Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K8dv9iX35jwjLF7_nRYC_LIVvms.roa
File: K8dv9iX35jwjLF7_nRYC_LIVvms.roa (raw, json)
Hash identifier: AvdCM5kmuv1+cZd8KSdRwsP8R45/ic/X8bc/4JpvFX8=
Subject key identifier: 2B:C7:6F:F6:25:F7:E6:3C:23:2C:5E:FF:9D:16:02:FC:B2:15:BE:6B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018572FA44FE2DFC955111482A9952B82F6D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K8dv9iX35jwjLF7_nRYC_LIVvms.roa
Signing time: Mon 02 Jan 2023 14:54:42 +0000
ROA not before: Mon 02 Jan 2023 14:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 194.87.3.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
195.133.86.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:44:fe:2d:fc:95:51:11:48:2a:99:52:b8:2f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 14:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bc76ff625f7e63c232c5eff9d1602fcb215be6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3f:cd:fa:6c:fc:e8:e5:91:3f:de:e3:be:ac:
82:89:dc:0d:80:ba:57:c2:70:73:f2:a4:a2:e4:8d:
d9:b0:c2:da:a1:f7:b3:fd:f0:99:a0:4f:fc:d4:4b:
78:fe:7f:e8:0c:80:e2:cd:80:db:c0:b5:75:78:03:
63:5c:02:ad:f1:30:a6:75:77:75:a9:2c:1a:24:f0:
f3:db:b5:db:43:0f:dd:69:43:4d:4c:28:57:14:04:
98:3a:98:f1:ed:e0:c8:25:55:f9:43:31:b3:a0:fb:
83:16:bd:ae:b6:4e:60:74:eb:67:38:ab:32:4e:66:
43:40:70:17:1a:5f:e0:bd:92:91:42:75:a8:c3:ed:
8d:7b:e1:2e:5e:f3:61:78:b1:7b:95:45:21:5c:4e:
b9:b9:86:f0:55:67:cc:1c:bf:40:a4:56:b3:fc:35:
57:a8:d9:32:4a:85:26:45:10:f0:25:3d:95:52:0b:
ef:57:a2:6e:92:f4:12:94:81:cc:b9:36:15:54:c9:
f0:fe:bd:b3:74:91:0b:7f:db:78:d2:d1:6e:31:2a:
57:ea:64:ac:0d:c2:cd:e1:02:fe:e5:36:78:89:24:
15:25:0f:82:f1:1a:7d:7b:de:f9:38:0a:b5:18:80:
c2:d7:0d:c4:e9:dd:99:bd:1d:8a:fa:00:78:05:dc:
e3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C7:6F:F6:25:F7:E6:3C:23:2C:5E:FF:9D:16:02:FC:B2:15:BE:6B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/K8dv9iX35jwjLF7_nRYC_LIVvms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
192.124.190.0/24
193.124.16.0/24
193.124.93.0/24
193.124.202.0/24
194.58.39.0/24
194.58.47.0/24
194.87.3.0/24
194.87.16.0/24
194.87.22.0/24
194.87.36.0/23
194.87.83.0/24
194.87.177.0/24
194.87.190.0/24
195.58.54.0/24
195.58.58.0/24
195.133.86.0/24
195.133.194.0/24
212.192.211.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c0:c1:17:f9:8e:13:6a:97:26:d3:cd:1b:dc:21:8f:7a:51:
23:73:7f:c5:b1:c5:fa:7a:e9:d1:f5:97:de:cf:8c:d6:24:3d:
0e:1e:73:92:f5:c0:96:a0:b5:5d:2c:30:b8:c8:b1:0b:fc:b3:
b8:2e:3a:08:3d:1f:30:8b:05:6c:b3:bd:a3:0f:00:59:6c:e6:
63:e4:95:d7:db:0a:21:fe:bb:d5:6c:fa:f6:8b:1c:82:ec:27:
5d:a8:24:c5:e5:19:b0:73:24:ae:2c:a8:22:d2:07:cd:c0:fc:
20:83:36:10:c5:07:6e:a6:8f:70:59:2a:40:41:9b:92:7b:86:
0f:b0:04:37:46:a4:73:b5:df:c4:a5:d2:f6:3d:3c:7b:07:8a:
dd:ab:8f:20:54:59:af:14:72:31:ce:77:51:da:f3:b9:de:5e:
66:f3:67:8c:ba:9d:86:a1:5d:89:44:bb:7c:b4:dc:cc:62:1e:
fa:0d:4a:a7:5d:78:e7:03:be:e0:25:e7:03:5d:70:96:7e:cc:
12:e8:2a:50:34:94:5f:97:48:16:6c:e0:0e:d1:4b:d8:b6:ea:
17:83:bd:21:36:fa:18:d4:fa:a8:93:cf:29:c3:79:92:42:4b:
24:6a:40:2e:61:0a:b6:a6:7f:43:cd:09:8a:08:ce:24:b6:f6:
2c:d4:b4:6f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYVy+kT+LfyVURFIKplSuC9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMTQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM3NmZmNjI1ZjdlNjNjMjMyYzVlZmY5ZDE2MDJmY2IyMTViZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/N+mz86OWRP97jvqyCidwNgLpX
wnBz8qSi5I3ZsMLaofez/fCZoE/81Et4/n/oDIDizYDbwLV1eANjXAKt8TCmdXd1
qSwaJPDz27XbQw/daUNNTChXFASYOpjx7eDIJVX5QzGzoPuDFr2utk5gdOtnOKsy
TmZDQHAXGl/gvZKRQnWow+2Ne+EuXvNheLF7lUUhXE65uYbwVWfMHL9ApFaz/DVX
qNkySoUmRRDwJT2VUgvvV6JukvQSlIHMuTYVVMnw/r2zdJELf9t40tFuMSpX6mSs
DcLN4QL+5TZ4iSQVJQ+C8Rp9e975OAq1GIDC1w3E6d2ZvR2K+gB4BdzjpQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCvHb/Yl9+Y8Iyxe/50WAvyyFb5rMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSzhkdjlpWDM1andqTEY3X25SWUNfTElWdm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAD5M
6AMEAD5M6wMEAMB8vgMEAMF8EAMEAMF8XQMEAMF8ygMEAMI6JwMEAMI6LwMEAMJX
AwMEAMJXEAMEAMJXFgMEAcJXJAMEAMJXUwMEAMJXsQMEAMJXvgMEAMM6NgMEAMM6
OgMEAMOFVgMEAMOFwgMEANTA0wMEANTBCDANBgkqhkiG9w0BAQsFAAOCAQEAVcDB
F/mOE2qXJtPNG9whj3pRI3N/xbHF+nrp0fWX3s+M1iQ9Dh5zkvXAlqC1XSwwuMix
C/yzuC46CD0fMIsFbLO9ow8AWWzmY+SV19sKIf671Wz69oscguwnXagkxeUZsHMk
riyoItIHzcD8IIM2EMUHbqaPcFkqQEGbknuGD7AEN0akc7XfxKXS9j08eweK3auP
IFRZrxRyMc53Udrzud5eZvNnjLqdhqFdiUS7fLTczGIe+g1Kp1145wO+4CXnA11w
ln7MEugqUDSUX5dIFmzgDtFL2LbqF4O9ITb6GNT6qJPPKcN5kkJLJGpALmEKtqZ/
Q80JigjOJLb2LNS0bw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org