Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/_VL7DbIRF5TMTM5IHHm-I8fLZXk.roa
File: _VL7DbIRF5TMTM5IHHm-I8fLZXk.roa (raw, json)
Hash identifier: AeUP2BcyFAAVWpgdQEYLeeO+IwO/3NqzrAYsUrEqmmo=
Subject key identifier: FD:52:FB:0D:B2:11:17:94:CC:4C:CE:48:1C:79:BE:23:C7:CB:65:79
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 01856D6F8866B59332E53B67299790969E48
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/_VL7DbIRF5TMTM5IHHm-I8fLZXk.roa
Signing time: Sun 01 Jan 2023 13:05:03 +0000
ROA not before: Sun 01 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 95.38.246.0/23 maxlen: 23
95.38.244.0/23 maxlen: 23
95.38.248.0/22 maxlen: 22
95.38.240.0/22 maxlen: 22
95.38.138.0/23 maxlen: 23
95.38.136.0/23 maxlen: 23
95.38.134.0/23 maxlen: 23
95.38.142.0/23 maxlen: 23
95.38.140.0/23 maxlen: 23
95.38.152.0/23 maxlen: 23
95.38.158.0/23 maxlen: 23
95.38.156.0/23 maxlen: 23
95.38.154.0/23 maxlen: 23
95.38.104.0/22 maxlen: 22
95.38.132.0/22 maxlen: 22
95.38.132.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:88:66:b5:93:32:e5:3b:67:29:97:90:96:9e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 1 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd52fb0db2111794cc4cce481c79be23c7cb6579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e4:b1:a0:91:e8:aa:e9:9f:bc:1c:55:bb:a7:
eb:b7:23:83:0b:b6:e5:d9:9f:38:0e:4a:95:31:88:
d3:15:28:1f:2b:32:dc:b8:78:0c:64:9e:ea:a8:42:
03:4b:21:b3:99:92:f7:eb:27:5f:f0:91:2b:12:e2:
fa:b1:41:19:98:38:33:45:7e:cc:2d:ad:25:7f:bf:
5d:d0:66:62:9e:df:f1:a7:c9:49:2a:c0:b0:7a:84:
a6:f8:97:0c:59:8d:82:d1:e9:36:15:9a:10:2c:a7:
8b:e2:b9:5f:6e:2f:10:a8:1d:bd:69:88:e7:0d:d3:
1d:64:7f:5c:1f:7e:3e:12:10:60:c8:09:08:db:f4:
0f:4e:d9:a3:56:c3:21:42:f8:c0:03:ef:f0:b6:cf:
3b:c0:4f:ae:ea:3a:bc:99:95:5a:be:49:0d:c2:2a:
06:57:96:23:1c:f5:a0:e2:73:a7:54:82:31:61:05:
5b:25:aa:99:d4:0a:12:f2:65:93:73:95:ee:eb:df:
9e:ad:dd:6f:72:b5:97:90:51:db:37:a0:d8:f6:80:
04:73:56:a8:11:c1:3d:f3:1c:9b:3f:50:e2:d6:3d:
31:9e:2f:f5:bc:5f:02:fe:50:e6:a9:d0:6c:dd:d0:
98:c2:3c:92:ed:c1:12:ac:cd:78:39:24:ea:5a:00:
4b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:52:FB:0D:B2:11:17:94:CC:4C:CE:48:1C:79:BE:23:C7:CB:65:79
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/_VL7DbIRF5TMTM5IHHm-I8fLZXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.104.0/22
95.38.132.0-95.38.143.255
95.38.152.0/21
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
20:21:01:2c:c3:1b:6f:dd:06:51:d7:07:ed:cb:9b:17:8d:a4:
4f:52:0b:01:bf:7a:1d:8b:98:cd:48:91:2a:7a:d2:59:2d:d8:
2c:ee:e7:55:d3:84:34:81:39:22:d0:7f:11:58:63:66:1a:49:
e1:19:0e:7a:02:3e:8e:31:e9:e2:8b:e4:e3:61:d8:c4:b1:d8:
41:d9:a1:7d:d8:58:a3:c2:4d:87:4f:41:24:42:13:34:5e:38:
c3:ee:1d:90:aa:0b:02:84:6b:26:b4:fc:80:19:fd:54:c1:99:
d8:38:66:a1:09:d1:d7:db:69:1a:dc:3e:2e:dd:b6:22:12:f5:
d7:0b:6c:bb:16:7c:46:ab:41:e1:15:4e:23:d8:39:ef:4e:79:
9b:3b:2a:d9:22:a8:d9:f0:ad:e5:2c:ef:0a:73:77:59:54:a4:
6e:26:cf:30:33:d2:31:ea:85:c8:e1:8b:37:65:48:68:2f:b7:
1b:b4:a2:70:f1:51:1a:3c:90:07:40:85:a3:84:48:3c:16:6b:
d1:e7:92:ab:a8:f9:12:d2:a9:00:63:26:cc:27:76:d6:a3:80:
fa:8d:b9:04:62:76:30:fa:4d:5b:e9:39:a6:43:09:1f:4e:88:
fa:d7:1c:d4:0a:5f:47:e2:1d:bf:53:40:11:07:38:76:df:1d:
ff:5a:be:d0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVtb4hmtZMy5TtnKZeQlp5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMwMTAxMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDUyZmIwZGIyMTExNzk0Y2M0Y2NlNDgxYzc5YmUyM2M3Y2I2NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieSxoJHoqumfvBxVu6frtyODC7bl
2Z84DkqVMYjTFSgfKzLcuHgMZJ7qqEIDSyGzmZL36ydf8JErEuL6sUEZmDgzRX7M
La0lf79d0GZint/xp8lJKsCweoSm+JcMWY2C0ek2FZoQLKeL4rlfbi8QqB29aYjn
DdMdZH9cH34+EhBgyAkI2/QPTtmjVsMhQvjAA+/wts87wE+u6jq8mZVavkkNwioG
V5YjHPWg4nOnVIIxYQVbJaqZ1AoS8mWTc5Xu69+erd1vcrWXkFHbN6DY9oAEc1ao
EcE98xybP1Di1j0xni/1vF8C/lDmqdBs3dCYwjyS7cESrM14OSTqWgBLiQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP1S+w2yEReUzEzOSBx5viPHy2V5MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvX1ZMN0RiSVJGNVRNVE01SUhIbS1JOGZMWlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCXyZoMAwD
BAJfJoQDBARfJoADBANfJpgwDAMEBF8m8AMEAl8m+DANBgkqhkiG9w0BAQsFAAOC
AQEAICEBLMMbb90GUdcH7cubF42kT1ILAb96HYuYzUiRKnrSWS3YLO7nVdOENIE5
ItB/EVhjZhpJ4RkOegI+jjHp4ovk42HYxLHYQdmhfdhYo8JNh09BJEITNF44w+4d
kKoLAoRrJrT8gBn9VMGZ2DhmoQnR19tpGtw+Lt22IhL11wtsuxZ8RqtB4RVOI9g5
7055mzsq2SKo2fCt5SzvCnN3WVSkbibPMDPSMeqFyOGLN2VIaC+3G7SicPFRGjyQ
B0CFo4RIPBZr0eeSq6j5EtKpAGMmzCd21qOA+o25BGJ2MPpNW+k5pkMJH06I+tcc
1ApfR+Idv1NAEQc4dt8d/1q+0A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net