Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37ka0XASehLK0QWNCC8qH28drp4.roa
File: 37ka0XASehLK0QWNCC8qH28drp4.roa (raw, json)
Hash identifier: 1yIVCPZaai4BWtGOWurLMPKzE/MfHrBye2qcNEeIbqE=
Subject key identifier: DF:B9:1A:D1:70:12:7A:12:CA:D1:05:8D:08:2F:2A:1F:6F:1D:AE:9E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01897D109BA6AC52F6F50711D9E725FD9046
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37ka0XASehLK0QWNCC8qH28drp4.roa
Signing time: Sat 22 Jul 2023 10:06:27 +0000
ROA not before: Sat 22 Jul 2023 10:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7d:10:9b:a6:ac:52:f6:f5:07:11:d9:e7:25:fd:90:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 22 10:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfb91ad170127a12cad1058d082f2a1f6f1dae9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:26:92:f5:b1:f8:21:7c:aa:af:39:8a:70:66:
7f:6a:30:17:6a:0d:1f:85:ad:72:79:3a:f8:d9:25:
0c:53:25:e8:f6:a8:c4:82:1a:6d:5d:b1:aa:5f:22:
54:a8:79:fe:64:e4:af:36:d4:4f:88:75:c8:a7:fc:
75:01:29:21:43:f9:42:3c:1b:7a:d5:c8:ea:2b:aa:
bc:c7:3f:81:be:9b:d6:77:ad:1d:fa:5d:58:a3:c3:
1f:a4:c4:e4:8e:3e:ec:16:94:fe:87:1a:9c:52:67:
20:d4:c7:fe:5f:a2:ca:c6:51:dc:6b:72:94:99:32:
90:b6:6c:e9:d5:ff:3f:8a:e7:c2:4d:b9:05:56:5e:
fc:c1:c8:32:20:1a:b0:16:b3:67:59:2e:ad:73:45:
41:7b:52:c8:60:0f:e9:35:3e:8b:43:e7:26:a0:dc:
10:55:3d:f0:d3:fd:7f:dc:5f:45:fc:71:99:07:d0:
6b:a4:0b:77:39:fe:5b:15:15:4b:7c:16:44:0d:1d:
c9:9c:0a:b5:fe:c7:ec:29:c1:bb:fa:4d:9d:87:e0:
a4:c3:e5:89:7d:cf:68:4a:6a:f7:db:75:ef:4f:15:
c5:ff:19:7b:6d:1d:7b:a3:c7:8c:7c:f8:c1:e1:f5:
7b:ac:12:07:e1:2c:cf:32:42:18:3b:6d:c9:54:7c:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B9:1A:D1:70:12:7A:12:CA:D1:05:8D:08:2F:2A:1F:6F:1D:AE:9E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/37ka0XASehLK0QWNCC8qH28drp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/23
212.192.241.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
35:14:94:f7:69:f4:cc:a6:09:5b:d4:bc:90:38:d2:5e:4e:3d:
0c:37:9b:11:a5:d5:e5:f0:8a:b6:e1:ea:6b:5a:e1:2b:e4:df:
c0:8c:2a:f2:48:ca:5b:56:a8:97:10:06:69:34:bd:f7:28:ce:
c0:89:f9:3b:db:04:75:a4:ce:75:98:ea:67:5a:07:95:1c:ae:
c4:bd:3d:ab:16:e2:fb:77:e0:eb:4a:ac:5f:8e:6d:51:d1:f5:
ab:1e:6b:89:d8:9b:a1:bb:16:18:dd:de:29:13:c2:5b:6e:f1:
02:da:20:69:c4:d0:ea:af:d3:0d:ec:cb:82:2f:4c:26:08:0f:
c1:6e:23:2c:4d:85:5a:6d:d2:fb:be:8d:a2:62:d9:23:f8:f4:
f8:dc:68:80:57:8c:9c:5c:8f:22:5a:aa:e5:c7:c9:2d:50:f7:
cb:c4:fa:53:e0:31:42:5d:f9:70:59:cc:40:85:a8:9b:26:d2:
b2:60:54:5d:a2:c5:92:3d:d2:1c:84:1a:4c:47:38:91:21:36:
92:33:83:8e:5c:ae:9f:a2:1e:59:f2:70:d9:05:b3:01:cb:f1:
c9:86:26:da:bc:8b:6c:ca:80:a0:98:6c:b7:15:11:0c:a4:f4:
f4:21:f7:90:fe:52:f7:4c:93:59:1c:47:83:47:94:14:80:f9:
5f:a9:b6:61
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgISAYl9EJumrFL29QcR2ecl/ZBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIyMTAwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmI5MWFkMTcwMTI3YTEyY2FkMTA1OGQwODJmMmExZjZmMWRhZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSaS9bH4IXyqrzmKcGZ/ajAXag0f
ha1yeTr42SUMUyXo9qjEghptXbGqXyJUqHn+ZOSvNtRPiHXIp/x1ASkhQ/lCPBt6
1cjqK6q8xz+BvpvWd60d+l1Yo8MfpMTkjj7sFpT+hxqcUmcg1Mf+X6LKxlHca3KU
mTKQtmzp1f8/iufCTbkFVl78wcgyIBqwFrNnWS6tc0VBe1LIYA/pNT6LQ+cmoNwQ
VT3w0/1/3F9F/HGZB9BrpAt3Of5bFRVLfBZEDR3JnAq1/sfsKcG7+k2dh+Ckw+WJ
fc9oSmr323XvTxXF/xl7bR17o8eMfPjB4fV7rBIH4SzPMkIYO23JVHwr4wIDAQAB
o4IDLzCCAyswHQYDVR0OBBYEFN+5GtFwEnoSytEFjQgvKh9vHa6eMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzdrYTBYQVNlaExLMFFXTkNDOHFIMjhkcnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQwYIKwYBBQUHAQcBAf8EggEyMIIBLjCCASoEAgABMIIB
IgMEAMB8sgMEAMB8tgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
yAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXAQMEAMJXBzAMAwQAwlcLAwQAwlcMAwQC
wlcYAwQAwlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQA
wld6AwQAwld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQA
wlezAwQAwle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzo2AwQBwzo6AwQBwzo+AwQA
w4UAAwQBw4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQBw4XCAwQA1MDxAwQC
1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQA1FJT3afTMpglb1LyQONJeTj0MN5sRpdXl
8Iq24eprWuEr5N/AjCrySMpbVqiXEAZpNL33KM7Aifk72wR1pM51mOpnWgeVHK7E
vT2rFuL7d+DrSqxfjm1R0fWrHmuJ2JuhuxYY3d4pE8JbbvEC2iBpxNDqr9MN7MuC
L0wmCA/BbiMsTYVabdL7vo2iYtkj+PT43GiAV4ycXI8iWqrlx8ktUPfLxPpT4DFC
XflwWcxAhaibJtKyYFRdosWSPdIchBpMRziRITaSM4OOXK6foh5Z8nDZBbMBy/HJ
hibavItsyoCgmGy3FREMpPT0IfeQ/lL3TJNZHEeDR5QUgPlfqbZh
-----END CERTIFICATE-----
Generated at Mon Jul 24 09:09:20 2023 by rpki-client on console-ams.rpki-client.org