Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CRo-x4pMU6TGx5gQ5m8qgKJZ5Cw.roa
File: CRo-x4pMU6TGx5gQ5m8qgKJZ5Cw.roa (raw, json)
Hash identifier: Tv5Fu405CrFm+oAlvUhbWHSGf9WSvvpin76fyjdvbqQ=
Subject key identifier: 09:1A:3E:C7:8A:4C:53:A4:C6:C7:98:10:E6:6F:2A:80:A2:59:E4:2C
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0191B6AFA38A895CCDD82B2316F93DCF8F8B
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CRo-x4pMU6TGx5gQ5m8qgKJZ5Cw.roa
Signing time: Tue 03 Sep 2024 07:00:49 +0000
ROA not before: Tue 03 Sep 2024 07:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10103
IP address blocks: 95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 21:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:af:a3:8a:89:5c:cd:d8:2b:23:16:f9:3d:cf:8f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 3 07:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091a3ec78a4c53a4c6c79810e66f2a80a259e42c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:52:ca:19:44:e2:c9:94:1a:d5:a5:39:be:0f:
fe:66:8c:18:a9:a1:c1:33:d0:e6:d3:74:81:64:74:
79:36:c2:20:bf:7d:48:bb:7d:5c:88:d6:59:c7:d2:
a9:e3:8d:87:ef:f8:59:e3:88:45:7e:f6:b0:98:36:
a6:72:27:57:3b:b6:35:5e:4e:fb:3d:0b:1d:8f:18:
74:cb:44:d1:74:20:4b:03:b4:31:64:65:58:82:16:
f6:7a:95:9e:16:c4:59:32:14:f4:5c:43:ea:45:3e:
28:1e:2e:dd:e3:e7:48:92:ec:67:ed:13:d4:74:4a:
6c:1a:8e:09:9c:a2:95:02:6f:6c:a7:00:f5:07:09:
bc:f6:f6:47:a1:6a:90:63:9e:f1:40:ff:ee:76:c0:
d1:35:2f:33:85:bc:5e:8f:77:f2:30:f5:69:d6:cc:
58:b3:01:97:dd:9d:86:e0:5d:89:41:2b:9f:c0:b4:
a0:00:6c:36:08:05:31:c9:fc:24:e0:a8:13:fd:fc:
45:94:4b:9d:03:a8:95:f9:69:67:0e:cc:ce:78:dc:
43:98:9c:42:7a:6b:6f:14:4a:6c:2d:69:c9:d3:eb:
43:c9:11:69:ab:b9:45:dd:ab:2f:59:73:6c:85:bc:
5a:7a:dd:20:1b:4e:90:54:18:f2:b5:43:d0:57:30:
53:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1A:3E:C7:8A:4C:53:A4:C6:C7:98:10:E6:6F:2A:80:A2:59:E4:2C
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CRo-x4pMU6TGx5gQ5m8qgKJZ5Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.38.0/23
Signature Algorithm: sha256WithRSAEncryption
82:92:34:39:1d:72:de:f3:51:23:ea:bd:f9:34:c8:88:2f:a7:
69:8a:d5:f8:0f:74:9b:84:ad:11:f1:fb:bc:f4:c2:46:78:a0:
93:6e:a9:ce:a1:c1:3e:ef:97:58:22:63:dd:f1:30:3b:d6:9c:
ec:5a:df:95:6c:79:e4:8e:da:b8:1a:d2:2f:b4:b8:d9:77:5e:
ea:26:65:55:b7:29:8e:da:9c:21:ae:bb:2f:b7:a4:f1:99:a5:
c0:aa:60:b3:62:20:53:ec:38:e4:45:2d:9d:14:50:6f:e4:4f:
3b:04:78:20:43:6d:25:4d:3a:bc:d6:81:ba:ea:9e:05:d8:bd:
1a:e2:95:8b:47:30:b2:c5:42:a7:ce:d3:64:19:5f:ad:f9:33:
93:19:43:1a:5d:2b:90:9e:0e:6f:a8:36:1b:c3:ed:fb:d5:1e:
4f:d4:37:16:d1:de:30:1f:a7:38:0c:22:0c:15:f6:4a:23:be:
f0:66:fb:dc:6b:84:2e:5d:7b:5d:de:24:fe:a8:4e:1d:82:82:
73:47:42:76:f4:24:34:28:89:d4:49:ee:4c:10:6f:aa:32:61:
c3:44:76:00:0a:35:07:21:a3:16:80:05:27:95:0c:49:46:aa:
21:58:c2:fc:71:58:67:6b:89:fd:09:d4:12:e7:06:c7:44:73:
c3:4b:c6:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG2r6OKiVzN2CsjFvk9z4+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwOTAzMDcwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFhM2VjNzhhNGM1M2E0YzZjNzk4MTBlNjZmMmE4MGEyNTllNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1LKGUTiyZQa1aU5vg/+ZowYqaHB
M9Dm03SBZHR5NsIgv31Iu31ciNZZx9Kp442H7/hZ44hFfvawmDamcidXO7Y1Xk77
PQsdjxh0y0TRdCBLA7QxZGVYghb2epWeFsRZMhT0XEPqRT4oHi7d4+dIkuxn7RPU
dEpsGo4JnKKVAm9spwD1Bwm89vZHoWqQY57xQP/udsDRNS8zhbxej3fyMPVp1sxY
swGX3Z2G4F2JQSufwLSgAGw2CAUxyfwk4KgT/fxFlEudA6iV+WlnDszOeNxDmJxC
emtvFEpsLWnJ0+tDyRFpq7lF3asvWXNshbxaet0gG06QVBjytUPQVzBTtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkaPseKTFOkxseYEOZvKoCiWeQsMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvQ1JvLXg0cE1VNlRHeDVnUTVtOHFnS0paNUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX9YmMA0G
CSqGSIb3DQEBCwUAA4IBAQCCkjQ5HXLe81Ej6r35NMiIL6dpitX4D3SbhK0R8fu8
9MJGeKCTbqnOocE+75dYImPd8TA71pzsWt+VbHnkjtq4GtIvtLjZd17qJmVVtymO
2pwhrrsvt6TxmaXAqmCzYiBT7DjkRS2dFFBv5E87BHggQ20lTTq81oG66p4F2L0a
4pWLRzCyxUKnztNkGV+t+TOTGUMaXSuQng5vqDYbw+371R5P1DcW0d4wH6c4DCIM
FfZKI77wZvvca4QuXXtd3iT+qE4dgoJzR0J29CQ0KInUSe5MEG+qMmHDRHYACjUH
IaMWgAUnlQxJRqohWML8cVhna4n9CdQS5wbHRHPDS8ae
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:52 2025 by rpki-client