Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/8Lrwpr9503NOT3NpeiIez3HBEY8.roa
File: 8Lrwpr9503NOT3NpeiIez3HBEY8.roa (raw, json)
Hash identifier: 2ZfdpMf49Y594parv7lahwRYRm5cSkSoTw8LWfsRGQ0=
Subject key identifier: F0:BA:F0:A6:BF:79:D3:73:4E:4F:73:69:7A:22:1E:CF:71:C1:11:8F
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 01856F4B821E59096D5CA7F891E4560A2D5F
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/8Lrwpr9503NOT3NpeiIez3HBEY8.roa
Signing time: Sun 01 Jan 2023 21:44:57 +0000
ROA not before: Sun 01 Jan 2023 21:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34683
IP address blocks: 195.137.228.0/23 maxlen: 23
212.24.192.0/19 maxlen: 19
212.24.193.0/24 maxlen: 24
185.69.216.0/22 maxlen: 22
87.254.96.0/19 maxlen: 19
2001:1698::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:82:1e:59:09:6d:5c:a7:f8:91:e4:56:0a:2d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 1 21:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0baf0a6bf79d3734e4f73697a221ecf71c1118f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b1:80:30:82:08:0d:63:f9:a0:cd:5b:58:ca:
fc:14:70:a7:9e:fb:e2:86:a9:1c:dc:65:a1:10:c1:
db:ca:c7:06:45:2e:4d:ce:bd:5c:4d:62:d7:c6:25:
9f:a3:e3:6d:ca:a9:58:47:08:2a:54:50:fa:50:79:
7b:71:7d:64:9c:d4:56:4c:c4:78:59:07:de:06:48:
b6:de:3d:1e:27:6b:4f:a2:4b:fa:df:fb:c8:67:d1:
0b:32:19:4b:e7:6b:2a:51:7d:2d:15:e6:3f:18:bb:
b6:7b:42:dc:64:38:c6:86:b5:f9:cb:7c:78:c0:76:
dc:5f:1b:82:3f:08:9b:da:13:e7:27:e6:4b:ff:49:
96:4f:1b:c0:6a:ea:64:1a:ac:09:1e:73:a0:36:95:
46:5a:2c:6b:89:1a:c3:db:96:fc:ac:16:90:e1:09:
a1:3b:4a:4d:d8:5b:51:72:bb:d2:7b:f2:da:24:f0:
49:74:8f:e0:78:eb:3d:fd:5c:1d:14:13:ec:1a:b9:
5d:58:fb:a0:f0:52:db:9d:9b:c6:38:2e:e1:e6:7a:
2f:0c:e5:92:0b:79:ed:87:d1:e8:8d:49:b0:41:e9:
d3:7b:25:28:97:16:c4:c5:e4:97:8d:b7:2f:3b:49:
17:12:6c:d8:e5:4b:a2:05:43:46:4b:78:7c:af:3e:
ca:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BA:F0:A6:BF:79:D3:73:4E:4F:73:69:7A:22:1E:CF:71:C1:11:8F
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/8Lrwpr9503NOT3NpeiIez3HBEY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
IPv6:
2001:1698::/32
Signature Algorithm: sha256WithRSAEncryption
4b:fb:1d:54:f8:1e:f2:0c:73:ba:0c:2e:a8:8d:12:11:ef:a2:
b1:74:03:d2:f8:43:97:46:f8:a7:3f:24:36:85:0c:95:0c:33:
89:bb:cc:c8:01:8c:39:bf:6c:9a:3a:3d:e6:7b:a7:0e:97:2a:
c5:43:a4:8e:ea:b0:12:77:ca:f7:49:3a:ab:f8:4c:08:5c:51:
df:2a:c9:ed:25:77:1f:2d:9c:cc:eb:e5:24:3b:23:f1:6b:45:
f3:74:8a:d0:7e:ee:9d:6f:87:e2:d6:06:2b:20:ae:61:39:28:
ff:6e:a7:1f:4c:0f:6d:e8:26:a4:f1:f9:17:86:d9:43:6c:61:
28:84:42:db:e4:3f:8a:4b:f8:89:2c:e9:5b:9d:78:02:7e:31:
51:a9:40:2d:09:c2:3c:80:af:50:07:e5:69:fd:be:fa:94:ce:
a0:67:67:4e:d0:24:71:7a:af:e3:f0:e9:b7:57:6f:15:30:d8:
00:20:56:42:87:5f:94:d2:80:d3:b4:c1:71:e8:96:24:ef:88:
8b:d0:f9:b4:54:92:aa:e8:e8:f6:22:2c:93:ff:92:94:1f:a0:
67:66:f1:76:f3:d7:1c:b4:3f:40:da:9d:4b:65:a4:f0:f2:71:
72:d0:0c:7d:6a:a7:3e:75:27:72:8c:68:8a:21:76:a9:00:1b:
72:1a:2e:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvS4IeWQltXKf4keRWCi1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzc4NDNmMDc1MjIyNDQ1OWU2MDM0NTY5YTIxN2M4YjYx
MTU2NGIwHhcNMjMwMTAxMjE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhZjBhNmJmNzlkMzczNGU0ZjczNjk3YTIyMWVjZjcxYzExMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7GAMIIIDWP5oM1bWMr8FHCnnvvi
hqkc3GWhEMHbyscGRS5Nzr1cTWLXxiWfo+NtyqlYRwgqVFD6UHl7cX1knNRWTMR4
WQfeBki23j0eJ2tPokv63/vIZ9ELMhlL52sqUX0tFeY/GLu2e0LcZDjGhrX5y3x4
wHbcXxuCPwib2hPnJ+ZL/0mWTxvAaupkGqwJHnOgNpVGWixriRrD25b8rBaQ4Qmh
O0pN2FtRcrvSe/LaJPBJdI/geOs9/VwdFBPsGrldWPug8FLbnZvGOC7h5novDOWS
C3nth9HojUmwQenTeyUolxbExeSXjbcvO0kXEmzY5UuiBUNGS3h8rz7KOQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPC68Ka/edNzTk9zaXoiHs9xwRGPMB8GA1UdIwQY
MBaAFMo3hD8HUiJEWeYDRWmiF8i2EVZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUt
OGZlNzg0ZTMxZTVkLzEvOExyd3ByOTUwM05PVDNOcGVpSWV6M0hCRVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUtOGZlNzg0ZTMxZTVk
LzEveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFV/5gAwQC
uUXYAwQBw4nkAwQF1BjAMA0EAgACMAcDBQAgARaYMA0GCSqGSIb3DQEBCwUAA4IB
AQBL+x1U+B7yDHO6DC6ojRIR76KxdAPS+EOXRvinPyQ2hQyVDDOJu8zIAYw5v2ya
Oj3me6cOlyrFQ6SO6rASd8r3STqr+EwIXFHfKsntJXcfLZzM6+UkOyPxa0XzdIrQ
fu6db4fi1gYrIK5hOSj/bqcfTA9t6Cak8fkXhtlDbGEohELb5D+KS/iJLOlbnXgC
fjFRqUAtCcI8gK9QB+Vp/b76lM6gZ2dO0CRxeq/j8Om3V28VMNgAIFZCh1+U0oDT
tMFx6JYk74iL0Pm0VJKq6Oj2IiyT/5KUH6BnZvF289cctD9A2p1LZaTw8nFy0Ax9
aqc+dSdyjGiKIXapABtyGi7d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:20 2024 by rpki-client on console-ams.rpki-client.org