Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AhafNS3MvcivElhhPYBBEVmYVvk.roa
File: AhafNS3MvcivElhhPYBBEVmYVvk.roa (raw, json)
Hash identifier: fMRlQGaWyfQ+m4psFq1uj5/lnRRS9/NprKKHOde9Uv8=
Subject key identifier: 02:16:9F:35:2D:CC:BD:C8:AF:12:58:61:3D:80:41:11:59:98:56:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C407C9331AFA189B8F49069DEFD303F92
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AhafNS3MvcivElhhPYBBEVmYVvk.roa
Signing time: Wed 06 Dec 2023 18:55:55 +0000
ROA not before: Wed 06 Dec 2023 18:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.215.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:7c:93:31:af:a1:89:b8:f4:90:69:de:fd:30:3f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 6 18:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02169f352dccbdc8af1258613d804111599856f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:64:a3:b2:5b:45:8e:db:97:7b:a2:94:2c:
4a:78:dc:bc:5b:23:44:ba:d4:c5:01:e1:bf:33:81:
b0:0b:12:49:40:f6:91:ca:79:78:de:af:6d:58:de:
ee:12:64:82:0b:5a:6a:36:14:4d:45:6a:1f:fb:be:
e3:99:6e:05:5e:6f:4c:c7:b5:4d:6a:a6:58:f4:99:
36:a0:29:c3:ec:23:51:8c:b3:d7:86:0a:d0:46:28:
a4:b0:6e:f6:bd:18:f5:98:6f:58:c8:92:f5:77:3f:
f4:c2:59:39:b2:ca:4e:ad:b6:bc:37:ee:79:a1:e8:
30:c4:d5:cc:67:82:7c:3f:f4:41:1a:58:bb:86:d2:
97:d5:1d:2a:11:24:5c:80:6a:fd:08:d1:de:57:3f:
12:67:7d:ae:e7:e2:47:78:f6:9b:2a:18:5a:44:1e:
40:dd:a1:75:cf:ed:6d:49:6b:f3:21:7f:44:42:81:
60:c6:24:c2:e3:cf:20:c8:37:8e:c7:31:97:32:6b:
85:09:5e:45:1a:97:62:a1:9a:a0:bf:fe:bb:84:fc:
99:3a:84:46:e7:46:c0:5b:6a:69:58:50:18:10:74:
f6:7f:46:6e:20:87:a1:73:13:3a:16:dc:72:17:4a:
8a:65:2f:b5:ba:c3:d6:85:97:ad:b0:9a:be:eb:41:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:16:9F:35:2D:CC:BD:C8:AF:12:58:61:3D:80:41:11:59:98:56:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AhafNS3MvcivElhhPYBBEVmYVvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
194.87.215.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e2:6a:4a:13:da:6e:29:88:1a:22:18:97:3b:be:c9:a3:14:
90:7b:bb:d0:68:24:07:ec:16:7b:a8:23:fb:ca:08:91:36:30:
fe:bf:8e:20:ad:a2:20:86:7b:be:3f:86:c6:db:25:8d:20:b8:
f3:4c:a6:f7:8f:51:c9:05:81:87:d2:41:16:28:1a:08:e5:85:
64:13:b0:3d:a0:bd:bf:17:e0:cd:59:74:08:62:11:76:92:10:
52:bb:f1:20:1f:e5:42:27:02:e8:55:a4:50:45:c0:68:c4:9d:
73:d7:bd:7f:ca:da:2d:ce:ae:48:a3:87:0e:86:f1:5e:b2:a7:
4f:a9:9e:62:61:50:fb:3b:7e:b7:89:f5:91:62:49:40:62:9c:
7b:95:f0:e8:bb:9d:33:e2:fa:4b:56:c2:df:b9:2f:0c:49:e8:
97:62:9e:16:08:cc:65:73:59:12:78:1a:a2:0d:0d:d1:59:01:
83:2f:41:f5:3e:4b:77:53:2d:88:8a:7b:21:8c:1f:9f:0f:22:
df:8f:75:3a:5c:dc:3a:cf:18:36:8f:e8:40:5d:b9:ef:0e:83:
56:df:4f:2b:34:bb:c3:c1:c5:82:03:da:3c:65:e0:fb:e2:22:
6a:4b:95:19:20:fd:16:5f:05:0f:85:ec:dc:04:1d:c5:91:ad:
67:6d:d5:06
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYxAfJMxr6GJuPSQad79MD+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA2MTg1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE2OWYzNTJkY2NiZGM4YWYxMjU4NjEzZDgwNDExMTU5OTg1NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Nko7JbRY7bl3uilCxKeNy8WyNE
utTFAeG/M4GwCxJJQPaRynl43q9tWN7uEmSCC1pqNhRNRWof+77jmW4FXm9Mx7VN
aqZY9Jk2oCnD7CNRjLPXhgrQRiiksG72vRj1mG9YyJL1dz/0wlk5sspOrba8N+55
oegwxNXMZ4J8P/RBGli7htKX1R0qESRcgGr9CNHeVz8SZ32u5+JHePabKhhaRB5A
3aF1z+1tSWvzIX9EQoFgxiTC488gyDeOxzGXMmuFCV5FGpdioZqgv/67hPyZOoRG
50bAW2ppWFAYEHT2f0ZuIIehcxM6FtxyF0qKZS+1usPWhZetsJq+60Fx9wIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFAIWnzUtzL3IrxJYYT2AQRFZmFb5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQWhhZk5TM012Y2l2RWxoaFBZQkJFVm1ZVnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAMEAMJX1wME
AcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwMEANTA1jAN
BgkqhkiG9w0BAQsFAAOCAQEAdeJqShPabimIGiIYlzu+yaMUkHu70GgkB+wWe6gj
+8oIkTYw/r+OIK2iIIZ7vj+GxtsljSC480ym949RyQWBh9JBFigaCOWFZBOwPaC9
vxfgzVl0CGIRdpIQUrvxIB/lQicC6FWkUEXAaMSdc9e9f8raLc6uSKOHDobxXrKn
T6meYmFQ+zt+t4n1kWJJQGKce5Xw6LudM+L6S1bC37kvDEnol2KeFgjMZXNZEnga
og0N0VkBgy9B9T5Ld1MtiIp7IYwfnw8i3491OlzcOs8YNo/oQF257w6DVt9PKzS7
w8HFggPaPGXg++IiakuVGSD9Fl8FD4Xs3AQdxZGtZ23VBg==
-----END CERTIFICATE-----
Generated at Thu Dec 7 08:55:44 2023 by rpki-client on console-ams.rpki-client.org