Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lBGSfZaeD_-1mEo-yv3EaF1pHgY.roa
File: lBGSfZaeD_-1mEo-yv3EaF1pHgY.roa (raw, json)
Hash identifier: 6qYsV82F6nLGkvhi0nrj4qycXayC1RNygFlNk5QOT2U=
Subject key identifier: 94:11:92:7D:96:9E:0F:FF:B5:98:4A:3E:CA:FD:C4:68:5D:69:1E:06
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018BF579CAE431C89D63FEE5132709772104
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lBGSfZaeD_-1mEo-yv3EaF1pHgY.roa
Signing time: Wed 22 Nov 2023 05:21:21 +0000
ROA not before: Wed 22 Nov 2023 05:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.248.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/21 maxlen: 21
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.97.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.98.0/24 maxlen: 24
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:79:ca:e4:31:c8:9d:63:fe:e5:13:27:09:77:21:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Nov 22 05:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9411927d969e0fffb5984a3ecafdc4685d691e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b3:76:f8:4c:5b:6e:82:52:81:a6:09:4f:ca:
71:4d:d5:72:18:ad:30:d1:22:95:e5:29:24:43:cc:
91:fb:e9:d1:66:56:cf:61:2d:dd:f6:f1:8f:c7:7e:
87:e9:df:e0:82:6b:e7:b0:ed:bd:15:f2:f9:80:6b:
2e:86:49:4e:13:04:ec:7d:81:a5:ed:c2:bd:23:98:
0b:c2:f4:d7:98:5c:bd:e4:47:61:0c:26:fc:fb:60:
70:ca:0c:45:be:fe:81:5a:14:dc:bf:ce:fb:dd:5e:
bd:fb:c9:6b:9d:e2:c6:ae:e8:29:3b:d9:6d:97:dd:
68:3c:f2:d4:48:67:fa:54:a3:f7:6a:34:5e:3d:07:
4a:0a:b3:08:fa:36:33:54:d4:a2:cb:09:5d:02:ba:
49:11:f2:c6:63:24:a0:0e:5e:ee:7c:01:dd:ff:81:
82:23:f2:c5:5f:55:70:62:13:ab:1e:28:e0:0d:69:
e6:a8:6a:5f:79:34:2a:21:a3:b9:a3:47:dd:36:ff:
64:df:30:8e:30:96:eb:11:c5:e0:df:3c:0e:6a:62:
8b:00:0e:77:54:d6:b3:67:ea:b7:bc:ef:e3:7d:db:
6d:82:5f:94:1f:40:53:a7:31:c9:8e:dd:d7:8f:35:
db:32:cf:28:13:3c:dc:c5:eb:26:f2:d2:22:c7:d1:
d0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:11:92:7D:96:9E:0F:FF:B5:98:4A:3E:CA:FD:C4:68:5D:69:1E:06
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lBGSfZaeD_-1mEo-yv3EaF1pHgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
8d:e6:e9:ae:f0:cb:94:84:79:64:f2:64:64:62:9c:ad:0d:95:
1e:af:e4:01:57:8f:72:71:8c:28:37:ad:44:e3:96:fa:d5:d6:
fc:23:6f:58:4d:94:0a:b2:db:8b:b2:8c:06:d7:cb:63:d4:f4:
87:16:e3:d6:03:c4:5d:81:29:3c:91:25:62:f0:f0:65:e5:61:
08:25:97:14:aa:60:65:26:6a:c7:11:64:f5:01:84:e1:13:0d:
ae:74:02:2e:2e:40:05:eb:ff:7f:4c:3f:1f:b9:79:b5:77:cc:
b0:bd:06:17:75:14:e8:15:21:68:91:21:2d:26:64:36:d7:93:
8a:80:87:18:cf:fb:94:ce:ee:75:89:84:d4:fb:83:05:77:58:
95:6e:cf:1c:5e:2f:1d:5d:a7:a8:69:1b:17:74:06:e3:0f:5f:
ef:9f:58:f8:4b:27:01:a7:80:85:08:26:3e:36:f3:4d:1b:3f:
46:dc:01:a0:0d:28:9d:61:5e:d9:18:06:95:df:da:0e:fe:04:
37:53:c2:a6:71:23:6e:fb:3c:67:53:f9:36:6b:8e:49:e1:06:
a3:8a:50:50:9d:77:23:ee:79:fb:ea:d8:f3:9f:d7:a2:ef:89:
ed:14:47:54:33:fb:f8:4b:55:e0:1a:0c:6c:a2:95:12:2d:ed:
15:ba:c6:82
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYv1ecrkMcidY/7lEycJdyEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMTIyMDUyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDExOTI3ZDk2OWUwZmZmYjU5ODRhM2VjYWZkYzQ2ODVkNjkxZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrN2+ExbboJSgaYJT8pxTdVyGK0w
0SKV5SkkQ8yR++nRZlbPYS3d9vGPx36H6d/ggmvnsO29FfL5gGsuhklOEwTsfYGl
7cK9I5gLwvTXmFy95EdhDCb8+2BwygxFvv6BWhTcv8773V69+8lrneLGrugpO9lt
l91oPPLUSGf6VKP3ajRePQdKCrMI+jYzVNSiywldArpJEfLGYySgDl7ufAHd/4GC
I/LFX1VwYhOrHijgDWnmqGpfeTQqIaO5o0fdNv9k3zCOMJbrEcXg3zwOamKLAA53
VNazZ+q3vO/jfdttgl+UH0BTpzHJjt3XjzXbMs8oEzzcxesm8tIix9HQ7wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJQRkn2Wng//tZhKPsr9xGhdaR4GMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvbEJHU2ZaYWVEXy0xbUVvLXl2M0VhRjFwSGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQCN5umu8MuUhHlk8mRk
YpytDZUer+QBV49ycYwoN61E45b61db8I29YTZQKstuLsowG18tj1PSHFuPWA8Rd
gSk8kSVi8PBl5WEIJZcUqmBlJmrHEWT1AYThEw2udAIuLkAF6/9/TD8fuXm1d8yw
vQYXdRToFSFokSEtJmQ215OKgIcYz/uUzu51iYTU+4MFd1iVbs8cXi8dXaeoaRsX
dAbjD1/vn1j4SycBp4CFCCY+NvNNGz9G3AGgDSidYV7ZGAaV39oO/gQ3U8KmcSNu
+zxnU/k2a45J4QajilBQnXcj7nn76tjzn9ei74ntFEdUM/v4S1XgGgxsopUSLe0V
usaC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net