Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/uAqfaMDJVl3wC5VHg5wGDauZJv0.roa
File: uAqfaMDJVl3wC5VHg5wGDauZJv0.roa (raw, json)
Hash identifier: nbMfLRoWpozukxfVggULpwrotnrbBLPhCNiwMIZ1Ro8=
Subject key identifier: B8:0A:9F:68:C0:C9:56:5D:F0:0B:95:47:83:9C:06:0D:AB:99:26:FD
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 018CC87150F34BBABBC7B2BB39AA26FE908D
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/uAqfaMDJVl3wC5VHg5wGDauZJv0.roa
Signing time: Tue 02 Jan 2024 04:31:58 +0000
ROA not before: Tue 02 Jan 2024 04:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41717
IP address blocks: 95.181.154.0/24 maxlen: 24
95.181.162.0/24 maxlen: 24
95.181.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 03:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:50:f3:4b:ba:bb:c7:b2:bb:39:aa:26:fe:90:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 2 04:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b80a9f68c0c9565df00b9547839c060dab9926fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:fb:34:79:c3:34:dd:b3:d4:d3:51:51:8c:
2b:09:ae:98:76:cd:72:0f:b4:03:07:3b:3e:f7:4e:
33:d1:84:c5:c3:d0:82:3a:7c:c7:77:fe:25:87:0b:
a4:de:c1:95:dc:0c:d8:3e:8f:f5:a4:3f:5b:77:63:
54:c4:62:95:9d:bb:59:eb:68:94:76:b0:14:6a:9f:
0e:b8:f8:cc:79:9a:82:42:90:2a:b3:86:95:b4:07:
ab:e5:c6:a0:43:27:51:9b:91:a8:d3:28:7b:1d:a9:
df:3d:76:f2:c8:b6:b9:1b:fa:cd:99:1a:68:3e:f6:
36:d3:ee:76:89:95:7a:bc:04:ae:3f:b0:be:7d:57:
d2:04:98:fd:10:05:15:cb:1b:57:ae:b0:83:e4:1d:
52:b6:5d:61:3d:48:cc:60:fa:32:1c:eb:f1:74:1b:
92:a7:e4:9d:52:54:b2:ea:62:e8:cc:a2:1a:cb:d0:
82:91:eb:83:e8:9a:aa:63:ab:74:0e:27:9c:43:e4:
f1:e5:6e:70:16:b6:55:be:41:7e:a7:c0:df:c8:1e:
2f:1e:0a:9d:73:83:34:de:b8:0a:f9:1b:ca:1d:79:
e6:bd:30:23:ed:02:17:6a:ac:36:52:aa:b5:22:aa:
bd:a7:b0:73:63:b8:9a:a3:f6:23:f5:86:6d:d5:7f:
dd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:0A:9F:68:C0:C9:56:5D:F0:0B:95:47:83:9C:06:0D:AB:99:26:FD
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/uAqfaMDJVl3wC5VHg5wGDauZJv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.154.0/24
95.181.162.0/24
95.181.167.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a7:cc:3d:59:6b:23:13:8f:ef:cf:8a:f4:9f:bb:0e:34:97:
d6:4f:f7:06:a6:6d:d2:46:29:fb:e8:2e:ab:ab:39:ef:a1:98:
98:93:82:8f:a3:0c:9b:1c:15:28:b2:60:ef:94:fb:0b:a3:3a:
d3:fc:9b:fc:aa:e3:ae:2c:db:dd:54:d4:74:c7:95:27:51:26:
0b:e1:cb:2e:d4:58:08:c6:4a:75:11:b3:e0:33:64:45:a8:58:
31:cc:a4:a8:9c:12:59:ab:3c:f5:df:c5:16:b6:f8:19:eb:3f:
14:7e:64:d4:2c:fb:e4:1c:1e:a5:5f:7a:22:78:be:5f:84:c7:
66:81:64:18:e9:44:c6:c6:93:0d:d4:b3:77:28:bb:25:5e:bd:
b8:0e:68:de:1a:d6:5f:56:57:58:07:d3:ec:1a:f8:75:e9:36:
07:9b:f6:a9:14:0f:6f:25:8d:5c:9d:f0:f3:7e:75:c9:40:f8:
41:5d:c8:98:a6:85:68:7f:c9:d3:3f:3b:20:0c:e7:95:df:61:
65:70:17:96:0d:4c:67:84:29:7a:e3:9b:00:12:f8:e5:0c:3c:
b4:b9:f7:3a:51:b7:8e:14:73:1b:e9:cd:05:e3:a8:67:a1:94:
cf:26:d3:3e:be:67:ad:f8:11:65:95:08:4a:16:a3:e3:06:2f:
5e:01:fd:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIcVDzS7q7x7K7Oaom/pCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQwMTAyMDQzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODBhOWY2OGMwYzk1NjVkZjAwYjk1NDc4MzljMDYwZGFiOTkyNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIL7NHnDNN2z1NNRUYwrCa6Yds1y
D7QDBzs+904z0YTFw9CCOnzHd/4lhwuk3sGV3AzYPo/1pD9bd2NUxGKVnbtZ62iU
drAUap8OuPjMeZqCQpAqs4aVtAer5cagQydRm5Go0yh7HanfPXbyyLa5G/rNmRpo
PvY20+52iZV6vASuP7C+fVfSBJj9EAUVyxtXrrCD5B1Stl1hPUjMYPoyHOvxdBuS
p+SdUlSy6mLozKIay9CCkeuD6JqqY6t0DiecQ+Tx5W5wFrZVvkF+p8DfyB4vHgqd
c4M03rgK+RvKHXnmvTAj7QIXaqw2Uqq1Iqq9p7BzY7iao/Yj9YZt1X/d5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLgKn2jAyVZd8AuVR4OcBg2rmSb9MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvdUFxZmFNREpWbDN3QzVWSGc1d0dEYXVaSnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX7WaAwQA
X7WiAwQAX7WnMA0GCSqGSIb3DQEBCwUAA4IBAQAAp8w9WWsjE4/vz4r0n7sONJfW
T/cGpm3SRin76C6rqznvoZiYk4KPowybHBUosmDvlPsLozrT/Jv8quOuLNvdVNR0
x5UnUSYL4csu1FgIxkp1EbPgM2RFqFgxzKSonBJZqzz138UWtvgZ6z8UfmTULPvk
HB6lX3oieL5fhMdmgWQY6UTGxpMN1LN3KLslXr24DmjeGtZfVldYB9PsGvh16TYH
m/apFA9vJY1cnfDzfnXJQPhBXciYpoVof8nTPzsgDOeV32FlcBeWDUxnhCl645sA
EvjlDDy0ufc6UbeOFHMb6c0F46hnoZTPJtM+vmet+BFllQhKFqPjBi9eAf03
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:26 2025 by rpki-client