Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DgZSNC-Bl3U_svIzVewBZnvl1vQ.roa
File: DgZSNC-Bl3U_svIzVewBZnvl1vQ.roa (raw, json)
Hash identifier: //63XfzwlsUem7dbT0s+4jWxgx5PFfP4hPXd4JeWFf4=
Subject key identifier: 0E:06:52:34:2F:81:97:75:3F:B2:F2:33:55:EC:01:66:7B:E5:D6:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6018AD83AC3E7AAD73A58C58189E4679
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DgZSNC-Bl3U_svIzVewBZnvl1vQ.roa
Signing time: Mon 04 Sep 2023 12:09:04 +0000
ROA not before: Mon 04 Sep 2023 12:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:18:ad:83:ac:3e:7a:ad:73:a5:8c:58:18:9e:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e0652342f8197753fb2f23355ec01667be5d6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:35:d4:35:07:8d:f7:34:2f:04:7b:ba:ea:
04:3e:d4:91:7f:51:f4:7c:10:ee:df:30:78:bc:70:
7d:25:99:e7:80:96:e5:39:d0:6b:59:ea:4c:c4:c4:
ae:75:1a:e8:45:b8:9a:3b:df:e5:a1:0a:b5:e9:90:
59:2c:33:4e:de:95:9f:eb:ba:9d:ad:72:2e:9b:32:
4c:fe:e3:b5:08:5f:4d:b8:18:56:84:65:84:d0:10:
f0:ea:ce:b6:1f:b2:21:f5:12:26:ca:c4:1d:e7:7c:
d1:07:da:c9:83:56:23:3d:fd:f8:ee:cd:63:b0:8a:
03:8f:5a:4d:fd:6a:8b:e6:d6:c4:54:59:d1:d5:7b:
00:b4:97:55:56:2f:9d:56:3d:ea:b4:4f:55:88:fb:
cf:e5:7b:ea:19:7a:d4:54:28:85:ae:c4:78:95:5d:
9b:bf:6c:80:ee:ae:69:45:ec:16:2e:a5:80:7f:c5:
bf:e2:3e:9d:b8:ac:17:71:58:ba:bb:5b:f9:0a:b0:
ac:ac:4a:2e:25:ea:21:48:8c:1e:a5:1d:76:0c:a6:
5a:39:5b:74:f5:a8:fe:c5:fd:be:35:53:bb:91:0c:
dd:3f:67:6b:db:af:01:c3:b4:d8:e3:b0:8f:a8:f3:
ef:72:09:80:e6:0e:4e:33:1a:0b:c9:32:4f:3c:0c:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:06:52:34:2F:81:97:75:3F:B2:F2:33:55:EC:01:66:7B:E5:D6:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DgZSNC-Bl3U_svIzVewBZnvl1vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.26.0/24
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.79.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
98:d1:9b:77:5a:db:4a:0d:2f:8a:3a:78:48:df:fe:43:a7:3a:
db:ee:ba:ed:88:82:3d:b9:14:a5:ae:68:cb:96:49:5e:63:24:
1e:11:e0:3b:a6:8b:7a:5f:0f:e6:25:19:08:6c:d2:4c:37:f5:
f6:fc:a1:c9:c4:bb:f4:f9:e9:04:63:55:f9:60:37:90:ad:00:
9c:9c:0c:eb:04:7b:39:d3:f1:14:e9:97:eb:79:fa:c3:08:ae:
f1:18:ad:f2:9f:0d:0e:46:9f:8c:dc:d8:65:17:ff:50:99:cf:
83:39:af:6c:ad:8c:d3:24:58:2d:2d:82:49:2d:da:f0:97:d6:
a6:f7:e9:52:ea:eb:e7:5a:fa:dc:f1:ec:d9:89:4f:d4:e6:95:
5d:39:aa:46:ae:b1:50:8e:e6:dc:52:d0:b6:ef:0e:39:ad:96:
da:72:69:33:3c:db:17:0a:33:cf:2f:4b:b6:69:d2:0c:63:d1:
07:cf:90:7d:6d:ad:0e:11:c1:99:17:69:fe:a2:dc:39:a4:be:
0e:08:81:79:55:a0:c7:92:8c:4d:b7:36:92:d9:fb:21:d4:a8:
5b:ff:99:ec:0e:9b:99:3e:79:60:66:9f:e2:d4:87:b4:e9:0e:
ae:91:ea:fb:28:84:ba:bc:ec:9f:2d:aa:03:a2:0b:11:5b:7c:
13:89:83:77
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYpgGK2DrD56rXOljFgYnkZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA2NTIzNDJmODE5Nzc1M2ZiMmYyMzM1NWVjMDE2NjdiZTVkNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0Q11DUHjfc0LwR7uuoEPtSRf1H0
fBDu3zB4vHB9JZnngJblOdBrWepMxMSudRroRbiaO9/loQq16ZBZLDNO3pWf67qd
rXIumzJM/uO1CF9NuBhWhGWE0BDw6s62H7Ih9RImysQd53zRB9rJg1YjPf347s1j
sIoDj1pN/WqL5tbEVFnR1XsAtJdVVi+dVj3qtE9ViPvP5XvqGXrUVCiFrsR4lV2b
v2yA7q5pRewWLqWAf8W/4j6duKwXcVi6u1v5CrCsrEouJeohSIwepR12DKZaOVt0
9aj+xf2+NVO7kQzdP2dr268Bw7TY47CPqPPvcgmA5g5OMxoLyTJPPAwdTwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFA4GUjQvgZd1P7LyM1XsAWZ75db0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRGdaU05DLUJsM1Vfc3ZJelZld0JabnZsMXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAMB8sgMEAMB8tQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQBwleCMAwDBADCV4UD
BAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV74DBADCV8gDBADCV94DBADDOiQD
BADDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhRoDBADDhR4DBAHDhSgD
BADDhUkDBADDhU8DBAHDhVQwDQYJKoZIhvcNAQELBQADggEBAJjRm3da20oNL4o6
eEjf/kOnOtvuuu2Igj25FKWuaMuWSV5jJB4R4Dumi3pfD+YlGQhs0kw39fb8ocnE
u/T56QRjVflgN5CtAJycDOsEeznT8RTpl+t5+sMIrvEYrfKfDQ5Gn4zc2GUX/1CZ
z4M5r2ytjNMkWC0tgkkt2vCX1qb36VLq6+da+tzx7NmJT9TmlV05qkausVCO5txS
0LbvDjmtltpyaTM82xcKM88vS7Zp0gxj0QfPkH1trQ4RwZkXaf6i3Dmkvg4IgXlV
oMeSjE23NpLZ+yHUqFv/mewOm5k+eWBmn+LUh7TpDq6R6vsohLq87J8tqgOiCxFb
fBOJg3c=
-----END CERTIFICATE-----
Generated at Mon Sep 4 13:00:53 2023 by rpki-client on console-fra.rpki-client.org