Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/nCuJXNkDKvKvB0_CIGEJnYazwuQ.roa
File: nCuJXNkDKvKvB0_CIGEJnYazwuQ.roa (raw, json)
Hash identifier: lzHYmQHey3Jw6IEORpg0urx8kVa03plLvSFHU7omTHY=
Subject key identifier: 9C:2B:89:5C:D9:03:2A:F2:AF:07:4F:C2:20:61:09:9D:86:B3:C2:E4
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 018CEFAA8B8769F5A008DE72AAE7E9099BDE
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/nCuJXNkDKvKvB0_CIGEJnYazwuQ.roa
Signing time: Tue 09 Jan 2024 19:19:40 +0000
ROA not before: Tue 09 Jan 2024 19:19:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42675
IP address blocks: 95.141.241.0/24 maxlen: 24
2a13:7c80::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 02 Mar 2024 14:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:aa:8b:87:69:f5:a0:08:de:72:aa:e7:e9:09:9b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Jan 9 19:19:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c2b895cd9032af2af074fc22061099d86b3c2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:a4:6b:75:8b:f3:3e:87:01:f6:13:f0:89:
58:aa:16:44:7c:7c:8f:23:75:35:86:41:ef:62:93:
44:b9:28:eb:14:b4:4a:43:0d:0f:62:8f:cc:a9:4a:
a9:0c:0a:45:da:19:01:5d:cb:a2:b4:73:4a:35:bc:
53:7b:e4:00:25:3f:c8:76:2f:17:d6:8f:b4:67:dc:
10:b2:d4:d6:1a:1e:1b:51:3b:79:8c:43:1c:c3:50:
9d:54:7f:b4:9e:72:aa:6b:da:8f:ea:d1:73:ed:aa:
9c:7f:bc:b0:2e:4a:5a:d1:cb:6c:49:70:c9:2d:28:
62:de:37:2b:d6:8e:53:d2:3d:a7:4d:fe:85:53:68:
51:1d:e1:f1:13:42:84:d7:d5:bf:1b:0f:4d:af:9c:
63:b1:b8:92:ba:81:ae:60:c0:31:99:7d:95:44:52:
e0:7d:43:ec:d6:f5:71:fe:e6:34:f8:8a:18:e1:c7:
42:3b:db:c7:cd:05:d6:09:54:b0:d7:79:45:22:7c:
3f:83:5a:e0:02:40:e3:27:8a:91:b6:42:c1:be:33:
a0:80:70:25:b0:aa:bd:5f:b4:63:c3:53:17:7b:03:
f6:4b:d2:a2:63:61:99:23:68:d2:fd:64:3e:01:c8:
aa:e1:58:c3:76:13:13:0b:1b:12:ef:bf:67:59:a6:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2B:89:5C:D9:03:2A:F2:AF:07:4F:C2:20:61:09:9D:86:B3:C2:E4
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/nCuJXNkDKvKvB0_CIGEJnYazwuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
IPv6:
2a13:7c80::/48
Signature Algorithm: sha256WithRSAEncryption
98:ad:48:6e:eb:49:2c:45:15:9a:55:7d:4c:88:d2:12:83:77:
38:a3:0e:47:b9:ea:11:87:95:a3:ff:83:52:85:45:8b:17:6b:
fa:3d:8b:8e:ad:fe:79:cb:56:1b:4d:a2:43:d0:df:a8:2d:d3:
5d:c9:57:c3:0b:67:e6:57:a4:ef:b4:1c:c1:05:09:d5:c0:3e:
f8:69:c8:80:3a:9d:66:74:f4:93:3f:35:e3:3f:75:fa:b7:70:
a0:6c:81:2c:69:b3:ac:d8:a4:00:1c:65:2f:2e:3c:6c:9e:38:
08:ca:15:83:a9:a0:86:a1:68:b9:08:87:db:d9:c5:29:89:b7:
74:71:26:d9:76:b1:a2:5d:31:4e:a8:ba:c3:a4:ba:ff:33:93:
f1:12:21:26:55:68:5d:f4:f9:3b:34:74:a2:f5:38:77:ec:74:
ad:fc:03:21:88:f4:40:93:b2:51:a6:60:f4:b7:00:cb:65:8c:
9a:7a:f7:ea:e1:b3:0a:92:17:16:9e:b7:a8:5e:4e:30:95:60:
4b:b9:bf:7a:38:1d:16:28:02:5e:b4:37:15:ce:53:9e:d1:04:
98:37:97:e4:21:e7:0a:64:d9:81:ba:75:73:c8:8b:91:94:2a:
7f:e0:0f:f3:0b:3a:f7:ea:c4:4e:38:de:c1:38:47:4f:80:72:
78:ec:a8:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzvqouHafWgCN5yqufpCZveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjQwMTA5MTkxOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJiODk1Y2Q5MDMyYWYyYWYwNzRmYzIyMDYxMDk5ZDg2YjNjMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNKka3WL8z6HAfYT8IlYqhZEfHyP
I3U1hkHvYpNEuSjrFLRKQw0PYo/MqUqpDApF2hkBXcuitHNKNbxTe+QAJT/Idi8X
1o+0Z9wQstTWGh4bUTt5jEMcw1CdVH+0nnKqa9qP6tFz7aqcf7ywLkpa0ctsSXDJ
LShi3jcr1o5T0j2nTf6FU2hRHeHxE0KE19W/Gw9Nr5xjsbiSuoGuYMAxmX2VRFLg
fUPs1vVx/uY0+IoY4cdCO9vHzQXWCVSw13lFInw/g1rgAkDjJ4qRtkLBvjOggHAl
sKq9X7Rjw1MXewP2S9KiY2GZI2jS/WQ+Aciq4VjDdhMTCxsS779nWaZ0UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwriVzZAyryrwdPwiBhCZ2Gs8LkMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvbkN1SlhOa0RLdkt2QjBfQ0lHRUpuWWF6d3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAX43xMA8E
AgACMAkDBwAqE3yAAAAwDQYJKoZIhvcNAQELBQADggEBAJitSG7rSSxFFZpVfUyI
0hKDdzijDke56hGHlaP/g1KFRYsXa/o9i46t/nnLVhtNokPQ36gt013JV8MLZ+ZX
pO+0HMEFCdXAPvhpyIA6nWZ09JM/NeM/dfq3cKBsgSxps6zYpAAcZS8uPGyeOAjK
FYOpoIahaLkIh9vZxSmJt3RxJtl2saJdMU6ousOkuv8zk/ESISZVaF30+Ts0dKL1
OHfsdK38AyGI9ECTslGmYPS3AMtljJp69+rhswqSFxaet6heTjCVYEu5v3o4HRYo
Al60NxXOU57RBJg3l+Qh5wpk2YG6dXPIi5GUKn/gD/MLOvfqxE443sE4R0+Acnjs
qAI=
-----END CERTIFICATE-----
Generated at Sat Mar 2 16:18:36 2024 by rpki-client on console.sobornost.net