Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L9urhXKfJAeLCmJM1kN9G0UnN0Q.roa
File: L9urhXKfJAeLCmJM1kN9G0UnN0Q.roa (raw, json)
Hash identifier: NDmYwq4g37HUEs3HRfz1gpIKWHSWjlRBOj1KZeJzm4Q=
Subject key identifier: 2F:DB:AB:85:72:9F:24:07:8B:0A:62:4C:D6:43:7D:1B:45:27:37:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C16670DF1F38D694176A2F238B7E1F4EB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L9urhXKfJAeLCmJM1kN9G0UnN0Q.roa
Signing time: Tue 28 Nov 2023 14:48:21 +0000
ROA not before: Tue 28 Nov 2023 14:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
193.124.203.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:67:0d:f1:f3:8d:69:41:76:a2:f2:38:b7:e1:f4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 14:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fdbab85729f24078b0a624cd6437d1b45273744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2d:32:5a:f8:a5:80:93:3e:47:86:f2:a7:da:
9e:00:40:3b:01:6a:5e:76:36:89:d3:95:98:43:01:
15:0a:f1:61:b1:82:34:da:0b:0f:c3:6b:24:3f:e9:
47:22:27:15:2d:e4:40:da:19:9f:ca:d6:de:37:12:
7d:b9:a5:3f:ef:52:c3:90:0a:aa:da:b1:a4:fe:7c:
30:45:5c:bf:a5:4c:d1:fb:c1:00:71:9a:b9:01:76:
2f:05:59:e8:85:a3:74:e3:7a:ce:da:af:c0:c2:88:
4c:ac:e9:57:ea:09:de:70:f1:bf:37:a6:8c:45:87:
43:07:0d:0e:c3:f3:b1:be:73:0c:bb:0c:e3:f1:f4:
80:db:8c:52:53:c9:7b:77:de:c4:58:25:3d:4d:1f:
50:27:64:ca:0b:6f:33:6d:57:cb:63:7d:d7:d5:37:
d9:36:41:36:ea:c4:d7:bd:12:0e:65:a0:0a:5f:2e:
0e:a6:f0:0b:2d:e4:6d:29:94:ee:62:d2:90:0b:30:
97:9d:7d:4b:bb:24:f8:77:f2:32:33:55:17:ef:32:
c4:4c:0e:19:4a:b1:62:33:c0:b2:33:4f:16:ab:de:
71:fd:5e:e2:4f:59:e7:0a:38:2b:6b:6e:3f:b2:29:
a4:55:44:2d:c0:73:25:ba:fa:bd:00:b5:1f:c3:1f:
80:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DB:AB:85:72:9F:24:07:8B:0A:62:4C:D6:43:7D:1B:45:27:37:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/L9urhXKfJAeLCmJM1kN9G0UnN0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
193.124.203.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a4:b7:fc:7e:e7:ce:2b:d3:19:0d:3e:23:90:ef:e4:bf:28:
3d:a2:35:1f:01:0b:a2:ad:5a:98:45:ad:af:c9:93:ad:56:a3:
0a:36:3a:a7:47:ef:11:9c:5b:4f:70:72:b0:4b:82:7e:9f:09:
b2:03:80:1f:21:12:e6:c2:78:bc:12:c8:b1:8c:12:2e:74:4b:
f4:43:6d:ee:1e:db:40:b6:4c:8e:76:69:1c:19:c1:24:b6:8d:
e0:08:76:75:ac:f1:74:58:9c:35:b6:56:a4:33:fb:45:c2:42:
0b:90:14:f1:b7:60:ac:9f:96:f8:54:65:ae:61:87:08:30:a9:
5c:cf:00:05:f4:06:5c:e8:84:0f:0e:d3:c8:f4:cd:7c:d2:38:
ec:2d:dd:9a:74:ad:a6:3f:14:77:eb:3c:ea:09:f2:9c:47:0b:
5f:ba:9b:fc:91:8d:94:86:08:68:14:4d:d4:09:3e:4d:ef:7d:
50:83:3d:3f:72:16:3a:f1:0d:8b:95:9a:f2:54:cb:a2:8d:2d:
f3:4e:a7:51:f5:79:06:cc:7f:27:b9:de:ce:60:c2:7f:43:77:
5b:b8:e7:c2:c9:b5:05:e2:29:ec:95:70:6d:d0:33:e3:ee:08:
b1:94:fb:7f:93:09:c7:5a:7e:33:dd:37:15:28:e8:5e:9c:57:
97:8c:9b:9a
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYwWZw3x841pQXai8ji34fTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI4MTQ0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmRiYWI4NTcyOWYyNDA3OGIwYTYyNGNkNjQzN2QxYjQ1MjczNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC0yWvilgJM+R4byp9qeAEA7AWpe
djaJ05WYQwEVCvFhsYI02gsPw2skP+lHIicVLeRA2hmfytbeNxJ9uaU/71LDkAqq
2rGk/nwwRVy/pUzR+8EAcZq5AXYvBVnohaN043rO2q/AwohMrOlX6gnecPG/N6aM
RYdDBw0Ow/OxvnMMuwzj8fSA24xSU8l7d97EWCU9TR9QJ2TKC28zbVfLY33X1TfZ
NkE26sTXvRIOZaAKXy4OpvALLeRtKZTuYtKQCzCXnX1LuyT4d/IyM1UX7zLETA4Z
SrFiM8CyM08Wq95x/V7iT1nnCjgra24/simkVUQtwHMluvq9ALUfwx+AyQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFC/bq4VynyQHiwpiTNZDfRtFJzdEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTDl1cmhYS2ZKQWVMQ21KTTFrTjlHMFVuTjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADBfMgDBADBfMsDBADCOi8DBADC
VwEwDAMEAMJXCwMEAMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwME
AMJXaAMEAMJXbAMEAcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswME
AMJXyAMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwME
ANTA1jANBgkqhkiG9w0BAQsFAAOCAQEARqS3/H7nzivTGQ0+I5Dv5L8oPaI1HwEL
oq1amEWtr8mTrVajCjY6p0fvEZxbT3BysEuCfp8JsgOAHyES5sJ4vBLIsYwSLnRL
9ENt7h7bQLZMjnZpHBnBJLaN4Ah2dazxdFicNbZWpDP7RcJCC5AU8bdgrJ+W+FRl
rmGHCDCpXM8ABfQGXOiEDw7TyPTNfNI47C3dmnStpj8Ud+s86gnynEcLX7qb/JGN
lIYIaBRN1Ak+Te99UIM9P3IWOvENi5Wa8lTLoo0t806nUfV5Bsx/J7nezmDCf0N3
W7jnwsm1BeIp7JVwbdAz4+4IsZT7f5MJx1p+M903FSjoXpxXl4ybmg==
-----END CERTIFICATE-----
Generated at Tue Nov 28 15:51:00 2023 by rpki-client on console-ams.rpki-client.org