Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rorPQrW7I5ZaJ2Y4leYtVytLVaw.roa
File: rorPQrW7I5ZaJ2Y4leYtVytLVaw.roa (raw, json)
Hash identifier: aOMs+oZuDKZgpcd96s5v4XV5Fxg4gFdJWtIxbQ5gaGM=
Subject key identifier: AE:8A:CF:42:B5:BB:23:96:5A:27:66:38:95:E6:2D:57:2B:4B:55:AC
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018B612E744BCE19DB05F051E2BEB4C2552E
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rorPQrW7I5ZaJ2Y4leYtVytLVaw.roa
Signing time: Tue 24 Oct 2023 10:15:16 +0000
ROA not before: Tue 24 Oct 2023 10:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.136.0/22 maxlen: 22
95.38.248.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/21 maxlen: 21
95.38.168.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.96.0/21 maxlen: 21
95.38.104.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:2e:74:4b:ce:19:db:05:f0:51:e2:be:b4:c2:55:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Oct 24 10:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae8acf42b5bb23965a27663895e62d572b4b55ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:83:c8:3a:50:88:00:46:16:cd:09:dd:5b:fe:
16:ad:f4:c1:d4:be:38:77:89:7a:fb:3b:5f:2d:89:
c8:ca:2b:d1:a6:2a:50:36:b2:09:20:95:be:45:b5:
39:0a:a1:df:e2:2c:10:f2:e6:24:c6:c0:9b:c2:e2:
66:aa:a5:85:d4:89:45:51:de:54:64:67:52:e4:07:
54:6c:ba:ec:96:ab:20:52:af:fb:ac:c9:96:cc:5e:
97:18:7f:0d:a6:7b:b1:7e:d2:cd:fc:2b:88:5b:ed:
07:59:b5:0e:c4:45:ad:4c:3d:1d:bf:f0:6f:14:01:
51:6d:13:af:15:53:9f:19:16:3d:85:68:b2:bd:b9:
69:14:bd:62:a5:f4:9c:0a:63:a0:6d:cf:e1:b0:00:
f6:a0:d9:ef:52:25:b1:4a:f1:0d:6d:02:64:37:c1:
b5:64:45:a8:64:ef:98:12:4f:3e:89:c3:26:05:8d:
bf:d7:54:f0:8d:ac:79:b4:cb:17:00:a5:95:58:91:
68:62:f2:69:c2:12:aa:e1:82:1a:b6:2e:1b:16:c2:
f1:03:bb:af:48:b2:43:1e:67:66:d5:b9:24:7e:e6:
da:e7:e6:4d:0b:14:f5:26:39:31:87:b4:e3:fb:c2:
7f:a1:4d:b6:e8:de:c8:9e:d0:7a:54:a5:c3:49:12:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8A:CF:42:B5:BB:23:96:5A:27:66:38:95:E6:2D:57:2B:4B:55:AC
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rorPQrW7I5ZaJ2Y4leYtVytLVaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.132.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
7f:b0:b0:74:79:1e:b3:84:f5:b6:c9:58:eb:95:a2:f7:44:bf:
42:ef:24:61:e2:e5:ae:2f:bd:9f:d0:ee:fe:f5:56:87:dd:f1:
6f:3c:ce:12:c8:27:ee:33:34:53:9d:07:2b:3e:a8:aa:17:70:
cd:c2:3e:a9:f2:3d:0d:84:b3:84:e4:02:54:40:f7:b3:39:be:
60:88:60:ca:5c:9e:1a:c7:c1:43:4b:78:04:a1:ab:b2:92:98:
89:c9:50:68:7d:2e:81:e2:bd:8f:5f:f3:68:f7:20:26:e0:d0:
a2:cd:b9:57:fa:16:bc:53:e6:cb:98:f8:74:1e:e5:d8:58:50:
59:04:34:d1:89:0d:dc:20:e0:2c:60:e6:82:71:87:86:48:c9:
36:92:68:1f:75:20:e9:62:df:da:28:65:80:0a:e1:63:b0:ee:
18:f9:15:7d:48:01:77:2a:c3:ed:c1:ef:bd:c5:00:d3:34:d0:
87:66:26:d7:d0:2c:ef:2a:86:25:7a:cb:7e:14:4a:80:3c:0b:
d9:5d:b0:97:2f:f6:52:12:4b:d5:0a:d2:ba:e9:27:46:58:45:
c4:8f:22:d2:19:3d:b6:9d:13:26:80:f0:20:f3:7c:d1:17:af:
8f:eb:f1:1d:46:3a:fd:62:9c:15:82:7a:7a:ff:a7:88:95:42:
61:a0:38:69
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYthLnRLzhnbBfBR4r60wlUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMDI0MTAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThhY2Y0MmI1YmIyMzk2NWEyNzY2Mzg5NWU2MmQ1NzJiNGI1NWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4PIOlCIAEYWzQndW/4WrfTB1L44
d4l6+ztfLYnIyivRpipQNrIJIJW+RbU5CqHf4iwQ8uYkxsCbwuJmqqWF1IlFUd5U
ZGdS5AdUbLrslqsgUq/7rMmWzF6XGH8NpnuxftLN/CuIW+0HWbUOxEWtTD0dv/Bv
FAFRbROvFVOfGRY9hWiyvblpFL1ipfScCmOgbc/hsAD2oNnvUiWxSvENbQJkN8G1
ZEWoZO+YEk8+icMmBY2/11Twjax5tMsXAKWVWJFoYvJpwhKq4YIati4bFsLxA7uv
SLJDHmdm1bkkfuba5+ZNCxT1Jjkxh7Tj+8J/oU226N7IntB6VKXDSRL9kwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFK6Kz0K1uyOWWidmOJXmLVcrS1WsMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvcm9yUFFyVzdJNVphSjJZNGxlWXRWeXRMVmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAVfJmAD
BAJfJmgwDAMEAl8mhAMEBF8mgAMEA18mmAMEAl8mqAMEAl8myAMEAl8m0DAMAwQE
XybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQB/sLB0eR6zhPW2yVjrlaL3RL9C
7yRh4uWuL72f0O7+9VaH3fFvPM4SyCfuMzRTnQcrPqiqF3DNwj6p8j0NhLOE5AJU
QPezOb5giGDKXJ4ax8FDS3gEoauykpiJyVBofS6B4r2PX/No9yAm4NCizblX+ha8
U+bLmPh0HuXYWFBZBDTRiQ3cIOAsYOaCcYeGSMk2kmgfdSDpYt/aKGWACuFjsO4Y
+RV9SAF3KsPtwe+9xQDTNNCHZibX0CzvKoYlest+FEqAPAvZXbCXL/ZSEkvVCtK6
6SdGWEXEjyLSGT22nRMmgPAg83zRF6+P6/EdRjr9YpwVgnp6/6eIlUJhoDhp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net