Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AcWCkxZEkWkMzwfZ3IU_HdRmfXs.roa
File: AcWCkxZEkWkMzwfZ3IU_HdRmfXs.roa (raw, json)
Hash identifier: qXHTAEkQrcaXNxZULzxOxd6n+0X1nuxIFNmQWYnkjOY=
Subject key identifier: 01:C5:82:93:16:44:91:69:0C:CF:07:D9:DC:85:3F:1D:D4:66:7D:7B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ABBF51B5B213B7E4908D93849A0D0E802
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AcWCkxZEkWkMzwfZ3IU_HdRmfXs.roa
Signing time: Fri 22 Sep 2023 08:15:17 +0000
ROA not before: Fri 22 Sep 2023 08:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 15:53:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:f5:1b:5b:21:3b:7e:49:08:d9:38:49:a0:d0:e8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 22 08:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01c58293164491690ccf07d9dc853f1dd4667d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1b:8f:cc:03:4f:6a:c8:a4:a2:f4:fb:40:31:
2a:c3:05:f9:ef:3c:26:b9:1a:24:85:7a:1f:a7:70:
43:f2:62:a0:99:45:f4:3c:c2:05:7f:5d:91:11:f8:
c2:da:ea:d5:5e:4a:14:c9:8c:75:68:29:ca:d8:0b:
6b:3f:4e:b9:d3:e7:52:0e:84:30:2e:78:7a:68:8d:
6e:ad:c4:4c:7d:e2:59:4f:83:8b:b4:f7:05:71:4f:
c2:71:5c:74:79:34:b5:15:b8:b4:2b:cd:98:21:3c:
c0:39:e5:2d:09:bb:da:32:e5:54:df:69:5a:a8:bb:
d5:90:b7:83:26:9f:2f:15:99:f2:59:31:5e:92:70:
15:2c:c2:94:d8:93:96:8c:ee:01:c1:9a:06:0f:8f:
09:ed:8f:d7:da:b9:76:4c:bd:63:1c:65:0a:96:8e:
bd:3c:dd:cf:ad:c3:a0:15:fa:02:39:b9:47:36:34:
33:5c:7d:20:84:26:7b:65:ec:8f:f2:0d:93:01:b4:
64:a7:73:19:c0:05:5c:d5:ea:da:6f:07:ec:ac:81:
a2:b6:14:aa:43:ad:2e:59:97:b2:ac:c7:49:51:45:
50:ec:8d:9f:04:fe:69:d2:3a:3b:1d:52:ea:3a:b9:
8a:77:69:95:e3:0e:68:e7:32:5a:4c:cd:28:c4:b6:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C5:82:93:16:44:91:69:0C:CF:07:D9:DC:85:3F:1D:D4:66:7D:7B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AcWCkxZEkWkMzwfZ3IU_HdRmfXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
25:77:d2:84:29:f0:5e:13:f3:c3:d8:fa:e1:c4:ef:75:09:ab:
40:bf:4d:6a:fd:3c:6d:34:32:de:af:8b:d7:21:9e:04:5d:b1:
0a:98:77:41:29:f6:dc:bd:f5:50:85:42:7b:7e:da:6a:82:54:
62:cc:71:29:a2:4b:ff:d2:7c:c4:45:af:13:c4:3b:7b:26:b5:
6f:80:81:3b:e8:6a:7d:5b:83:cd:52:ff:0f:6b:58:76:c3:18:
1b:5f:e5:b2:11:ea:13:f4:61:34:a8:8b:fc:fe:e9:ff:81:00:
a9:3f:bd:2c:0a:0b:23:68:bd:05:a6:2e:af:ef:1f:12:ba:f7:
56:4c:41:2e:f3:b7:48:ce:97:35:31:ea:b5:58:ee:ec:96:99:
0c:32:75:35:80:aa:43:53:bc:0a:f4:28:44:67:97:e8:da:9b:
8d:72:7d:20:eb:54:78:06:e4:e8:51:c8:25:84:25:3c:9c:54:
91:70:08:32:67:79:d8:c5:ed:b4:30:4d:3b:7e:44:43:67:9f:
99:94:12:fe:e1:8c:3c:c6:e4:19:6f:f1:1f:23:e8:ab:92:86:
79:0d:fa:c0:8a:56:4d:9e:06:29:d3:00:c9:0d:2f:94:83:6c:
fd:08:2d:14:14:ce:c2:a8:15:51:40:22:09:a6:0a:46:64:59:
ff:2c:e2:cc
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYq79RtbITt+SQjZOEmg0OgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIyMDgxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM1ODI5MzE2NDQ5MTY5MGNjZjA3ZDlkYzg1M2YxZGQ0NjY3ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBuPzANPasikovT7QDEqwwX57zwm
uRokhXofp3BD8mKgmUX0PMIFf12REfjC2urVXkoUyYx1aCnK2AtrP0650+dSDoQw
Lnh6aI1urcRMfeJZT4OLtPcFcU/CcVx0eTS1Fbi0K82YITzAOeUtCbvaMuVU32la
qLvVkLeDJp8vFZnyWTFeknAVLMKU2JOWjO4BwZoGD48J7Y/X2rl2TL1jHGUKlo69
PN3PrcOgFfoCOblHNjQzXH0ghCZ7ZeyP8g2TAbRkp3MZwAVc1erabwfsrIGithSq
Q60uWZeyrMdJUUVQ7I2fBP5p0jo7HVLqOrmKd2mV4w5o5zJaTM0oxLbtrQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFAHFgpMWRJFpDM8H2dyFPx3UZn17MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWNXQ2t4WkVrV2tNendmWjNJVV9IZFJtZlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcVAwQAwlcoAwQAwlc4AwQAwldJAwQA
wldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwDBADCV4UD
BAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gDBADCV94D
BADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOF
HgMEAcOFKAMEAMOFSQMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAJXfShCnwXhPz
w9j64cTvdQmrQL9Nav08bTQy3q+L1yGeBF2xCph3QSn23L31UIVCe37aaoJUYsxx
KaJL/9J8xEWvE8Q7eya1b4CBO+hqfVuDzVL/D2tYdsMYG1/lshHqE/RhNKiL/P7p
/4EAqT+9LAoLI2i9BaYur+8fErr3VkxBLvO3SM6XNTHqtVju7JaZDDJ1NYCqQ1O8
CvQoRGeX6NqbjXJ9IOtUeAbk6FHIJYQlPJxUkXAIMmd52MXttDBNO35EQ2efmZQS
/uGMPMbkGW/xHyPoq5KGeQ36wIpWTZ4GKdMAyQ0vlINs/QgtFBTOwqgVUUAiCaYK
RmRZ/yzizA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org