Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/CnGSBwXPDeN5AyJjMp-ONskeKQs.roa
File: CnGSBwXPDeN5AyJjMp-ONskeKQs.roa (raw, json)
Hash identifier: +J7MNcs+uvWIVAJh/sxDPB7DdBa5JiSWFDLSBZEqaBQ=
Subject key identifier: 0A:71:92:07:05:CF:0D:E3:79:03:22:63:32:9F:8E:36:C9:1E:29:0B
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01926F460349E2B3ADDC05D5A26100A79E65
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/CnGSBwXPDeN5AyJjMp-ONskeKQs.roa
Signing time: Wed 09 Oct 2024 03:15:12 +0000
ROA not before: Wed 09 Oct 2024 03:15:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 95.181.167.0/24 maxlen: 24
95.181.173.0/24 maxlen: 24
95.181.174.0/24 maxlen: 24
95.181.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6f:46:03:49:e2:b3:ad:dc:05:d5:a2:61:00:a7:9e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Oct 9 03:15:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a71920705cf0de379032263329f8e36c91e290b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f6:71:01:4d:72:91:08:63:8f:6f:70:bc:a7:
b6:62:85:59:6d:71:28:e3:5b:73:2c:19:81:e2:f9:
61:27:82:f1:a8:fd:8d:ff:7f:f5:64:67:02:ca:56:
2f:30:8c:44:2a:04:47:fa:f5:f2:1f:9a:bf:91:79:
a7:8d:d3:87:7f:b4:25:de:c6:71:be:1f:e0:ae:9d:
b1:68:26:8e:b3:06:87:80:dd:dd:73:e2:47:c2:3f:
5c:25:26:d1:94:f6:3a:74:06:d2:dc:b4:b7:c6:9b:
ec:3f:e7:80:cb:e2:b6:6c:5c:b7:42:89:90:a2:67:
07:47:b3:ae:5e:b5:fb:aa:ba:67:cf:b1:41:1c:0c:
d6:0d:fc:f6:5d:d8:4e:1a:3e:38:0c:d6:c8:b2:e7:
9b:41:1c:e8:08:7d:74:7f:c0:47:c4:24:ce:5c:64:
55:21:3e:23:8a:02:03:5d:a4:14:7d:89:2b:1c:55:
a0:e4:3e:38:e2:5c:71:b9:71:57:f3:75:5c:f9:d4:
e6:e4:e0:8e:3b:9b:20:8f:d4:4d:54:58:d6:f6:00:
44:e7:dd:dc:3f:4f:cf:ba:8f:6a:8b:a6:68:d8:e5:
69:23:5e:7a:c7:f2:9c:01:8f:0a:6b:64:3b:5d:0a:
88:7a:ca:f4:71:41:d3:01:b9:75:68:68:a9:07:6d:
54:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:71:92:07:05:CF:0D:E3:79:03:22:63:32:9F:8E:36:C9:1E:29:0B
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/CnGSBwXPDeN5AyJjMp-ONskeKQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.167.0/24
95.181.173.0-95.181.175.255
Signature Algorithm: sha256WithRSAEncryption
14:83:f7:f9:d0:90:04:0e:4d:9e:70:e4:c4:23:9c:a6:0f:28:
7d:7e:a8:36:5e:ad:65:fe:19:ba:00:49:49:b1:84:5a:5b:0a:
5a:7c:16:29:06:df:37:01:bd:29:6e:ba:1d:19:c0:46:d6:7e:
ef:c0:77:07:90:2f:17:5f:17:01:0c:c2:7a:2d:bb:50:e7:26:
3a:27:35:7e:e2:5f:2c:49:dc:f8:0f:ff:c5:0e:3d:2d:d2:2b:
34:7e:2e:f8:75:a2:af:80:2b:ab:c3:e0:d3:54:5f:5c:e4:61:
48:b1:f1:6a:bd:cf:8c:7e:d3:a6:66:84:7c:0f:d8:ba:bd:44:
e1:e0:34:70:90:0f:7c:7d:6a:26:81:b2:74:40:4c:96:d9:28:
8f:f3:21:9b:b6:03:2b:25:7b:bb:42:44:2b:f1:f6:8a:8d:21:
50:66:33:71:9a:41:d8:64:03:81:80:8a:77:8f:c9:59:1f:28:
d6:76:98:2b:c1:b0:dd:1d:26:f8:6d:0c:ae:2b:b2:8c:fe:fa:
c4:19:23:e2:1f:65:0b:f9:5c:c6:2e:d2:55:0f:89:b9:c6:0d:
ee:30:e2:38:e1:11:de:ec:d7:9d:67:e2:1c:ef:91:f6:54:77:
88:2c:6d:8b:ae:2b:cf:bc:06:ef:23:5b:33:e7:36:06:1f:fd:
ab:23:77:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJvRgNJ4rOt3AXVomEAp55lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQxMDA5MDMxNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTcxOTIwNzA1Y2YwZGUzNzkwMzIyNjMzMjlmOGUzNmM5MWUyOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPZxAU1ykQhjj29wvKe2YoVZbXEo
41tzLBmB4vlhJ4LxqP2N/3/1ZGcCylYvMIxEKgRH+vXyH5q/kXmnjdOHf7Ql3sZx
vh/grp2xaCaOswaHgN3dc+JHwj9cJSbRlPY6dAbS3LS3xpvsP+eAy+K2bFy3QomQ
omcHR7OuXrX7qrpnz7FBHAzWDfz2XdhOGj44DNbIsuebQRzoCH10f8BHxCTOXGRV
IT4jigIDXaQUfYkrHFWg5D444lxxuXFX83Vc+dTm5OCOO5sgj9RNVFjW9gBE593c
P0/Puo9qi6Zo2OVpI156x/KcAY8Ka2Q7XQqIesr0cUHTAbl1aGipB21UzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFApxkgcFzw3jeQMiYzKfjjbJHikLMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvQ25HU0J3WFBEZU41QXlKak1wLU9Oc2tlS1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAX7WnMAwD
BABfta0DBARftaAwDQYJKoZIhvcNAQELBQADggEBABSD9/nQkAQOTZ5w5MQjnKYP
KH1+qDZerWX+GboASUmxhFpbClp8FikG3zcBvSluuh0ZwEbWfu/AdweQLxdfFwEM
wnotu1DnJjonNX7iXyxJ3PgP/8UOPS3SKzR+Lvh1oq+AK6vD4NNUX1zkYUix8Wq9
z4x+06ZmhHwP2Lq9ROHgNHCQD3x9aiaBsnRATJbZKI/zIZu2Aysle7tCRCvx9oqN
IVBmM3GaQdhkA4GAinePyVkfKNZ2mCvBsN0dJvhtDK4rsoz++sQZI+IfZQv5XMYu
0lUPibnGDe4w4jjhEd7s151n4hzvkfZUd4gsbYuuK8+8Bu8jWzPnNgYf/asjd40=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:48 2025 by rpki-client