Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DyYUebNs_CWV013dE7MZPmvMTwQ.roa
File: DyYUebNs_CWV013dE7MZPmvMTwQ.roa (raw, json)
Hash identifier: GCv7M/GZ9nqTdnldCKvIrskKyP7o37/ga7xV5OnEV18=
Subject key identifier: 0F:26:14:79:B3:6C:FC:25:95:D3:5D:DD:13:B3:19:3E:6B:CC:4F:04
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A602001BB34275514EB603422F73C887C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DyYUebNs_CWV013dE7MZPmvMTwQ.roa
Signing time: Mon 04 Sep 2023 12:17:04 +0000
ROA not before: Mon 04 Sep 2023 12:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:20:01:bb:34:27:55:14:eb:60:34:22:f7:3c:88:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f261479b36cfc2595d35ddd13b3193e6bcc4f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:45:4b:21:d0:f5:52:e3:7f:da:ea:c4:7f:
60:c2:ec:3d:df:56:dc:65:a8:48:08:3f:98:8d:d5:
7b:0d:a1:60:9e:ef:0d:61:e4:57:83:68:2d:7a:7f:
6c:93:93:06:6a:2e:fd:54:0a:71:9d:f4:62:dc:e5:
79:2c:02:ac:3e:59:e1:96:4a:c6:66:6e:a6:30:1f:
a0:07:f4:f3:ce:cb:fc:93:91:59:0d:bf:80:8b:22:
9e:e8:61:35:33:21:1c:a6:2f:53:a1:6b:d9:74:b4:
d8:3a:bc:ee:13:61:5d:99:a1:f1:6e:25:3e:ab:21:
77:39:b0:29:6f:ec:1d:45:20:5f:0a:fe:df:46:4b:
ba:68:65:23:87:87:cd:06:5a:94:0b:26:6f:7f:52:
db:88:2e:d6:93:b6:12:41:7e:54:c3:60:c4:da:61:
eb:3a:85:12:96:34:fb:01:89:14:78:4b:84:16:2a:
96:3d:37:cb:14:ec:9b:0e:fb:6e:8f:48:41:fb:da:
f8:24:0a:76:3c:88:e5:f3:9b:0e:c0:47:ec:fd:1d:
b0:dd:4b:ab:2b:0c:c2:0e:1d:97:22:03:e7:ad:7f:
60:c9:09:28:98:0c:73:b4:c5:cc:ab:0f:a4:4f:b6:
ce:93:ad:92:a6:af:5d:ec:b5:63:71:31:d7:10:25:
65:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:26:14:79:B3:6C:FC:25:95:D3:5D:DD:13:B3:19:3E:6B:CC:4F:04
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DyYUebNs_CWV013dE7MZPmvMTwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.79.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
89:2a:bf:45:9d:99:1c:31:5a:f5:ee:c8:bf:4b:a7:5b:0b:5e:
84:b5:e2:7e:6c:e0:bd:e4:fe:ae:94:91:f5:0f:08:8b:8b:e8:
2f:62:96:c6:c1:b8:a9:7d:ff:4a:01:4a:b5:38:a3:d9:9a:e2:
0e:66:24:76:4e:8a:4d:1e:e3:2c:a1:9c:aa:00:cf:4c:26:fe:
a5:da:b7:5a:8c:f0:cb:d4:0e:36:cf:a7:b3:79:3b:e8:0f:68:
b5:a1:46:dd:c7:03:d6:91:32:46:1d:b2:88:57:06:82:89:8e:
09:96:a9:70:d2:ab:d8:22:27:fe:ae:d8:cc:c8:15:84:e7:be:
08:b1:ab:89:74:31:76:fd:65:85:3a:93:b9:70:93:57:c2:83:
f9:17:ad:57:77:39:33:49:ec:be:61:6f:b7:35:6d:2c:12:e7:
23:8d:7d:ae:fa:ff:33:b2:3c:24:72:b2:41:fc:52:8e:98:9c:
24:48:3c:79:8f:b4:aa:07:ad:57:ab:b8:cb:1c:02:c3:a1:94:
df:a2:cb:a0:e3:10:b7:a8:c3:6c:06:50:06:65:c5:c7:e4:e2:
27:7d:b5:fd:30:fe:55:b7:a3:12:fd:2c:eb:16:d8:60:70:3c:
79:38:51:f9:e3:18:e2:ad:91:5e:0a:f7:58:a6:22:a2:22:30:
4e:e5:93:f4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYpgIAG7NCdVFOtgNCL3PIh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI2MTQ3OWIzNmNmYzI1OTVkMzVkZGQxM2IzMTkzZTZiY2M0ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc1FSyHQ9VLjf9rqxH9gwuw931bc
ZahICD+YjdV7DaFgnu8NYeRXg2gten9sk5MGai79VApxnfRi3OV5LAKsPlnhlkrG
Zm6mMB+gB/Tzzsv8k5FZDb+AiyKe6GE1MyEcpi9ToWvZdLTYOrzuE2FdmaHxbiU+
qyF3ObApb+wdRSBfCv7fRku6aGUjh4fNBlqUCyZvf1LbiC7Wk7YSQX5Uw2DE2mHr
OoUSljT7AYkUeEuEFiqWPTfLFOybDvtuj0hB+9r4JAp2PIjl85sOwEfs/R2w3Uur
KwzCDh2XIgPnrX9gyQkomAxztMXMqw+kT7bOk62Spq9d7LVjcTHXECVlrQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFA8mFHmzbPwlldNd3ROzGT5rzE8EMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRHlZVWViTnNfQ1dWMDEzZEU3TVpQbXZNVHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQAwHyyAwQAwHy1AwQAwHy/AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjov
AwQAwjqaAwQAwlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADC
V0kDBADCV1MDBADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IwDAMEAMJXhQME
A8JXgAMEAMJXlwMEAMJXqAMEAMJXswMEAMJXvgMEAMJXyAMEAMJX3gMEAMM6JAME
AMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOFHgMEAcOFKAMEAMOFSQME
AMOFTwMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAiSq/RZ2ZHDFa9e7Iv0unWwte
hLXifmzgveT+rpSR9Q8Ii4voL2KWxsG4qX3/SgFKtTij2ZriDmYkdk6KTR7jLKGc
qgDPTCb+pdq3Wozwy9QONs+ns3k76A9otaFG3ccD1pEyRh2yiFcGgomOCZapcNKr
2CIn/q7YzMgVhOe+CLGriXQxdv1lhTqTuXCTV8KD+RetV3c5M0nsvmFvtzVtLBLn
I419rvr/M7I8JHKyQfxSjpicJEg8eY+0qgetV6u4yxwCw6GU36LLoOMQt6jDbAZQ
BmXFx+TiJ321/TD+VbejEv0s6xbYYHA8eThR+eMY4q2RXgr3WKYioiIwTuWT9A==
-----END CERTIFICATE-----
Generated at Mon Sep 4 15:17:57 2023 by rpki-client on console-ams.rpki-client.org