Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Aae7h2RP9yXZ8wJsx3Jy3wLGbuc.roa
File: Aae7h2RP9yXZ8wJsx3Jy3wLGbuc.roa (raw, json)
Hash identifier: Y45lCmgY+blg3mLaj+qj86HO8oCSeFlrDLMlAHuYqkY=
Subject key identifier: 01:A7:BB:87:64:4F:F7:25:D9:F3:02:6C:C7:72:72:DF:02:C6:6E:E7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189BA2BC5ECE207D69F8AB01CB10F313D0D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Aae7h2RP9yXZ8wJsx3Jy3wLGbuc.roa
Signing time: Thu 03 Aug 2023 06:52:58 +0000
ROA not before: Thu 03 Aug 2023 06:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:2b:c5:ec:e2:07:d6:9f:8a:b0:1c:b1:0f:31:3d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 06:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01a7bb87644ff725d9f3026cc77272df02c66ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c6:0e:e3:31:2a:a8:09:00:cf:84:04:e8:fd:
1d:32:14:61:aa:47:f8:40:12:74:c4:57:84:15:b9:
61:54:70:b7:47:fc:74:43:9b:24:4e:c0:cd:2f:7a:
8f:31:2d:fa:33:b5:f1:fa:a2:40:af:9d:33:c5:2d:
30:a7:3a:d8:84:b2:51:97:a1:e5:cd:66:61:df:8c:
95:52:6a:15:40:6e:27:92:09:d7:34:30:72:f8:be:
dc:17:a2:27:f6:23:01:54:73:46:e9:8d:36:60:27:
b9:9e:1e:7e:3c:0c:48:47:5b:cd:20:88:b7:c9:0f:
89:3e:db:7d:b9:b4:c0:ad:0f:cb:d4:58:be:b1:8f:
d6:e9:a0:18:04:aa:e3:a5:c7:c7:2c:1b:98:ca:f7:
bb:5f:b1:2e:e4:52:b8:a9:9c:3f:00:08:89:6b:14:
05:84:3c:14:e5:03:1f:01:7b:77:08:70:d5:3f:df:
6e:1c:19:5e:2a:09:75:14:b2:45:e9:9b:ee:dc:2e:
a4:71:46:fe:66:30:9f:80:ea:81:3a:a0:1e:6d:6b:
2c:6a:be:aa:82:c8:02:df:ef:2f:c9:45:0c:78:01:
16:81:5e:42:b2:12:ee:44:72:83:b0:1d:ed:0f:06:
da:f1:1b:b4:63:1e:46:7f:48:b8:bc:f2:50:07:a6:
be:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A7:BB:87:64:4F:F7:25:D9:F3:02:6C:C7:72:72:DF:02:C6:6E:E7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Aae7h2RP9yXZ8wJsx3Jy3wLGbuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:80:e6:83:ed:d9:12:5c:20:f1:f2:6e:3f:7d:ab:cf:58:97:
01:1d:fb:f0:f4:c4:b7:7b:9e:b8:92:0b:38:7a:05:e6:21:0a:
1c:12:91:81:8e:77:8f:83:a9:62:34:88:5f:49:5f:9c:39:cc:
7d:dc:5a:23:90:a2:e2:d2:dc:73:cb:9e:a8:f7:cf:8f:f0:5b:
93:0a:d8:f6:0a:59:a1:45:4a:b0:3e:cb:59:af:6e:0b:68:43:
48:0c:00:04:51:f7:14:da:b6:63:98:f5:23:f0:d8:29:af:de:
a9:0e:20:3a:f4:78:bb:b2:e3:9d:de:c1:bc:56:b2:7d:4c:66:
0a:c4:4b:fd:6f:0d:a6:1b:d5:30:1e:45:66:d9:e6:d7:f9:fa:
02:92:0e:0f:c7:73:84:6c:fb:24:51:bc:5c:b1:79:d5:5a:a2:
09:26:b7:40:82:cd:57:c4:93:9a:e7:f0:95:fc:a4:d9:bf:b5:
4c:b6:80:cc:87:00:51:37:71:07:42:1a:fd:34:27:54:0f:a9:
98:8d:4d:c6:56:de:ca:66:b8:d0:49:1c:2e:0f:21:f7:e4:37:
61:7d:67:e3:91:cc:c7:1d:63:84:f8:7d:41:9e:5a:ee:99:6d:
08:4a:18:fe:81:d3:0d:98:be:d8:11:80:68:1c:5c:47:68:02:
fd:14:cb:64
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYm6K8Xs4gfWn4qwHLEPMT0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAzMDY1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE3YmI4NzY0NGZmNzI1ZDlmMzAyNmNjNzcyNzJkZjAyYzY2ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcYO4zEqqAkAz4QE6P0dMhRhqkf4
QBJ0xFeEFblhVHC3R/x0Q5skTsDNL3qPMS36M7Xx+qJAr50zxS0wpzrYhLJRl6Hl
zWZh34yVUmoVQG4nkgnXNDBy+L7cF6In9iMBVHNG6Y02YCe5nh5+PAxIR1vNIIi3
yQ+JPtt9ubTArQ/L1Fi+sY/W6aAYBKrjpcfHLBuYyve7X7Eu5FK4qZw/AAiJaxQF
hDwU5QMfAXt3CHDVP99uHBleKgl1FLJF6Zvu3C6kcUb+ZjCfgOqBOqAebWssar6q
gsgC3+8vyUUMeAEWgV5CshLuRHKDsB3tDwba8Ru0Yx5Gf0i4vPJQB6a+mQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFAGnu4dkT/cl2fMCbMdyct8Cxm7nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWFlN2gyUlA5eVhaOHdKc3gzSnkzd0xHYnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAMB8sgMEAMB8tgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQAwlckAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQBwleCAwQB
wleGAwQAwleXAwQAwleiAwQAwleoAwQAwlezAwQAwle7AwQAwle+AwQAwlfIAwQA
wlfeAwQAwzokAwQAwzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQBw4UGAwQAw4UeAwQA
w4UjAwQAw4VJAwQBw4VUAwQAw4XCAwQA1MDxMA0GCSqGSIb3DQEBCwUAA4IBAQA7
gOaD7dkSXCDx8m4/favPWJcBHfvw9MS3e564kgs4egXmIQocEpGBjnePg6liNIhf
SV+cOcx93FojkKLi0txzy56o98+P8FuTCtj2ClmhRUqwPstZr24LaENIDAAEUfcU
2rZjmPUj8Ngpr96pDiA69Hi7suOd3sG8VrJ9TGYKxEv9bw2mG9UwHkVm2ebX+foC
kg4Px3OEbPskUbxcsXnVWqIJJrdAgs1XxJOa5/CV/KTZv7VMtoDMhwBRN3EHQhr9
NCdUD6mYjU3GVt7KZrjQSRwuDyH35DdhfWfjkczHHWOE+H1BnlrumW0IShj+gdMN
mL7YEYBoHFxHaAL9FMtk
-----END CERTIFICATE-----
Generated at Fri Aug 4 12:10:29 2023 by rpki-client on console-ams.rpki-client.org