Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/985lXBJ8rQbQcsSMmij8Mcdaxko.roa
File: 985lXBJ8rQbQcsSMmij8Mcdaxko.roa (raw, json)
Hash identifier: /NEUTsAq9d9Ep1O9BS6mbi3rCpjkyD7Cmn3fX60uFhk=
Subject key identifier: F7:CE:65:5C:12:7C:AD:06:D0:72:C4:8C:9A:28:FC:31:C7:5A:C6:4A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189871C508EB98012F5B4A1B245C90BF36E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/985lXBJ8rQbQcsSMmij8Mcdaxko.roa
Signing time: Mon 24 Jul 2023 08:55:26 +0000
ROA not before: Mon 24 Jul 2023 08:55:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:1c:50:8e:b9:80:12:f5:b4:a1:b2:45:c9:0b:f3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 24 08:55:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7ce655c127cad06d072c48c9a28fc31c75ac64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:44:e7:0d:b2:da:71:87:d8:5a:4d:ce:3d:
55:a2:d4:69:9a:5b:7a:1d:19:92:63:5b:77:d5:fe:
92:71:f7:f8:2c:fa:95:4e:4f:b4:d1:c2:ac:83:7d:
cd:31:4f:80:84:9a:6c:9b:30:c6:a2:29:89:55:4b:
51:7c:b0:d8:33:2c:f1:65:c1:ad:65:e5:99:dd:45:
32:36:3d:ac:a4:0f:a4:b4:64:e5:41:26:91:9d:58:
d8:08:4f:56:aa:18:87:ba:7c:99:18:30:6d:b2:0d:
8e:4a:05:53:65:7a:c9:cb:6b:36:1b:59:e9:e3:36:
93:a0:bb:37:e1:04:d3:76:3b:b5:78:69:99:75:0f:
d8:9a:7a:c8:d3:65:60:6b:da:20:df:32:c4:03:2d:
41:47:c2:a9:9d:62:a1:71:fe:b3:b9:c0:d2:ac:6f:
20:7c:41:24:46:ce:f7:08:f0:c9:02:a9:ec:05:b5:
c3:b2:1d:54:78:cb:e5:e4:f6:71:75:9f:83:4d:1b:
e3:41:a8:03:52:17:6e:20:08:21:f4:3e:f2:dc:95:
90:c3:0c:39:9e:a4:26:ca:46:5a:99:54:a0:6a:1c:
3e:2d:ea:d6:79:20:a9:20:69:e6:69:7d:12:b1:f9:
3f:1b:a8:25:4a:29:05:fd:92:48:5c:70:28:e8:4a:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CE:65:5C:12:7C:AD:06:D0:72:C4:8C:9A:28:FC:31:C7:5A:C6:4A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/985lXBJ8rQbQcsSMmij8Mcdaxko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/23
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f2:85:9b:0c:29:a6:9b:b1:e5:01:e8:0b:d2:37:37:bb:6d:
1f:ac:23:8d:ff:4c:b5:bc:38:05:c6:71:ac:5f:a6:b8:22:76:
59:0e:1a:fd:7d:5d:80:f0:cf:69:97:f1:b9:6d:e9:92:79:d2:
d0:d5:30:51:90:b5:21:2c:dc:c3:b4:04:9c:dd:a7:32:8b:ca:
27:0b:5c:db:97:dd:8c:0a:35:aa:0f:33:43:bb:d7:64:58:48:
a5:9c:d5:53:bf:22:59:fe:c3:63:0b:7d:29:90:c1:4c:e8:6f:
96:df:90:c2:f6:7c:ad:0a:82:4a:c0:d1:4f:3f:c8:4b:e6:e6:
fd:cf:af:1f:e2:7d:0c:7e:36:26:c9:83:05:8e:15:d8:60:db:
64:ea:f5:3f:99:9c:08:df:fa:1e:5c:1e:4f:11:e5:9d:e2:b7:
66:7c:ef:35:0f:d9:e6:6a:3b:af:6d:54:dc:34:19:66:19:00:
d7:b7:42:45:a9:6f:e2:3f:1e:cd:34:2a:41:97:c9:d3:97:c1:
d9:b4:af:12:36:11:4b:cc:4a:8f:53:b6:b8:54:9d:6b:ad:cf:
53:70:52:7e:21:80:4e:81:ce:69:34:cf:b5:ab:64:7b:5c:85:
eb:b6:12:8d:35:09:a8:aa:a0:ac:21:9e:b6:aa:b0:9b:1b:d8:
9c:38:0b:80
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYmHHFCOuYAS9bShskXJC/NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI0MDg1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NlNjU1YzEyN2NhZDA2ZDA3MmM0OGM5YTI4ZmMzMWM3NWFjNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdJE5w2y2nGH2FpNzj1VotRpmlt6
HRmSY1t31f6Scff4LPqVTk+00cKsg33NMU+AhJpsmzDGoimJVUtRfLDYMyzxZcGt
ZeWZ3UUyNj2spA+ktGTlQSaRnVjYCE9WqhiHunyZGDBtsg2OSgVTZXrJy2s2G1np
4zaToLs34QTTdju1eGmZdQ/YmnrI02Vga9og3zLEAy1BR8KpnWKhcf6zucDSrG8g
fEEkRs73CPDJAqnsBbXDsh1UeMvl5PZxdZ+DTRvjQagDUhduIAgh9D7y3JWQwww5
nqQmykZamVSgahw+LerWeSCpIGnmaX0Ssfk/G6glSikF/ZJIXHAo6ErHdwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFPfOZVwSfK0G0HLEjJoo/DHHWsZKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTg1bFhCSjhyUWJRY3NTTW1pajhNY2RheGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FgMEAMB8sgMEAMB8tgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
yAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQA
wld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQBw4XCAwQA1MDxMA0GCSqGSIb3
DQEBCwUAA4IBAQBq8oWbDCmmm7HlAegL0jc3u20frCON/0y1vDgFxnGsX6a4InZZ
Dhr9fV2A8M9pl/G5bemSedLQ1TBRkLUhLNzDtASc3acyi8onC1zbl92MCjWqDzND
u9dkWEilnNVTvyJZ/sNjC30pkMFM6G+W35DC9nytCoJKwNFPP8hL5ub9z68f4n0M
fjYmyYMFjhXYYNtk6vU/mZwI3/oeXB5PEeWd4rdmfO81D9nmajuvbVTcNBlmGQDX
t0JFqW/iPx7NNCpBl8nTl8HZtK8SNhFLzEqPU7a4VJ1rrc9TcFJ+IYBOgc5pNM+1
q2R7XIXrthKNNQmoqqCsIZ62qrCbG9icOAuA
-----END CERTIFICATE-----
Generated at Wed Jul 26 12:21:52 2023 by rpki-client on console-ams.rpki-client.org