Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lkO5kT_7aiV7uu5gTex4-Odm63g.roa
File: lkO5kT_7aiV7uu5gTex4-Odm63g.roa (raw, json)
Hash identifier: e2n0xjmyIgklbJpCHEwMIG2ty4ZkpjQF312YVNmmqWg=
Subject key identifier: 96:43:B9:91:3F:FB:6A:25:7B:BA:EE:60:4D:EC:78:F8:E7:66:EB:78
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018C8ABDB75F57D3C2366B2B56B98B4432B4
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lkO5kT_7aiV7uu5gTex4-Odm63g.roa
Signing time: Thu 21 Dec 2023 04:58:58 +0000
ROA not before: Thu 21 Dec 2023 04:58:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/24 maxlen: 24
95.38.152.0/21 maxlen: 21
95.38.153.0/24 maxlen: 24
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.97.0/24 maxlen: 24
95.38.98.0/24 maxlen: 24
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.100.0/24 maxlen: 24
95.38.101.0/24 maxlen: 24
95.38.102.0/24 maxlen: 24
95.38.103.0/24 maxlen: 24
95.38.99.0/24 maxlen: 24
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
95.38.240.0/21 maxlen: 21
95.38.243.0/24 maxlen: 24
95.38.244.0/24 maxlen: 24
95.38.245.0/24 maxlen: 24
95.38.241.0/24 maxlen: 24
95.38.242.0/24 maxlen: 24
95.38.246.0/24 maxlen: 24
95.38.248.0/22 maxlen: 22
95.38.247.0/24 maxlen: 24
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Dec 2023 10:42:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8a:bd:b7:5f:57:d3:c2:36:6b:2b:56:b9:8b:44:32:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Dec 21 04:58:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9643b9913ffb6a257bbaee604dec78f8e766eb78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:16:cd:05:5f:09:14:c6:cc:2c:19:0d:de:09:
fa:e5:5d:7f:8d:d5:17:a2:b8:ba:24:de:67:85:e7:
e7:61:ed:3e:4a:9d:9f:ff:0e:4a:85:8c:d7:31:94:
43:58:81:db:b9:02:05:49:ed:8a:62:fc:d7:9c:ac:
44:4f:4d:30:30:6b:f3:69:89:8c:d0:41:1f:7e:e7:
f0:9c:b0:ce:58:4d:56:1a:b4:e5:58:f8:8e:42:24:
06:12:c3:f3:5e:e8:57:11:d7:9b:3f:4a:df:c1:13:
07:92:ea:cd:55:3e:47:79:57:07:40:e4:e5:f9:92:
8d:ac:22:47:f4:06:f1:19:2a:78:d0:3d:d0:23:c9:
b6:a8:75:a6:24:00:b2:80:16:59:76:71:fd:11:d4:
df:eb:1a:7e:68:ff:d1:17:27:44:5a:0e:42:32:28:
fe:5a:c5:6e:46:5d:b0:d5:dd:da:79:d3:a0:a6:24:
c9:9a:93:d5:17:04:69:bb:9a:da:35:91:94:d8:b0:
9a:58:c6:ca:b4:21:69:94:28:2b:c7:a2:d6:db:bb:
11:3c:f2:c0:d2:35:a4:ff:41:1b:3f:b7:5d:f7:a8:
34:5f:44:88:67:46:06:71:ec:27:95:73:b1:0b:1d:
86:97:52:93:29:e8:16:9f:8e:b4:3c:2d:bf:1d:7b:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:43:B9:91:3F:FB:6A:25:7B:BA:EE:60:4D:EC:78:F8:E7:66:EB:78
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/lkO5kT_7aiV7uu5gTex4-Odm63g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
61:77:7d:93:ab:4c:35:6e:b1:51:a3:45:6f:cf:08:25:65:9d:
00:6d:c7:80:98:c9:ac:b0:a5:fb:37:50:30:3b:58:88:8b:ef:
99:e9:7a:61:b5:6c:45:48:01:1a:78:f9:8e:34:0f:43:4b:2a:
79:16:93:0f:33:d8:10:ec:4c:6d:bc:8f:13:6c:5b:10:81:cc:
9b:fc:d9:17:ff:4a:ba:3a:c3:5d:ca:17:32:ab:42:a9:6e:41:
9b:52:4e:2a:79:3b:22:3f:f9:d0:49:d7:08:9b:c4:65:27:35:
09:2b:a6:23:fa:d0:90:51:4c:01:51:02:72:63:f4:49:70:ae:
3f:09:fe:cd:ce:0d:64:da:ab:5e:c7:de:cb:94:35:ab:10:1f:
9e:ae:e0:b6:52:2e:ea:d9:2e:87:8d:1d:22:fc:89:65:29:d8:
86:02:5a:f9:73:37:ac:a7:2d:e4:b9:47:75:66:cd:2f:e3:f0:
6b:f7:c4:8f:d7:5f:49:93:3d:07:52:99:9f:79:e4:db:21:d2:
e2:1f:84:2b:98:84:ba:0d:36:4e:bc:1b:b4:44:c1:e9:3b:39:
bf:08:a5:6a:c0:e6:96:8f:33:0d:3c:cd:e3:8e:f9:e2:bd:32:
3a:12:e6:b4:5f:f5:3e:d3:7f:6e:85:19:03:d5:55:96:35:36:
ca:ad:7b:3c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYyKvbdfV9PCNmsrVrmLRDK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMjIxMDQ1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQzYjk5MTNmZmI2YTI1N2JiYWVlNjA0ZGVjNzhmOGU3NjZlYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxbNBV8JFMbMLBkN3gn65V1/jdUX
ori6JN5nhefnYe0+Sp2f/w5KhYzXMZRDWIHbuQIFSe2KYvzXnKxET00wMGvzaYmM
0EEffufwnLDOWE1WGrTlWPiOQiQGEsPzXuhXEdebP0rfwRMHkurNVT5HeVcHQOTl
+ZKNrCJH9AbxGSp40D3QI8m2qHWmJACygBZZdnH9EdTf6xp+aP/RFydEWg5CMij+
WsVuRl2w1d3aedOgpiTJmpPVFwRpu5raNZGU2LCaWMbKtCFplCgrx6LW27sRPPLA
0jWk/0EbP7dd96g0X0SIZ0YGcewnlXOxCx2Gl1KTKegWn460PC2/HXtm0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJZDuZE/+2ole7ruYE3sePjnZut4MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvbGtPNWtUXzdhaVY3dXU1Z1RleDQtT2RtNjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQBhd32Tq0w1brFRo0Vv
zwglZZ0AbceAmMmssKX7N1AwO1iIi++Z6XphtWxFSAEaePmONA9DSyp5FpMPM9gQ
7ExtvI8TbFsQgcyb/NkX/0q6OsNdyhcyq0KpbkGbUk4qeTsiP/nQSdcIm8RlJzUJ
K6Yj+tCQUUwBUQJyY/RJcK4/Cf7Nzg1k2qtex97LlDWrEB+eruC2Ui7q2S6HjR0i
/IllKdiGAlr5czespy3kuUd1Zs0v4/Br98SP119Jkz0HUpmfeeTbIdLiH4QrmIS6
DTZOvBu0RMHpOzm/CKVqwOaWjzMNPM3jjvnivTI6Eua0X/U+039uhRkD1VWWNTbK
rXs8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:45 2024 by rpki-client on console-ams.rpki-client.org