Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/Qm0uX-uPYBmLFe2DB_753Rm44FA.roa
File: Qm0uX-uPYBmLFe2DB_753Rm44FA.roa (raw, json)
Hash identifier: 1fAhc7hxqBpuftubbHz3q2IC51aTHCLXatM9at9sg08=
Subject key identifier: 42:6D:2E:5F:EB:8F:60:19:8B:15:ED:83:07:FE:F9:DD:19:B8:E0:50
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018B614BC050C92452A6AC406E5A72C09DCE
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/Qm0uX-uPYBmLFe2DB_753Rm44FA.roa
Signing time: Tue 24 Oct 2023 10:47:16 +0000
ROA not before: Tue 24 Oct 2023 10:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.248.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/21 maxlen: 21
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.104.0/22 maxlen: 22
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:4b:c0:50:c9:24:52:a6:ac:40:6e:5a:72:c0:9d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Oct 24 10:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=426d2e5feb8f60198b15ed8307fef9dd19b8e050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1c:b9:ad:ee:d5:10:c6:0f:9a:ce:de:17:16:
e2:3e:cf:31:0a:e2:6d:7b:52:62:87:fa:c7:27:70:
de:2a:10:10:7a:f3:6d:6b:14:3b:a6:9a:d1:7c:ef:
5d:ee:ca:66:39:69:16:ee:78:a6:9d:1c:77:9d:b5:
7e:ee:22:e8:b4:ab:f5:b7:95:db:38:76:bd:5a:d9:
d3:d3:44:77:54:6d:3b:88:4a:4c:f3:74:4f:7e:92:
03:b1:25:a0:6d:e6:20:e7:00:18:31:28:f3:21:cb:
3b:45:19:65:3a:94:ca:77:cf:28:cb:88:95:e9:a3:
5c:84:63:ec:15:1c:e4:52:74:14:cf:52:df:d5:bd:
66:d4:c2:92:50:36:8f:de:9d:b5:53:61:d3:22:97:
e6:df:cb:11:27:a8:01:c7:77:96:f3:d8:ff:78:02:
b7:d0:39:6d:c0:98:a2:41:5b:7e:c5:16:06:62:14:
cc:95:74:e0:55:26:b2:ba:38:fa:5e:73:e7:09:4d:
74:0f:8f:d3:49:32:54:54:34:99:60:02:92:25:b3:
e3:8d:8e:10:59:e0:b4:d6:73:17:9d:8e:53:43:bc:
82:29:66:70:27:63:ce:7b:c2:3b:e9:f7:0e:ae:7a:
de:80:3d:6c:5a:a0:80:45:d8:c6:f8:fe:7a:62:2c:
6e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6D:2E:5F:EB:8F:60:19:8B:15:ED:83:07:FE:F9:DD:19:B8:E0:50
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/Qm0uX-uPYBmLFe2DB_753Rm44FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
8f:c1:07:59:8a:ce:c8:b2:75:43:7f:e9:b5:34:f7:87:97:e1:
2d:4e:73:52:b4:3d:80:d1:a3:c3:1e:50:10:11:f1:e1:d8:ef:
bc:98:3c:36:6a:a9:e3:d6:c2:5d:71:ea:76:1e:4f:64:54:71:
5f:00:6f:fa:84:17:1d:84:be:63:c9:ff:10:fe:29:01:ab:bb:
00:5a:5f:99:e1:d1:53:88:ac:d4:9e:8e:f0:93:69:d7:8e:e7:
3d:30:c1:74:84:b7:c2:b5:de:18:7f:83:d2:8a:af:1f:62:ea:
67:48:a0:b7:46:63:76:c4:e9:c5:d7:7f:12:ef:34:3a:a6:2b:
a7:35:67:82:06:fe:36:47:30:58:bd:fd:d2:46:71:25:da:03:
f1:ea:10:5d:ee:7a:b4:99:91:f0:fa:e8:ac:d4:3c:0f:bc:73:
6d:9b:7e:67:3f:50:56:61:78:85:55:fa:c7:e8:3a:67:5c:92:
e8:34:a4:2a:f1:54:eb:bc:97:20:2a:15:d5:25:d3:ef:19:89:
d0:0e:a1:cf:2f:10:b4:fd:2b:2c:69:8e:02:cb:fe:57:ad:b0:
e2:bf:dd:2a:83:43:8e:3b:30:10:68:1e:9c:66:8e:17:11:fb:
e8:48:4b:b7:67:41:cb:ca:90:52:e2:fd:24:65:6a:b2:8c:8b:
c5:21:db:f9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYthS8BQySRSpqxAblpywJ3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMDI0MTA0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZkMmU1ZmViOGY2MDE5OGIxNWVkODMwN2ZlZjlkZDE5YjhlMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRy5re7VEMYPms7eFxbiPs8xCuJt
e1Jih/rHJ3DeKhAQevNtaxQ7pprRfO9d7spmOWkW7nimnRx3nbV+7iLotKv1t5Xb
OHa9WtnT00R3VG07iEpM83RPfpIDsSWgbeYg5wAYMSjzIcs7RRllOpTKd88oy4iV
6aNchGPsFRzkUnQUz1Lf1b1m1MKSUDaP3p21U2HTIpfm38sRJ6gBx3eW89j/eAK3
0DltwJiiQVt+xRYGYhTMlXTgVSayujj6XnPnCU10D4/TSTJUVDSZYAKSJbPjjY4Q
WeC01nMXnY5TQ7yCKWZwJ2POe8I76fcOrnregD1sWqCARdjG+P56YixuNQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEJtLl/rj2AZixXtgwf++d0ZuOBQMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvUW0wdVgtdVBZQm1MRmUyREJfNzUzUm00NEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQCPwQdZis7IsnVDf+m1
NPeHl+EtTnNStD2A0aPDHlAQEfHh2O+8mDw2aqnj1sJdcep2Hk9kVHFfAG/6hBcd
hL5jyf8Q/ikBq7sAWl+Z4dFTiKzUno7wk2nXjuc9MMF0hLfCtd4Yf4PSiq8fYupn
SKC3RmN2xOnF138S7zQ6piunNWeCBv42RzBYvf3SRnEl2gPx6hBd7nq0mZHw+uis
1DwPvHNtm35nP1BWYXiFVfrH6DpnXJLoNKQq8VTrvJcgKhXVJdPvGYnQDqHPLxC0
/SssaY4Cy/5XrbDiv90qg0OOOzAQaB6cZo4XEfvoSEu3Z0HLypBS4v0kZWqyjIvF
Idv5
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net