Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8xfciYdHwwzPVsvmC23iGyUADig.roa
File: 8xfciYdHwwzPVsvmC23iGyUADig.roa (raw, json)
Hash identifier: 5+HMt4+cg6fOEZo/MmTeDZH30qEYmcjfPgDKvIR32F8=
Subject key identifier: F3:17:DC:89:87:47:C3:0C:CF:56:CB:E6:0B:6D:E2:1B:25:00:0E:28
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ADA3FC6E23C092DFBEDC82787E87338C9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8xfciYdHwwzPVsvmC23iGyUADig.roa
Signing time: Thu 28 Sep 2023 05:25:27 +0000
ROA not before: Thu 28 Sep 2023 05:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 14:25:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:3f:c6:e2:3c:09:2d:fb:ed:c8:27:87:e8:73:38:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 28 05:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f317dc898747c30ccf56cbe60b6de21b25000e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:30:d2:6c:f1:c1:c9:24:c1:45:4b:1d:46:a5:
69:21:5a:7d:94:ba:c8:f2:b7:b0:55:f9:46:29:61:
99:da:d9:22:d9:42:1c:d6:27:2c:99:fa:42:2f:0d:
e4:6c:34:7f:9a:fd:0a:f7:b2:de:c5:89:7a:03:bc:
19:00:f4:50:e2:4a:8d:47:ad:fb:c8:fa:6d:83:e1:
ed:1a:69:82:26:4b:f9:96:a4:33:5c:22:f2:29:df:
0d:8a:34:81:db:97:19:df:57:6b:bf:4e:50:ae:1a:
ce:a7:0c:94:f6:fb:04:06:8e:42:ed:ce:94:b9:4c:
0a:14:8d:f9:f6:cc:79:41:c8:db:01:61:cb:85:c5:
54:47:d7:3e:78:90:79:e1:41:e9:19:b2:ee:aa:b6:
9c:07:83:34:11:27:b8:e3:3f:c1:d9:0f:e5:43:52:
4a:7b:86:09:0d:26:fd:3c:05:fc:b0:77:1f:f1:bc:
6b:bc:1e:bd:c3:99:93:d4:85:bd:d3:3e:5e:da:bf:
ac:b1:64:7d:7d:a8:8d:48:f0:ca:2f:c0:21:e0:1d:
0f:b0:00:aa:b5:92:e4:75:e1:fe:72:7f:5e:21:f5:
24:b8:da:78:9e:0d:74:cf:dc:56:81:10:ee:ee:f0:
14:f3:74:9e:0e:48:7e:b2:bd:58:99:b2:b7:a4:85:
d0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:17:DC:89:87:47:C3:0C:CF:56:CB:E6:0B:6D:E2:1B:25:00:0E:28
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8xfciYdHwwzPVsvmC23iGyUADig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.223.0/24
Signature Algorithm: sha256WithRSAEncryption
79:6e:34:2b:49:f8:63:8b:04:dc:17:73:11:00:94:a5:4d:e9:
91:29:6d:f6:a6:af:21:dd:b4:b8:1e:be:1d:19:ba:bf:cf:d3:
7e:8c:d0:ba:d2:15:9d:c1:40:69:b7:33:ba:c3:5d:24:86:42:
71:05:f0:3a:6c:7a:19:e9:79:e8:e1:3b:1b:16:9f:62:f8:9e:
f0:c4:91:a1:32:ce:e2:29:38:73:00:54:ce:fe:31:31:c5:f9:
bb:00:30:4b:d7:ae:02:0f:56:17:b5:55:46:f3:8a:3e:75:c0:
b4:6a:8b:78:ed:25:db:70:ce:01:77:a1:d0:fb:98:37:fe:71:
b0:f1:cb:5b:cb:4b:11:51:37:9a:23:68:dd:1e:5d:82:08:a3:
b6:e4:b5:73:d6:8a:01:e7:c5:e9:bb:91:ae:f4:35:38:fc:59:
57:2b:61:96:00:b6:52:d5:1e:42:ad:3a:af:1a:53:12:54:ae:
c2:41:39:53:10:1e:7f:57:ab:1c:b3:80:35:6f:66:86:0f:c2:
39:56:83:d2:02:c2:cf:d6:76:43:3b:0c:c8:94:4f:e1:26:e2:
ba:75:9b:7f:14:6f:6e:bb:9d:a0:48:8e:e9:14:42:19:21:6f:
bb:f4:92:31:3f:6c:43:b3:66:af:7c:49:c9:cc:ef:b1:62:0f:
5f:44:c9:43
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYraP8biPAkt++3IJ4foczjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI4MDUyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE3ZGM4OTg3NDdjMzBjY2Y1NmNiZTYwYjZkZTIxYjI1MDAwZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzDSbPHBySTBRUsdRqVpIVp9lLrI
8rewVflGKWGZ2tki2UIc1icsmfpCLw3kbDR/mv0K97LexYl6A7wZAPRQ4kqNR637
yPptg+HtGmmCJkv5lqQzXCLyKd8NijSB25cZ31drv05QrhrOpwyU9vsEBo5C7c6U
uUwKFI359sx5QcjbAWHLhcVUR9c+eJB54UHpGbLuqracB4M0ESe44z/B2Q/lQ1JK
e4YJDSb9PAX8sHcf8bxrvB69w5mT1IW90z5e2r+ssWR9faiNSPDKL8Ah4B0PsACq
tZLkdeH+cn9eIfUkuNp4ng10z9xWgRDu7vAU83SeDkh+sr1YmbK3pIXQjQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFPMX3ImHR8MMz1bL5gtt4hslAA4oMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOHhmY2lZZEh3d3pQVnN2bUMyM2lHeVVBRGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOF
BgMEAMOFHgMEAcOFKAMEAMOFSQMEAcOFVAMEANTA3zANBgkqhkiG9w0BAQsFAAOC
AQEAeW40K0n4Y4sE3BdzEQCUpU3pkSlt9qavId20uB6+HRm6v8/TfozQutIVncFA
abczusNdJIZCcQXwOmx6Gel56OE7GxafYvie8MSRoTLO4ik4cwBUzv4xMcX5uwAw
S9euAg9WF7VVRvOKPnXAtGqLeO0l23DOAXeh0PuYN/5xsPHLW8tLEVE3miNo3R5d
ggijtuS1c9aKAefF6buRrvQ1OPxZVythlgC2UtUeQq06rxpTElSuwkE5UxAef1er
HLOANW9mhg/COVaD0gLCz9Z2QzsMyJRP4SbiunWbfxRvbrudoEiO6RRCGSFvu/SS
MT9sQ7Nmr3xJyczvsWIPX0TJQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org