Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/T6A0xVxWTjLCwzzryQvPxKoiy6s.roa
File: T6A0xVxWTjLCwzzryQvPxKoiy6s.roa (raw, json)
Hash identifier: r5r+nhOb0OksMrzhcJpnUXFtswxelVraZcGiKJtSNdU=
Subject key identifier: 4F:A0:34:C5:5C:56:4E:32:C2:C3:3C:EB:C9:0B:CF:C4:AA:22:CB:AB
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018BCDBB2ADC4C00D799BD76B4D01D78FF23
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/T6A0xVxWTjLCwzzryQvPxKoiy6s.roa
Signing time: Tue 14 Nov 2023 12:07:57 +0000
ROA not before: Tue 14 Nov 2023 12:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.248.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/21 maxlen: 21
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.97.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 22 Nov 2023 05:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:bb:2a:dc:4c:00:d7:99:bd:76:b4:d0:1d:78:ff:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Nov 14 12:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fa034c55c564e32c2c33cebc90bcfc4aa22cbab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:57:e3:5c:58:bc:b0:5e:b7:d9:05:38:fd:b6:
a8:9c:c4:82:dc:ca:0d:8a:ca:5b:9c:a2:0b:f6:5a:
0f:e6:4a:52:84:12:14:7e:82:18:e2:25:73:3e:6c:
76:85:71:2e:57:b1:79:f2:31:b9:25:8b:c2:a8:da:
55:87:14:fa:7f:69:30:8e:3c:66:a9:68:e9:08:cc:
bf:8e:1c:2a:36:9c:6d:ab:e0:e8:0b:25:45:66:98:
04:98:c8:cd:3a:f5:3b:4b:6f:76:ee:c3:03:28:26:
bf:7a:1e:40:4e:a6:ea:d1:03:41:85:32:ae:a0:f0:
3d:06:af:0a:85:0e:e1:6c:b6:1d:2b:c1:24:03:e7:
03:e6:77:15:08:32:e7:78:84:ef:a7:b3:57:a6:5b:
5f:cd:17:54:64:44:12:dc:bf:5d:1b:f4:34:c8:f8:
99:6b:f4:e6:9b:87:96:93:39:35:6b:9f:99:f4:8a:
4c:1e:d2:da:03:ee:d8:d4:90:e4:43:be:1d:bd:18:
72:f8:7a:62:1f:e2:0d:fb:8b:63:b3:49:8f:8a:5e:
30:3e:d4:1c:8b:a8:cf:d5:1d:12:7f:86:8e:59:0e:
4b:6f:b5:2d:b1:2d:04:bc:41:41:9c:c8:0e:83:61:
ad:6b:8a:3f:64:d8:15:11:13:87:e3:ee:2d:0c:c9:
32:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A0:34:C5:5C:56:4E:32:C2:C3:3C:EB:C9:0B:CF:C4:AA:22:CB:AB
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/T6A0xVxWTjLCwzzryQvPxKoiy6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
25:b1:8e:9e:84:f5:b7:19:c1:85:b2:19:8a:e6:ab:05:6a:03:
34:fe:cb:8e:ad:d1:7c:12:3e:ed:3b:c4:88:d7:25:e6:ff:85:
bb:1d:a0:79:c0:ed:b4:4e:7c:dd:57:9b:ec:fa:4e:9c:8f:a7:
38:4a:76:32:1a:96:3e:5f:e6:c3:2a:31:bb:40:ca:88:46:7c:
2a:e0:fd:0c:38:a1:15:aa:8d:ab:16:b0:ff:dc:28:50:74:f0:
41:cd:26:b2:19:d0:45:3e:4d:2d:5d:7f:bd:5a:fe:54:da:67:
c7:f6:8e:64:37:7f:29:fc:8e:4e:be:16:3a:93:64:3f:7e:4d:
dc:e5:0c:49:26:69:aa:11:31:e2:4a:23:45:1e:2d:2a:ba:db:
1c:f7:1e:ba:fa:4e:d8:69:49:6d:ee:b4:99:d3:e9:aa:2c:90:
03:f3:3e:70:f6:5b:09:ee:20:43:e7:18:3e:22:20:1f:b5:13:
88:48:29:72:bb:ab:2c:f7:99:19:b4:9d:52:c5:ee:99:75:03:
1d:38:9f:42:93:e5:68:1b:0e:95:48:b5:f0:10:76:d5:5d:e4:
28:86:04:0f:fd:a6:ec:bc:55:b3:00:5c:97:de:59:18:12:1d:
99:c9:94:63:02:6e:c5:a4:60:a2:dd:1d:98:99:f9:db:eb:1d:
80:cb:ed:3a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYvNuyrcTADXmb12tNAdeP8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMTE0MTIwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmEwMzRjNTVjNTY0ZTMyYzJjMzNjZWJjOTBiY2ZjNGFhMjJjYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1fjXFi8sF632QU4/baonMSC3MoN
ispbnKIL9loP5kpShBIUfoIY4iVzPmx2hXEuV7F58jG5JYvCqNpVhxT6f2kwjjxm
qWjpCMy/jhwqNpxtq+DoCyVFZpgEmMjNOvU7S2927sMDKCa/eh5ATqbq0QNBhTKu
oPA9Bq8KhQ7hbLYdK8EkA+cD5ncVCDLneITvp7NXpltfzRdUZEQS3L9dG/Q0yPiZ
a/Tmm4eWkzk1a5+Z9IpMHtLaA+7Y1JDkQ74dvRhy+HpiH+IN+4tjs0mPil4wPtQc
i6jP1R0Sf4aOWQ5Lb7UtsS0EvEFBnMgOg2Gta4o/ZNgVEROH4+4tDMkygQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE+gNMVcVk4ywsM868kLz8SqIsurMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvVDZBMHhWeFdUakxDd3p6cnlRdlB4S29peTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQAlsY6ehPW3GcGFshmK
5qsFagM0/suOrdF8Ej7tO8SI1yXm/4W7HaB5wO20TnzdV5vs+k6cj6c4SnYyGpY+
X+bDKjG7QMqIRnwq4P0MOKEVqo2rFrD/3ChQdPBBzSayGdBFPk0tXX+9Wv5U2mfH
9o5kN38p/I5OvhY6k2Q/fk3c5QxJJmmqETHiSiNFHi0qutsc9x66+k7YaUlt7rSZ
0+mqLJAD8z5w9lsJ7iBD5xg+IiAftROISClyu6ss95kZtJ1Sxe6ZdQMdOJ9Ck+Vo
Gw6VSLXwEHbVXeQohgQP/absvFWzAFyX3lkYEh2ZyZRjAm7FpGCi3R2Ymfnb6x2A
y+06
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:54 2024 by rpki-client on console-fra.rpki-client.org