Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/16nEymyHfznj8oM0p3MPg206Avk.roa
File: 16nEymyHfznj8oM0p3MPg206Avk.roa (raw, json)
Hash identifier: S187DebEQU+6lnFHgGAhy7/0AkY7gUSDDX8uAPuStqo=
Subject key identifier: D7:A9:C4:CA:6C:87:7F:39:E3:F2:83:34:A7:73:0F:83:6D:3A:02:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185BE9D9D4FCB2FCBCF0877379E94010E2A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/16nEymyHfznj8oM0p3MPg206Avk.roa
Signing time: Tue 17 Jan 2023 07:24:38 +0000
ROA not before: Tue 17 Jan 2023 07:24:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:9d:9d:4f:cb:2f:cb:cf:08:77:37:9e:94:01:0e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 17 07:24:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7a9c4ca6c877f39e3f28334a7730f836d3a02f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:01:f2:ca:7b:f9:77:bb:81:04:6e:58:b5:84:
07:f3:26:4a:cf:68:0d:85:73:a9:e8:1a:67:e4:0d:
09:60:14:ac:ff:4b:64:69:5d:38:97:34:d3:d0:f0:
23:7d:e8:7e:47:1d:4e:48:2d:f5:95:2c:19:0f:fa:
fd:fe:b6:8b:91:f2:16:55:86:98:13:06:ec:ba:44:
25:5d:43:7a:e8:b6:a3:77:f0:4f:82:6a:00:08:35:
88:5c:11:59:a6:cc:bb:a5:94:7c:f3:31:07:7a:d0:
4c:72:3d:0c:d9:ee:16:83:59:47:bf:f3:2d:52:4d:
e5:ef:73:1d:41:b9:ca:45:e8:2e:1a:55:c5:e6:83:
70:4d:9b:29:e8:89:00:66:4b:67:bf:22:3f:0f:2f:
95:e3:24:34:a4:14:34:bf:84:d1:d0:65:cc:36:f4:
af:a2:15:0d:c8:6b:02:97:15:83:f8:e8:c8:cf:b3:
07:c9:86:e4:3d:c8:c6:b8:57:2d:8e:a8:62:39:cb:
b5:5c:36:38:c8:52:a6:1b:80:8d:29:bb:38:c8:f1:
6b:a7:fd:c9:1c:42:b3:77:fb:bc:d5:8e:16:61:fe:
bc:40:43:f1:95:d0:d5:8e:20:71:65:64:a0:ce:31:
fe:86:68:34:39:ef:32:a0:62:e6:bf:f7:7a:49:75:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A9:C4:CA:6C:87:7F:39:E3:F2:83:34:A7:73:0F:83:6D:3A:02:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/16nEymyHfznj8oM0p3MPg206Avk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.41.0/24
193.124.47.0/24
193.124.205.0/24
194.58.43.0/24
194.58.46.0/24
194.58.155.0/24
194.87.30.0/24
194.87.64.0/24
194.87.108.0/24
194.87.161.0/24
194.87.207.0/24
195.133.94.0/24
212.192.7.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ec:ef:45:ac:17:df:2a:91:4c:a8:48:b0:0e:45:8c:5b:2c:
a2:13:d0:4c:8a:ac:73:20:97:44:84:ef:23:66:79:0a:e7:1a:
46:c0:7d:66:93:53:25:37:78:f0:5b:3e:a2:3e:ea:f2:a0:13:
69:62:ec:01:63:b3:63:9d:f9:54:e6:a1:ca:eb:fd:82:78:df:
51:5a:fb:24:c6:c9:43:8c:e5:05:6f:b1:f6:e9:f0:2e:93:38:
69:4a:6a:6b:ed:f8:a9:0f:d1:b6:ee:f4:13:3b:0d:98:ae:0a:
5b:ed:ab:e1:d9:80:d4:48:ac:d9:96:61:db:52:dc:52:c0:ed:
a0:cd:99:ad:0c:dc:f5:f6:5f:5f:20:5b:20:84:b8:b4:75:51:
cf:74:db:58:64:04:62:2c:38:51:dc:c7:c4:9c:8b:e9:3d:73:
b6:13:85:e7:7b:10:45:c8:bd:ea:ed:cc:6e:91:9a:07:5b:b9:
01:d6:8a:e1:e8:eb:03:9e:65:7a:34:4f:fb:84:c7:80:9c:62:
59:c5:c1:ae:37:6c:21:42:93:22:97:7b:3f:74:a4:a7:d4:e3:
66:bd:48:dc:8e:1c:0d:50:a1:b0:e2:6a:d3:29:41:d5:59:96:
fd:9e:77:fb:5a:76:e3:20:38:51:ed:33:f6:2c:18:d0:52:e3:
90:b4:af:b1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYW+nZ1Pyy/Lzwh3N56UAQ4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE3MDcyNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E5YzRjYTZjODc3ZjM5ZTNmMjgzMzRhNzczMGY4MzZkM2EwMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gHyynv5d7uBBG5YtYQH8yZKz2gN
hXOp6Bpn5A0JYBSs/0tkaV04lzTT0PAjfeh+Rx1OSC31lSwZD/r9/raLkfIWVYaY
EwbsukQlXUN66Lajd/BPgmoACDWIXBFZpsy7pZR88zEHetBMcj0M2e4Wg1lHv/Mt
Uk3l73MdQbnKReguGlXF5oNwTZsp6IkAZktnvyI/Dy+V4yQ0pBQ0v4TR0GXMNvSv
ohUNyGsClxWD+OjIz7MHyYbkPcjGuFctjqhiOcu1XDY4yFKmG4CNKbs4yPFrp/3J
HEKzd/u81Y4WYf68QEPxldDVjiBxZWSgzjH+hmg0Oe8yoGLmv/d6SXU+bwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNepxMpsh3854/KDNKdzD4NtOgL5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTZuRXlteUhmem5qOG9NMHAzTVBnMjA2QXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwXwSAwQA
wXwpAwQAwXwvAwQAwXzNAwQAwjorAwQAwjouAwQAwjqbAwQAwlceAwQAwldAAwQA
wldsAwQAwlehAwQAwlfPAwQAw4VeAwQA1MAHAwQA1MAeMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ7O9FrBffKpFMqEiwDkWMWyyiE9BMiqxzIJdEhO8jZnkK5xpGwH1mk1Ml
N3jwWz6iPuryoBNpYuwBY7NjnflU5qHK6/2CeN9RWvskxslDjOUFb7H26fAukzhp
Smpr7fipD9G27vQTOw2Yrgpb7avh2YDUSKzZlmHbUtxSwO2gzZmtDNz19l9fIFsg
hLi0dVHPdNtYZARiLDhR3MfEnIvpPXO2E4XnexBFyL3q7cxukZoHW7kB1orh6OsD
nmV6NE/7hMeAnGJZxcGuN2whQpMil3s/dKSn1ONmvUjcjhwNUKGw4mrTKUHVWZb9
nnf7WnbjIDhR7TP2LBjQUuOQtK+x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org