:d9:f7:f0:0a:77:54:91:d7:dc:20:ca:37:a0:
79:ae:17:14:3d:79:10:32:f4:fb:10:50:6d:b5:38:
86:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:33:51:7E:7A:CE:8A:61:52:F4:D2:81:87:D3:B4:E5:BC:6B:8A:6E
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/CjNRfnrOimFS9NKBh9O05bxrim4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.114.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:3c:eb:d2:77:24:a7:4b:72:02:34:fb:46:d0:8c:f5:d1:c3:
46:d2:1e:e1:db:40:5c:42:ab:03:81:79:e6:11:a5:a6:fa:30:
3b:fc:d4:ea:10:39:15:ab:13:47:22:a6:3a:be:5d:8a:ec:d9:
07:60:7d:fd:4f:3c:2a:c4:59:11:6a:85:7c:43:5f:f2:c3:73:
35:a7:47:f0:bc:e7:1f:39:e4:ba:ca:29:b5:3a:23:da:e9:d4:
43:8c:8e:75:2a:6e:41:1f:61:c8:4d:62:b6:22:c9:ae:ed:98:
c9:8c:ac:55:f3:eb:4b:1c:6f:85:d9:52:99:af:e1:20:0b:86:
92:80:51:72:ab:15:be:3e:5f:56:20:da:d2:76:d7:b3:3e:cb:
cb:27:4e:29:1f:ea:29:1e:01:44:56:0b:81:08:0b:2b:09:cd:
b7:e1:fa:2f:d1:cd:c3:98:93:c4:18:d9:5b:72:6e:d1:1b:2e:
9a:04:48:26:93:a5:24:c1:e4:94:00:d4:14:a3:41:03:99:80:
2e:78:61:f8:9c:53:d8:46:ed:ff:0d:3b:f7:b7:35:d8:23:3c:
10:a8:c7:25:44:e8:df:92:73:7b:d0:e2:b8:ae:6c:4a:82:50:
26:18:e9:e6:c4:32:90:6b:35:c8:fc:ad:5a:65:e7:40:07:9a:
fa:75:57:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8ovZDP69Uv4WgS7RpBuB1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjQwNDI5MDcyNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTMzNTE3ZTdhY2U4YTYxNTJmNGQyODE4N2QzYjRlNWJjNmI4YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+bwKbLix8YwlzdOOF3a5rwTMsqc
atUwGSw2/wmRA8OZ5GaxMBkyeJR/fdzF1i6l4xENomIA9XbEgRELyUYO4jbUqoKr
d7ohLt6cqPc0Zwk2Z0rdqo+kTSymP64yaPiJ8KDwYrCaqnCfM/XiDS9zEdWHbpFV
b+SUoN630+121/1qZhJD3KStqc7eDFb7NndNHNUfYIVOY+3OUQ3X8246RDeje96H
cTBUHF8ZN3BPWTX052YxjcFv7G7H3S6L4/9CKCpPYXhRn/WZkXe6Zmwe+pYY/tXt
pA8QVtsaHCB0rMOmCNn38Ap3VJHX3CDKN6B5rhcUPXkQMvT7EFBttTiGeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAozUX56zophUvTSgYfTtOW8a4puMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvQ2pOUmZuck9pbUZTOU5LQmg5TzA1YnhyaW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9yMA0G
CSqGSIb3DQEBCwUAA4IBAQDSPOvSdySnS3ICNPtG0Iz10cNG0h7h20BcQqsDgXnm
EaWm+jA7/NTqEDkVqxNHIqY6vl2K7NkHYH39TzwqxFkRaoV8Q1/yw3M1p0fwvOcf
OeS6yim1OiPa6dRDjI51Km5BH2HITWK2Ismu7ZjJjKxV8+tLHG+F2VKZr+EgC4aS
gFFyqxW+Pl9WINrSdtezPsvLJ04pH+opHgFEVguBCAsrCc234fov0c3DmJPEGNlb
cm7RGy6aBEgmk6UkweSUANQUo0EDmYAueGH4nFPYRu3/DTv3tzXYIzwQqMclROjf
knN70OK4rmxKglAmGOnmxDKQazXI/K1aZedAB5r6dVfb
-----END CERTIFICATE-----
Generated at Tue Jul 30 08:04:42 2024 by rpki-client on console-fra.rpki-client.org