Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ZfwERQf2wg9xN99OCCCojKrvNcg.roa
File: ZfwERQf2wg9xN99OCCCojKrvNcg.roa (raw, json)
Hash identifier: EM9rXHjvI4AcncaAl6yfoqzNwVutJ/hQpbahupvpq0I=
Subject key identifier: 65:FC:04:45:07:F6:C2:0F:71:37:DF:4E:08:20:A8:8C:AA:EF:35:C8
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 01856D6F88CB775D742B32DAB81C425E0656
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ZfwERQf2wg9xN99OCCCojKrvNcg.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 95.38.144.0/22 maxlen: 22
95.38.144.0/24 maxlen: 24
95.38.145.0/24 maxlen: 24
95.38.148.0/22 maxlen: 22
95.38.147.0/24 maxlen: 24
95.38.149.0/24 maxlen: 24
95.38.148.0/24 maxlen: 24
95.38.151.0/24 maxlen: 24
95.38.150.0/24 maxlen: 24
95.38.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Jun 2023 06:51:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:88:cb:77:5d:74:2b:32:da:b8:1c:42:5e:06:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65fc044507f6c20f7137df4e0820a88caaef35c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:e7:24:79:ef:56:57:7d:e7:89:6f:d2:37:
46:c8:1f:32:15:1a:85:e0:d0:f4:73:47:e7:89:0d:
97:fd:d1:ce:41:02:65:ac:a8:37:cb:a5:f8:12:81:
90:18:90:7a:89:a0:b8:a2:f3:d6:40:21:79:57:2b:
aa:6f:41:69:ca:83:82:29:48:84:78:ea:e0:c7:53:
c3:1f:f0:51:2e:af:46:2e:5c:52:9f:45:35:24:81:
ed:e2:f4:bd:73:ae:ff:72:64:cc:b6:9e:83:78:39:
7e:ea:3e:0e:44:25:84:81:f9:cd:5d:e8:f1:45:73:
d0:39:31:9c:2f:11:00:97:08:b8:35:57:35:d4:3e:
43:87:13:08:25:b1:ee:e6:0a:ed:0b:4f:5c:1d:d3:
ae:7d:45:a7:b5:60:47:6f:c8:c3:b8:c8:b2:bf:6b:
ef:94:f7:99:f5:05:53:b4:5f:54:1c:95:26:7f:00:
c1:a9:d9:9c:8f:f3:cc:f0:c7:3f:32:5b:01:ad:37:
32:b9:bd:a5:bf:79:7d:89:6f:35:0a:18:3b:23:4e:
ef:1f:50:90:b2:36:6b:40:26:55:c2:d4:6e:af:30:
71:b6:60:47:7f:85:84:05:3e:4c:e0:bc:88:b8:dd:
ae:04:4f:61:04:c8:f7:28:8b:b3:62:25:67:6c:56:
81:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FC:04:45:07:F6:C2:0F:71:37:DF:4E:08:20:A8:8C:AA:EF:35:C8
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ZfwERQf2wg9xN99OCCCojKrvNcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.144.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:c2:6b:2e:0f:4e:a4:7e:c8:cb:bd:e7:18:99:75:2b:ac:fd:
3f:66:5a:8c:85:1a:1b:e1:a9:54:35:9d:4d:f3:93:9f:bd:f1:
97:3a:3c:54:32:ea:20:00:44:19:65:7a:d6:8b:d7:87:c5:32:
b7:9d:74:b1:25:bd:65:71:d4:6c:4c:87:00:53:8c:c3:f8:66:
da:b3:d4:c3:70:49:8d:dc:ee:c7:ab:6c:0b:0d:e3:5c:51:af:
46:f4:b1:8d:6b:b9:e5:86:3c:83:98:2c:e5:77:47:1d:e7:78:
30:b9:57:fc:cc:ee:d7:4f:91:dc:c0:ad:64:24:91:61:9e:d9:
ea:39:37:11:64:53:2c:58:60:7d:03:cc:cb:39:2e:a0:53:d5:
47:bc:a4:d6:79:2f:b9:ac:9d:7d:d4:5b:ea:29:e6:33:8b:48:
9d:39:bc:7d:25:67:31:d0:f3:d9:8b:b1:8d:77:0c:6b:db:a6:
39:a1:40:8e:68:7b:30:8c:6d:22:52:d1:f4:36:b8:42:79:d6:
ea:e3:96:7b:14:f7:7d:80:f8:d0:76:27:5f:11:12:fb:61:5e:
24:8e:d0:bc:9e:ac:e1:19:3c:fe:eb:fa:c1:3c:a1:9b:e9:83:
74:18:e6:28:b5:5d:80:c5:d7:65:f8:e6:86:a6:ae:21:56:34:
59:19:40:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb4jLd110KzLauBxCXgZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWZjMDQ0NTA3ZjZjMjBmNzEzN2RmNGUwODIwYTg4Y2FhZWYzNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscXnJHnvVld954lv0jdGyB8yFRqF
4ND0c0fniQ2X/dHOQQJlrKg3y6X4EoGQGJB6iaC4ovPWQCF5Vyuqb0FpyoOCKUiE
eOrgx1PDH/BRLq9GLlxSn0U1JIHt4vS9c67/cmTMtp6DeDl+6j4ORCWEgfnNXejx
RXPQOTGcLxEAlwi4NVc11D5DhxMIJbHu5grtC09cHdOufUWntWBHb8jDuMiyv2vv
lPeZ9QVTtF9UHJUmfwDBqdmcj/PM8Mc/MlsBrTcyub2lv3l9iW81Chg7I07vH1CQ
sjZrQCZVwtRurzBxtmBHf4WEBT5M4LyIuN2uBE9hBMj3KIuzYiVnbFaBkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGX8BEUH9sIPcTffTgggqIyq7zXIMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvWmZ3RVJRZjJ3Zzl4Tjk5T0NDQ29qS3J2TmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXyaQMA0G
CSqGSIb3DQEBCwUAA4IBAQCLwmsuD06kfsjLvecYmXUrrP0/ZlqMhRob4alUNZ1N
85OfvfGXOjxUMuogAEQZZXrWi9eHxTK3nXSxJb1lcdRsTIcAU4zD+Gbas9TDcEmN
3O7Hq2wLDeNcUa9G9LGNa7nlhjyDmCzld0cd53gwuVf8zO7XT5HcwK1kJJFhntnq
OTcRZFMsWGB9A8zLOS6gU9VHvKTWeS+5rJ191FvqKeYzi0idObx9JWcx0PPZi7GN
dwxr26Y5oUCOaHswjG0iUtH0NrhCedbq45Z7FPd9gPjQdidfERL7YV4kjtC8nqzh
GTz+6/rBPKGb6YN0GOYotV2Axddl+OaGpq4hVjRZGUAi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:45 2024 by rpki-client on console-ams.rpki-client.org