Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GQF5lESMvWrhn_UYkGPF5iO4fTY.roa
File: GQF5lESMvWrhn_UYkGPF5iO4fTY.roa (raw, json)
Hash identifier: 0X7STA/WuEFB8h2Iybey8sy0XqOgK2yCk+uhIJHWlUI=
Subject key identifier: 19:01:79:94:44:8C:BD:6A:E1:9F:F5:18:90:63:C5:E6:23:B8:7D:36
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B46339188B23EBE34D22CDB1F815A7970
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GQF5lESMvWrhn_UYkGPF5iO4fTY.roa
Signing time: Thu 19 Oct 2023 04:31:06 +0000
ROA not before: Thu 19 Oct 2023 04:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:33:91:88:b2:3e:be:34:d2:2c:db:1f:81:5a:79:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 19 04:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19017994448cbd6ae19ff5189063c5e623b87d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b4:6a:40:62:ae:ef:24:ec:60:3c:e8:93:3a:
15:9c:71:5c:b0:07:0e:ee:d4:4c:ee:58:83:c2:55:
b1:26:e8:f0:ac:13:d5:5e:29:4a:63:84:4d:95:18:
ba:f9:48:64:1d:5a:3e:7b:94:07:ae:c8:d0:ea:4a:
d3:b3:5d:85:0d:23:63:4a:73:f3:29:5c:1c:fa:d7:
1c:39:f8:05:e7:4e:7d:69:56:90:59:c7:c4:9c:36:
5e:2c:73:7c:42:ec:03:a5:52:fd:2b:6b:ca:97:97:
c4:1d:2a:2b:8b:46:31:1c:5d:e1:8d:aa:9d:b8:70:
b6:ac:39:fe:e7:22:ab:d8:96:96:2b:bb:e7:ea:09:
6a:8e:8d:90:b7:c4:b3:63:49:09:a9:c4:b4:19:b4:
33:b3:f5:ea:7b:11:8d:8a:f8:b3:ed:ed:29:6b:0b:
bf:9b:0f:a7:2c:0f:9f:5c:40:f2:3c:dd:1a:27:85:
84:77:13:87:f3:c9:46:5b:5e:e4:46:e4:c8:db:d5:
5f:2e:4e:d2:61:9a:02:f3:2a:eb:04:aa:75:66:23:
8a:06:87:dd:b7:82:c4:92:1f:1b:8a:ec:67:68:e4:
b4:f5:e1:3d:be:33:94:0b:76:ac:59:98:c4:a8:84:
67:63:6a:f6:48:04:58:ab:09:1e:fb:b8:81:47:a7:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:01:79:94:44:8C:BD:6A:E1:9F:F5:18:90:63:C5:E6:23:B8:7D:36
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GQF5lESMvWrhn_UYkGPF5iO4fTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.220.0/24
194.87.222.0/24
194.135.18.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d4:36:63:17:97:20:00:c8:5b:1a:2b:c0:7e:98:cc:4b:2f:
c9:c7:fe:0f:77:9b:b3:57:27:b6:e5:ac:bd:e6:5b:8f:41:d7:
bb:7a:b4:eb:b2:cb:29:ac:fa:c6:80:a2:be:93:bc:ee:57:a0:
0e:28:0a:c9:ea:63:00:76:b7:09:b0:44:9a:75:1e:ad:30:ff:
21:5c:17:39:5f:79:bd:2a:28:59:46:6f:19:c0:c6:e2:3b:2a:
79:73:2f:bd:e2:9e:d1:5a:07:33:f9:d5:c2:13:2e:a7:67:c7:
a3:70:19:e1:82:21:ab:df:15:8c:ae:56:8a:74:e3:71:a3:cb:
3b:0b:1e:b4:5f:13:5e:40:b4:e4:39:0d:fc:00:58:a3:2a:0d:
59:28:e9:d3:66:b3:5c:93:87:ca:91:40:82:84:26:1f:55:9a:
6a:3c:e2:bb:26:5a:3e:92:8f:ff:97:22:09:ae:b9:6e:18:8b:
10:26:49:13:62:14:e8:c0:55:7a:ad:e7:48:26:59:00:2c:99:
18:67:e2:d1:a6:76:fc:1f:62:63:c8:99:2b:eb:e9:c9:39:1a:
69:53:4a:3d:60:7d:66:dc:1c:2c:44:66:87:be:26:4c:67:33:
8c:db:9a:9c:00:d1:e2:63:52:95:34:7f:32:20:e2:dc:d7:8d:
38:f9:31:86
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYtGM5GIsj6+NNIs2x+BWnlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE5MDQzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTAxNzk5NDQ0OGNiZDZhZTE5ZmY1MTg5MDYzYzVlNjIzYjg3ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbRqQGKu7yTsYDzokzoVnHFcsAcO
7tRM7liDwlWxJujwrBPVXilKY4RNlRi6+UhkHVo+e5QHrsjQ6krTs12FDSNjSnPz
KVwc+tccOfgF5059aVaQWcfEnDZeLHN8QuwDpVL9K2vKl5fEHSori0YxHF3hjaqd
uHC2rDn+5yKr2JaWK7vn6glqjo2Qt8SzY0kJqcS0GbQzs/XqexGNiviz7e0pawu/
mw+nLA+fXEDyPN0aJ4WEdxOH88lGW17kRuTI29VfLk7SYZoC8yrrBKp1ZiOKBofd
t4LEkh8biuxnaOS09eE9vjOUC3asWZjEqIRnY2r2SARYqwke+7iBR6f/6wIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFBkBeZREjL1q4Z/1GJBjxeYjuH02MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR1FGNWxFU012V3Jobl9VWWtHUEY1aU80ZlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAMB8sgMEAMB8tQMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV9wDBADCV94DBADChxIDBADDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYD
BADDhR4DBAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEB
AITUNmMXlyAAyFsaK8B+mMxLL8nH/g93m7NXJ7blrL3mW49B17t6tOuyyyms+saA
or6TvO5XoA4oCsnqYwB2twmwRJp1Hq0w/yFcFzlfeb0qKFlGbxnAxuI7KnlzL73i
ntFaBzP51cITLqdnx6NwGeGCIavfFYyuVop043GjyzsLHrRfE15AtOQ5DfwAWKMq
DVko6dNms1yTh8qRQIKEJh9Vmmo84rsmWj6Sj/+XIgmuuW4YixAmSRNiFOjAVXqt
50gmWQAsmRhn4tGmdvwfYmPImSvr6ck5GmlTSj1gfWbcHCxEZoe+JkxnM4zbmpwA
0eJjUpU0fzIg4tzXjTj5MYY=
-----END CERTIFICATE-----
Generated at Thu Oct 19 06:58:01 2023 by rpki-client on console-ams.rpki-client.org