Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rENK-zuLt2M6_kHKcDIuPx1LYws.roa
File: rENK-zuLt2M6_kHKcDIuPx1LYws.roa (raw, json)
Hash identifier: AJBd2eno/otNZUQSse9uAzblV0bOtrnT9wq/FPfgHWs=
Subject key identifier: AC:43:4A:FB:3B:8B:B7:63:3A:FE:41:CA:70:32:2E:3F:1D:4B:63:0B
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018CCA29D0B4751969BB53F372FBC57AB05C
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rENK-zuLt2M6_kHKcDIuPx1LYws.roa
Signing time: Tue 02 Jan 2024 12:33:07 +0000
ROA not before: Tue 02 Jan 2024 12:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/24 maxlen: 24
95.38.152.0/21 maxlen: 21
95.38.159.0/24 maxlen: 24
95.38.157.0/24 maxlen: 24
95.38.158.0/24 maxlen: 24
95.38.153.0/24 maxlen: 24
95.38.154.0/24 maxlen: 24
95.38.155.0/24 maxlen: 24
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.97.0/24 maxlen: 24
95.38.98.0/24 maxlen: 24
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.100.0/24 maxlen: 24
95.38.101.0/24 maxlen: 24
95.38.102.0/24 maxlen: 24
95.38.103.0/24 maxlen: 24
95.38.99.0/24 maxlen: 24
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
95.38.240.0/21 maxlen: 21
95.38.243.0/24 maxlen: 24
95.38.244.0/24 maxlen: 24
95.38.245.0/24 maxlen: 24
95.38.241.0/24 maxlen: 24
95.38.242.0/24 maxlen: 24
95.38.246.0/24 maxlen: 24
95.38.248.0/22 maxlen: 22
95.38.247.0/24 maxlen: 24
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d0:b4:75:19:69:bb:53:f3:72:fb:c5:7a:b0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 2 12:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac434afb3b8bb7633afe41ca70322e3f1d4b630b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dc:39:b8:1c:0d:e7:00:74:d9:cb:a3:ab:5f:
35:d7:ca:8a:c9:a1:cf:7e:da:e7:02:7a:a9:21:6b:
b3:ab:57:c6:e7:b6:5e:c0:56:3e:2e:8d:ad:c0:9d:
c9:cc:60:7f:5e:a4:c0:96:5b:52:b1:37:b9:22:a6:
e4:3a:8a:88:73:15:cb:e5:7f:f8:f0:6b:60:00:10:
b0:9c:50:d4:19:39:0b:f1:b7:b8:e1:b7:3b:28:6a:
7e:40:bb:a6:74:3f:9b:56:73:2f:5e:b3:40:4d:2e:
0a:92:b1:1e:91:f3:6f:b3:3f:09:07:f6:38:21:5e:
44:1b:80:c7:d8:44:4d:e8:b1:8b:21:ad:3f:8b:c9:
bd:56:60:46:61:3f:11:30:58:36:4e:77:97:09:a6:
a0:ee:d2:47:c3:a6:07:e3:e6:f8:a3:5d:3b:80:96:
9a:20:0a:60:71:c9:5c:c1:85:d6:7d:26:2e:ef:5c:
e9:d0:5d:4c:de:4b:11:ba:a6:7d:77:15:f3:50:26:
33:81:cf:b9:19:d9:ba:85:79:e6:7f:23:bc:d0:61:
e8:53:23:2d:71:bd:12:5a:b6:de:a2:3c:2a:38:ec:
a2:4d:cc:58:b1:f3:cf:83:2d:cf:db:06:dc:f0:79:
88:70:b5:6d:19:53:8a:84:09:d4:fd:7d:20:7d:d4:
87:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:43:4A:FB:3B:8B:B7:63:3A:FE:41:CA:70:32:2E:3F:1D:4B:63:0B
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/rENK-zuLt2M6_kHKcDIuPx1LYws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
4e:92:ec:33:f5:84:f3:46:70:6d:f8:b0:ff:94:54:61:d9:ba:
cb:11:2a:10:7e:85:9d:57:04:a8:92:e6:af:5b:22:80:53:43:
ce:16:da:31:c7:c0:69:e1:35:c6:5f:e6:bb:78:e0:46:9d:97:
a3:21:d4:ba:3b:8a:66:47:b5:99:4f:7d:ea:a6:3b:15:e4:86:
bb:3e:75:1d:a4:cf:74:bf:af:a1:4b:bb:85:e0:db:97:74:06:
5f:98:a0:ad:d0:d7:6f:79:ea:9b:e1:cf:fd:ec:7b:d6:71:7a:
87:cf:f1:4b:1e:c1:7e:99:91:ce:3f:41:c5:81:42:47:c0:8d:
43:09:fc:39:a4:ac:fd:4f:b6:a9:13:98:da:6e:7d:c0:50:3d:
a3:9b:15:83:f2:f7:f5:59:90:f3:93:c1:0d:16:59:ed:fc:9f:
47:e6:8f:6d:b4:62:6d:f5:a1:2a:bf:e9:3a:54:8d:00:df:eb:
0d:ea:44:8b:7b:92:6a:52:c7:0f:bc:b3:87:6d:ec:23:f7:e7:
2b:28:be:b2:52:bd:2a:8a:ec:28:eb:2b:84:38:f2:9a:10:15:
25:0b:7b:0e:64:12:c8:e1:29:23:07:90:66:75:59:37:0b:39:
37:dc:94:bd:71:90:d7:ba:9f:20:13:fc:29:e7:65:88:09:9e:
4c:a4:f4:e6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzKKdC0dRlpu1PzcvvFerBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQzNGFmYjNiOGJiNzYzM2FmZTQxY2E3MDMyMmUzZjFkNGI2MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtw5uBwN5wB02cujq18118qKyaHP
ftrnAnqpIWuzq1fG57ZewFY+Lo2twJ3JzGB/XqTAlltSsTe5IqbkOoqIcxXL5X/4
8GtgABCwnFDUGTkL8be44bc7KGp+QLumdD+bVnMvXrNATS4KkrEekfNvsz8JB/Y4
IV5EG4DH2ERN6LGLIa0/i8m9VmBGYT8RMFg2TneXCaag7tJHw6YH4+b4o107gJaa
IApgcclcwYXWfSYu71zp0F1M3ksRuqZ9dxXzUCYzgc+5Gdm6hXnmfyO80GHoUyMt
cb0SWrbeojwqOOyiTcxYsfPPgy3P2wbc8HmIcLVtGVOKhAnU/X0gfdSHrQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKxDSvs7i7djOv5BynAyLj8dS2MLMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvckVOSy16dUx0Mk02X2tIS2NESXVQeDFMWXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVfJmAD
BAJfJmgwDAMEAV8mggMEBF8mgAMEA18mmAMEAl8mqAMEAF8mrgMEAl8myAMEAl8m
0DAMAwQEXybwAwQCXyb4MA0GCSqGSIb3DQEBCwUAA4IBAQBOkuwz9YTzRnBt+LD/
lFRh2brLESoQfoWdVwSokuavWyKAU0POFtoxx8Bp4TXGX+a7eOBGnZejIdS6O4pm
R7WZT33qpjsV5Ia7PnUdpM90v6+hS7uF4NuXdAZfmKCt0Ndveeqb4c/97HvWcXqH
z/FLHsF+mZHOP0HFgUJHwI1DCfw5pKz9T7apE5jabn3AUD2jmxWD8vf1WZDzk8EN
Flnt/J9H5o9ttGJt9aEqv+k6VI0A3+sN6kSLe5JqUscPvLOHbewj9+crKL6yUr0q
iuwo6yuEOPKaEBUlC3sOZBLI4SkjB5BmdVk3Czk33JS9cZDXup8gE/wp52WICZ5M
pPTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:45 2024 by rpki-client on console-ams.rpki-client.org