Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/1-YP1aXjFzymf0hrhFFwJMxomjD4.roa
File: 1-YP1aXjFzymf0hrhFFwJMxomjD4.roa (raw, json)
Hash identifier: uFctExYcrqVt0L1TtNuLgjGNLA4Od7iK3caRxRbosPQ=
Subject key identifier: F9:83:F5:69:78:C5:CF:29:9F:D2:1A:E1:14:5C:09:33:1A:26:8C:3E
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 0186262C1948F1BBD27853A6110E62F54E91
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/1-YP1aXjFzymf0hrhFFwJMxomjD4.roa
Signing time: Mon 06 Feb 2023 10:01:09 +0000
ROA not before: Mon 06 Feb 2023 10:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34309
IP address blocks: 195.8.199.0/24 maxlen: 24
195.8.198.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.80.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.81.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:2c:19:48:f1:bb:d2:78:53:a6:11:0e:62:f5:4e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Feb 6 10:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f983f56978c5cf299fd21ae1145c09331a268c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:4f:ef:de:f2:67:34:1a:9b:c4:31:c1:44:
e2:ef:7c:e1:f5:bb:31:07:39:4f:ac:e3:2d:29:82:
c8:d9:d1:2a:14:02:ed:43:3d:ee:f0:6f:82:b5:20:
5b:37:59:29:5f:82:11:9d:fb:6a:7c:a2:0a:39:0c:
f5:55:5c:66:7f:bb:9c:fa:4b:42:08:3f:d4:58:60:
23:a4:dc:f2:40:1c:3a:00:7d:d7:85:84:8f:93:31:
82:8c:e4:8e:37:55:ec:99:2a:3e:26:44:e1:11:86:
0b:af:be:64:48:d2:12:04:27:06:42:83:23:20:63:
9e:d8:d5:28:15:e2:8d:93:ca:f6:23:f4:14:46:99:
2b:fb:c5:71:7e:cc:0e:c5:ed:06:4a:e2:cb:bf:aa:
aa:14:9f:46:c9:44:cb:82:8b:24:5c:63:6a:60:73:
7b:d1:6e:de:c5:54:5a:3f:d0:7a:60:ea:79:77:88:
00:da:59:c5:f2:7c:69:6b:cc:8b:24:39:94:b1:0f:
c4:4c:8c:90:b4:de:c3:8a:d6:96:93:2f:06:5d:c6:
1e:4f:fa:e0:7f:c3:6d:ca:fd:cf:48:fd:41:6c:10:
64:0e:21:b4:b9:33:71:b4:66:6b:3c:d9:ed:d5:11:
65:60:11:42:7e:22:4f:e3:31:00:9d:2c:96:72:f5:
69:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:83:F5:69:78:C5:CF:29:9F:D2:1A:E1:14:5C:09:33:1A:26:8C:3E
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/1-YP1aXjFzymf0hrhFFwJMxomjD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
195.8.198.0/23
Signature Algorithm: sha256WithRSAEncryption
90:64:db:a2:91:ce:f0:f7:ce:28:fe:81:54:d5:4c:c6:25:a3:
0b:d3:0c:57:e8:2e:a1:b6:a1:85:63:65:f7:25:ba:e4:28:3f:
8f:0a:f3:d1:d0:9f:ad:d6:60:b6:f0:ea:cf:d3:e3:a7:f0:f6:
b6:18:a3:8b:e0:f9:e9:38:fe:58:0e:4a:f4:4a:d2:6f:ae:6b:
4f:aa:6f:b8:94:88:a7:83:3a:11:37:cd:4a:06:9e:d6:17:50:
05:9f:d8:a9:76:13:01:b1:02:c2:fd:de:7b:c9:e0:eb:49:db:
ad:e5:d3:04:91:37:4d:d6:47:d4:db:51:5c:2b:9c:4c:85:d2:
3c:da:62:f4:b2:a9:15:0b:de:af:57:82:6c:76:5e:4b:f9:3f:
55:9a:aa:3e:ed:08:a1:b1:0d:3c:24:7e:e6:ab:ea:5c:a8:c3:
5a:4d:d7:ea:67:6d:24:e4:74:b7:66:12:5b:f4:7c:15:6d:d3:
4f:6b:7e:a6:d3:0d:ac:07:c2:d7:6e:b5:80:be:35:ae:63:40:
b2:18:70:24:8a:5a:8d:b7:4b:04:40:3f:ad:90:42:46:db:73:
aa:41:21:f6:bc:39:fd:a3:de:4c:58:96:5c:90:f8:58:41:6f:
38:dd:79:bc:fe:84:8a:3b:94:46:38:26:f7:c2:af:f1:e1:1c:
68:37:35:ac
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYYmLBlI8bvSeFOmEQ5i9U6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjMwMjA2MTAwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTgzZjU2OTc4YzVjZjI5OWZkMjFhZTExNDVjMDkzMzFhMjY4YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXRP797yZzQam8QxwUTi73zh9bsx
BzlPrOMtKYLI2dEqFALtQz3u8G+CtSBbN1kpX4IRnftqfKIKOQz1VVxmf7uc+ktC
CD/UWGAjpNzyQBw6AH3XhYSPkzGCjOSON1XsmSo+JkThEYYLr75kSNISBCcGQoMj
IGOe2NUoFeKNk8r2I/QURpkr+8VxfswOxe0GSuLLv6qqFJ9GyUTLgoskXGNqYHN7
0W7exVRaP9B6YOp5d4gA2lnF8nxpa8yLJDmUsQ/ETIyQtN7DitaWky8GXcYeT/rg
f8Ntyv3PSP1BbBBkDiG0uTNxtGZrPNnt1RFlYBFCfiJP4zEAnSyWcvVpnwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPmD9Wl4xc8pn9Ia4RRcCTMaJow+MB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvMS1ZUDFhWGpGenltZjBocmhGRndKTXhvbWpENC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvOGM3OWZiLTdhNTctNDI5ZC05YzMzLTg3Nzc1NDRjOTI3
NS8xL05MUVota29LRmdVWWd4ak45S0lFU1pLRk81VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyWZUAME
AcMIxjANBgkqhkiG9w0BAQsFAAOCAQEAkGTbopHO8PfOKP6BVNVMxiWjC9MMV+gu
obahhWNl9yW65Cg/jwrz0dCfrdZgtvDqz9Pjp/D2thiji+D56Tj+WA5K9ErSb65r
T6pvuJSIp4M6ETfNSgae1hdQBZ/YqXYTAbECwv3ee8ng60nbreXTBJE3TdZH1NtR
XCucTIXSPNpi9LKpFQver1eCbHZeS/k/VZqqPu0IobENPCR+5qvqXKjDWk3X6mdt
JOR0t2YSW/R8FW3TT2t+ptMNrAfC1261gL41rmNAshhwJIpajbdLBEA/rZBCRttz
qkEh9rw5/aPeTFiWXJD4WEFvON15vP6EijuURjgm98Kv8eEcaDc1rA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:37 2024 by rpki-client on console-ams.rpki-client.org