Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DaiTbf4PxT5yaXsil1UxtHmafyA.roa
File: DaiTbf4PxT5yaXsil1UxtHmafyA.roa (raw, json)
Hash identifier: xWmdoQTpd2J77LNCgV+dA2LoQP3+ISFYF/lkzdX2zwc=
Subject key identifier: 0D:A8:93:6D:FE:0F:C5:3E:72:69:7B:22:97:55:31:B4:79:9A:7F:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C166BA13E680840C3849D7F400EAA2DF7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DaiTbf4PxT5yaXsil1UxtHmafyA.roa
Signing time: Tue 28 Nov 2023 14:53:21 +0000
ROA not before: Tue 28 Nov 2023 14:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:6b:a1:3e:68:08:40:c3:84:9d:7f:40:0e:aa:2d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 14:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0da8936dfe0fc53e72697b22975531b4799a7f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:8e:94:a4:d9:21:6c:93:88:6d:16:ee:d2:
0c:d3:b3:b1:95:6c:e3:1e:6d:62:e8:44:9b:61:0e:
52:60:9c:77:3c:2b:85:1c:03:12:b1:77:5b:ee:ed:
b7:c8:bc:ed:c9:c0:2b:07:ca:ce:5f:d5:08:2d:98:
b0:a7:30:fb:ca:eb:76:1e:29:a4:1a:7d:f3:3e:1e:
e0:85:ed:1f:09:a0:22:cd:0a:27:9b:ef:59:4c:f3:
d1:15:04:30:f6:b8:43:61:48:6a:92:9e:6f:4a:7c:
c4:90:69:1b:fd:0e:a5:4f:25:fd:f9:c2:08:03:ce:
10:49:1d:f2:f7:6b:9e:e4:0a:ce:9f:0a:26:c4:ae:
94:ec:eb:0f:9e:cb:11:ae:c8:40:92:53:4e:41:70:
e7:22:8e:9b:f7:98:86:6d:80:84:53:fc:ba:3a:54:
50:6e:92:90:48:87:ea:05:24:fa:14:32:ed:b8:c9:
39:af:7c:27:1c:e3:11:df:81:31:26:00:d8:d7:04:
c5:c6:16:3f:5c:3f:47:f9:46:dd:6f:a2:59:19:b2:
f6:24:5d:cb:97:b2:87:c2:ba:b5:40:53:1d:2d:e7:
10:d3:0d:c2:b4:c4:d1:87:22:ff:52:d4:a4:70:0f:
d3:cc:f4:2a:bc:a5:3c:d4:c9:d1:a5:32:d7:fc:dd:
d1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A8:93:6D:FE:0F:C5:3E:72:69:7B:22:97:55:31:B4:79:9A:7F:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DaiTbf4PxT5yaXsil1UxtHmafyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2c:bd:33:b0:2a:d4:3a:94:28:e7:55:34:2c:c4:2d:82:b2:
25:e5:b8:2c:be:12:c8:96:53:71:bd:14:cd:b7:d3:86:d7:a7:
88:0f:7a:92:25:d1:44:04:70:71:d8:d2:03:c7:d0:2b:4e:a8:
d9:c2:83:97:a9:5e:1c:21:94:0d:f8:de:f9:65:39:11:5b:0e:
ff:c7:cf:a2:c9:ac:e5:04:9b:84:e2:f9:8a:b2:87:61:16:3c:
d3:f5:16:96:07:02:ce:cc:a8:33:ee:f9:77:da:4e:48:8b:65:
a3:9d:71:14:a8:9f:f6:bd:b7:8f:2d:a5:11:23:bf:57:5d:b9:
72:b5:e1:d5:01:8e:f3:ff:67:8d:e8:7a:bc:4f:30:23:1a:9b:
9a:ff:71:38:e4:6c:39:5e:34:5b:88:f3:02:1e:ac:c5:76:b7:
a5:3a:a1:9e:6b:04:11:70:0f:d2:99:37:29:94:da:cc:9a:5f:
a1:99:b5:b2:b4:e4:b8:eb:20:db:10:18:cf:63:f1:ea:03:ab:
c3:35:85:61:fd:98:af:58:71:fa:06:2a:47:05:68:29:17:c8:
c4:1d:da:7c:00:80:82:b8:61:6e:ef:1d:15:b1:70:f4:ea:dc:
f2:d5:95:b7:6a:b3:bd:df:e9:c3:92:02:15:eb:85:8b:e7:41:
8a:a1:c5:c7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYwWa6E+aAhAw4Sdf0AOqi33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI4MTQ1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGE4OTM2ZGZlMGZjNTNlNzI2OTdiMjI5NzU1MzFiNDc5OWE3ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBuOlKTZIWyTiG0W7tIM07OxlWzj
Hm1i6ESbYQ5SYJx3PCuFHAMSsXdb7u23yLztycArB8rOX9UILZiwpzD7yut2Himk
Gn3zPh7ghe0fCaAizQonm+9ZTPPRFQQw9rhDYUhqkp5vSnzEkGkb/Q6lTyX9+cII
A84QSR3y92ue5ArOnwomxK6U7OsPnssRrshAklNOQXDnIo6b95iGbYCEU/y6OlRQ
bpKQSIfqBST6FDLtuMk5r3wnHOMR34ExJgDY1wTFxhY/XD9H+Ubdb6JZGbL2JF3L
l7KHwrq1QFMdLecQ0w3CtMTRhyL/UtSkcA/TzPQqvKU81MnRpTLX/N3RlQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFA2ok23+D8U+cml7IpdVMbR5mn8gMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRGFpVGJmNFB4VDV5YVhzaWwxVXh0SG1hZnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADBfMgDBADCOi8DBADCVwEwDAME
AMJXCwMEAMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAME
AMJXbAMEAcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAME
AcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwMEANTA1jAN
BgkqhkiG9w0BAQsFAAOCAQEAMiy9M7Aq1DqUKOdVNCzELYKyJeW4LL4SyJZTcb0U
zbfThteniA96kiXRRARwcdjSA8fQK06o2cKDl6leHCGUDfje+WU5EVsO/8fPosms
5QSbhOL5irKHYRY80/UWlgcCzsyoM+75d9pOSItlo51xFKif9r23jy2lESO/V125
crXh1QGO8/9njeh6vE8wIxqbmv9xOORsOV40W4jzAh6sxXa3pTqhnmsEEXAP0pk3
KZTazJpfoZm1srTkuOsg2xAYz2Px6gOrwzWFYf2Yr1hx+gYqRwVoKRfIxB3afACA
grhhbu8dFbFw9Orc8tWVt2qzvd/pw5ICFeuFi+dBiqHFxw==
-----END CERTIFICATE-----
Generated at Tue Nov 28 17:38:07 2023 by rpki-client on console-ams.rpki-client.org