Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K67MmNKqpHEit8Im5w5w2YaNEpQ.roa
File: K67MmNKqpHEit8Im5w5w2YaNEpQ.roa (raw, json)
Hash identifier: ypjC6E0Uv++d3uOpr1Fjk2/+DFtckwS325yJoBTcPBY=
Subject key identifier: 2B:AE:CC:98:D2:AA:A4:71:22:B7:C2:26:E7:0E:70:D9:86:8D:12:94
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A609E588F042AC2267CA957F53BE711BF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K67MmNKqpHEit8Im5w5w2YaNEpQ.roa
Signing time: Mon 04 Sep 2023 14:35:04 +0000
ROA not before: Mon 04 Sep 2023 14:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:9e:58:8f:04:2a:c2:26:7c:a9:57:f5:3b:e7:11:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 14:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2baecc98d2aaa47122b7c226e70e70d9868d1294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fd:1a:00:53:d2:93:9c:fd:f4:7b:04:32:22:
ac:69:45:c1:9a:97:17:bb:de:f3:06:d5:91:85:00:
9c:3f:c0:05:44:92:45:08:98:15:02:01:ef:62:60:
98:7d:de:78:3b:91:99:fe:a8:88:f1:bc:51:84:dd:
6e:9d:e6:fc:d7:1d:ca:ce:12:a3:37:74:69:58:37:
13:67:0f:4f:e7:fe:1f:a6:2e:4e:db:fc:07:af:e6:
e5:f9:da:5f:45:d3:e4:3e:32:a9:52:d8:b0:70:a4:
60:96:ac:9b:60:69:56:70:76:26:b2:fa:95:65:10:
58:f3:a6:7f:95:cd:21:8f:f1:bc:d1:03:d4:a2:b4:
e3:52:9d:39:43:36:90:d1:1e:d9:15:2e:39:b9:3d:
b0:b5:81:35:bb:e8:03:1d:a9:93:a2:dc:44:73:22:
0e:4f:23:63:0d:4e:0d:4c:f1:11:43:72:38:b5:45:
97:1c:b0:80:14:72:7c:12:28:1a:43:ff:e1:6b:84:
2e:7b:90:27:10:57:58:66:b0:db:2a:73:8d:93:42:
30:16:05:34:a5:a6:dd:ab:0c:34:85:71:69:27:8b:
da:cd:b3:06:8c:f0:f3:7f:dc:6b:80:d9:d0:08:af:
65:87:24:9a:55:76:ea:cf:5e:82:8c:c9:a0:b0:82:
9d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AE:CC:98:D2:AA:A4:71:22:B7:C2:26:E7:0E:70:D9:86:8D:12:94
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K67MmNKqpHEit8Im5w5w2YaNEpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.79.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
53:7d:89:22:a7:e8:bd:48:74:a7:c9:38:ec:bb:fb:cd:44:a1:
8a:56:68:bf:56:70:9d:43:81:9a:37:76:6f:29:dc:99:5d:da:
be:6a:ed:29:d4:e6:3f:ba:a0:25:63:85:42:e3:10:bf:1a:b8:
04:e8:45:dc:89:1c:b1:75:94:45:b6:a3:2e:04:2e:80:58:86:
ed:23:07:a2:7c:65:2c:0d:22:48:ca:bd:7a:99:88:46:4f:1e:
3e:73:7b:1b:0c:3b:a1:92:92:55:c6:58:b6:52:83:fc:d4:46:
b5:64:ac:d9:7c:3f:3e:98:c2:58:37:ee:76:29:61:a8:ac:70:
82:b6:fc:53:5c:aa:4e:8c:86:1c:4f:7a:1a:a5:b0:f9:c2:67:
47:46:01:ed:fe:17:66:eb:cc:88:e0:3b:d2:88:63:40:66:8a:
f3:13:10:b6:26:76:fc:3f:df:c0:c3:87:22:90:a7:19:50:8c:
73:63:bf:54:ba:c8:7b:54:1f:b4:d0:aa:86:dc:12:75:dc:80:
ee:03:c0:05:75:06:e5:95:08:e5:32:88:c5:79:f0:14:9a:24:
f5:ee:f3:7e:3f:9f:83:24:5e:76:61:55:03:b6:73:e4:ba:bc:
14:31:32:fc:ac:08:3a:a3:d0:c1:88:a8:71:24:59:86:ab:af:
84:bf:75:64
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYpgnliPBCrCJnypV/U75xG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTQzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFlY2M5OGQyYWFhNDcxMjJiN2MyMjZlNzBlNzBkOTg2OGQxMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv0aAFPSk5z99HsEMiKsaUXBmpcX
u97zBtWRhQCcP8AFRJJFCJgVAgHvYmCYfd54O5GZ/qiI8bxRhN1uneb81x3KzhKj
N3RpWDcTZw9P5/4fpi5O2/wHr+bl+dpfRdPkPjKpUtiwcKRglqybYGlWcHYmsvqV
ZRBY86Z/lc0hj/G80QPUorTjUp05QzaQ0R7ZFS45uT2wtYE1u+gDHamTotxEcyIO
TyNjDU4NTPERQ3I4tUWXHLCAFHJ8EigaQ//ha4Que5AnEFdYZrDbKnONk0IwFgU0
pabdqww0hXFpJ4vazbMGjPDzf9xrgNnQCK9lhySaVXbqz16CjMmgsIKdswIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFCuuzJjSqqRxIrfCJucOcNmGjRKUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSzY3TW1OS3FwSEVpdDhJbTV3NXcyWWFORXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQAwHyyAwQAwHy1AwQAwHy/AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjov
AwQAwjqaAwQAwlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADC
V0kDBADCV1MDBADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IwDAMEAMJXhQME
A8JXgAMEAMJXlwMEAMJXqAMEAMJXswMEAMJXvgMEAMJXyAMEAMJX3gMEAMM6JAME
AMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOFHgMEAcOFKAMEAMOFSQME
AMOFTwMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAU32JIqfovUh0p8k47Lv7zUSh
ilZov1ZwnUOBmjd2byncmV3avmrtKdTmP7qgJWOFQuMQvxq4BOhF3IkcsXWURbaj
LgQugFiG7SMHonxlLA0iSMq9epmIRk8ePnN7Gww7oZKSVcZYtlKD/NRGtWSs2Xw/
PpjCWDfudilhqKxwgrb8U1yqToyGHE96GqWw+cJnR0YB7f4XZuvMiOA70ohjQGaK
8xMQtiZ2/D/fwMOHIpCnGVCMc2O/VLrIe1QftNCqhtwSddyA7gPABXUG5ZUI5TKI
xXnwFJok9e7zfj+fgyRedmFVA7Zz5Lq8FDEy/KwIOqPQwYiocSRZhquvhL91ZA==
-----END CERTIFICATE-----
Generated at Wed Sep 6 16:07:24 2023 by rpki-client on console-ams.rpki-client.org