Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nK3mQlkj-dmz5NhG4mWfPHjTv7c.roa
File: nK3mQlkj-dmz5NhG4mWfPHjTv7c.roa (raw, json)
Hash identifier: iZGNIpfGt409D3FaFvaFC7vBjp7l2cJhFHQP9mJ2IDo=
Subject key identifier: 9C:AD:E6:42:59:23:F9:D9:B3:E4:D8:46:E2:65:9F:3C:78:D3:BF:B7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0190BC8BF141B727B15408636C83275AED48
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nK3mQlkj-dmz5NhG4mWfPHjTv7c.roa
Signing time: Tue 16 Jul 2024 17:16:46 +0000
ROA not before: Tue 16 Jul 2024 17:16:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56465
IP address blocks: 95.47.116.0/24 maxlen: 24
95.47.117.0/24 maxlen: 24
146.120.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:8b:f1:41:b7:27:b1:54:08:63:6c:83:27:5a:ed:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 16 17:16:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cade6425923f9d9b3e4d846e2659f3c78d3bfb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:05:26:04:c7:94:3c:68:b2:51:3c:d9:4f:
25:f5:66:a9:0f:6e:4d:dd:76:37:c0:95:1e:89:40:
3b:39:c5:97:23:bc:49:7c:43:86:3d:a4:83:2e:d4:
18:85:cc:dd:cc:dc:71:8c:78:44:ad:3a:85:39:75:
15:34:31:d2:e3:57:4a:44:a6:0e:2b:b7:3a:1b:ff:
ed:87:83:e6:24:7c:0a:29:6e:77:e9:94:36:70:d8:
4c:b1:5f:3b:70:ca:58:8a:b2:46:07:de:82:9e:2e:
55:6d:48:ef:b8:80:79:37:23:2e:48:ea:aa:e9:b0:
3a:42:2c:97:ac:52:c3:4f:01:44:96:8a:61:a2:8c:
33:59:9e:c6:67:7e:a4:39:a0:7a:e3:c9:51:b4:a4:
75:37:33:5d:72:7e:40:f2:bc:b7:d9:f7:d1:6f:a3:
76:bb:a7:87:62:69:f6:e8:a3:c9:7a:15:19:c6:34:
27:76:5f:09:1d:b4:19:c8:d3:b6:e0:5c:fd:07:68:
59:96:48:60:16:7a:c7:57:26:bc:76:0c:db:f8:14:
a4:70:16:1b:3e:9a:b4:69:1a:64:d2:88:f3:71:97:
53:d1:be:73:1a:fe:85:c8:6b:65:b7:26:9e:8c:36:
14:89:55:94:5d:ab:ef:da:72:57:e7:f4:0d:d6:6d:
0a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AD:E6:42:59:23:F9:D9:B3:E4:D8:46:E2:65:9F:3C:78:D3:BF:B7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nK3mQlkj-dmz5NhG4mWfPHjTv7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.116.0/23
146.120.95.0/24
Signature Algorithm: sha256WithRSAEncryption
94:8d:a0:f8:da:ce:d0:27:76:9c:db:34:c4:83:6d:44:06:ca:
16:68:24:72:4d:fa:cd:db:44:d5:67:78:7c:9a:6c:fc:d5:94:
f6:7a:d5:4c:ee:a8:61:83:68:88:d6:94:1b:1e:56:c1:93:51:
d4:97:bd:22:4c:cb:20:1d:d3:74:c2:19:17:68:68:ab:97:3e:
3f:b1:24:1f:2e:53:ba:af:55:33:08:18:96:4b:d1:36:dc:64:
71:d7:c8:75:bf:1f:6c:e5:86:da:7a:7e:6f:b9:16:68:71:cf:
7c:2b:3e:b9:6e:be:45:ac:0a:82:cb:35:ea:6a:d6:2c:0f:9f:
68:48:81:e9:35:c6:6a:3f:5d:4c:90:9b:b6:37:03:67:f8:99:
f2:7f:aa:18:29:57:07:ed:e9:e9:ad:84:7d:2c:92:01:55:ca:
1c:91:b6:30:96:37:39:62:e4:3b:20:0f:2e:7b:81:bf:66:fa:
af:31:b9:10:17:e9:71:67:b6:f6:d3:46:95:8f:6c:32:00:1d:
4d:39:e3:5d:df:19:30:a0:30:e0:46:e2:d4:60:a8:d8:19:ef:
48:3d:7b:02:6f:cd:6c:35:b3:0c:09:f2:d1:bc:33:61:c5:3f:
96:25:78:7c:b4:3c:06:23:51:b6:a1:e6:9b:0d:80:29:a8:ec:
9f:f8:95:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC8i/FBtyexVAhjbIMnWu1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwNzE2MTcxNjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FkZTY0MjU5MjNmOWQ5YjNlNGQ4NDZlMjY1OWYzYzc4ZDNiZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3UFJgTHlDxoslE82U8l9WapD25N
3XY3wJUeiUA7OcWXI7xJfEOGPaSDLtQYhczdzNxxjHhErTqFOXUVNDHS41dKRKYO
K7c6G//th4PmJHwKKW536ZQ2cNhMsV87cMpYirJGB96Cni5VbUjvuIB5NyMuSOqq
6bA6QiyXrFLDTwFElophoowzWZ7GZ36kOaB648lRtKR1NzNdcn5A8ry32ffRb6N2
u6eHYmn26KPJehUZxjQndl8JHbQZyNO24Fz9B2hZlkhgFnrHVya8dgzb+BSkcBYb
Ppq0aRpk0ojzcZdT0b5zGv6FyGtltyaejDYUiVWUXavv2nJX5/QN1m0KFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyt5kJZI/nZs+TYRuJlnzx407+3MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbkszbVFsa2otZG16NU5oRzRtV2ZQSGpUdjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXy90AwQA
knhfMA0GCSqGSIb3DQEBCwUAA4IBAQCUjaD42s7QJ3ac2zTEg21EBsoWaCRyTfrN
20TVZ3h8mmz81ZT2etVM7qhhg2iI1pQbHlbBk1HUl70iTMsgHdN0whkXaGirlz4/
sSQfLlO6r1UzCBiWS9E23GRx18h1vx9s5Ybaen5vuRZocc98Kz65br5FrAqCyzXq
atYsD59oSIHpNcZqP11MkJu2NwNn+Jnyf6oYKVcH7enprYR9LJIBVcockbYwljc5
YuQ7IA8ue4G/ZvqvMbkQF+lxZ7b200aVj2wyAB1NOeNd3xkwoDDgRuLUYKjYGe9I
PXsCb81sNbMMCfLRvDNhxT+WJXh8tDwGI1G2oeabDYApqOyf+JUl
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:37 2025 by rpki-client