Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LbOEeA0sgaDauvKJY1FrMl49-XI.roa
File: LbOEeA0sgaDauvKJY1FrMl49-XI.roa (raw, json)
Hash identifier: 3tSBB23g0NsIkCkEtCYxw12LUilwUeDyL+If74sIp+g=
Subject key identifier: 2D:B3:84:78:0D:2C:81:A0:DA:BA:F2:89:63:51:6B:32:5E:3D:F9:72
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B147E7E1172B7AD0E2FE8426CF3AA28BA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LbOEeA0sgaDauvKJY1FrMl49-XI.roa
Signing time: Mon 09 Oct 2023 12:51:56 +0000
ROA not before: Mon 09 Oct 2023 12:51:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:7e:7e:11:72:b7:ad:0e:2f:e8:42:6c:f3:aa:28:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 12:51:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2db384780d2c81a0dabaf28963516b325e3df972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cc:f5:92:a0:41:46:a3:ff:a2:8d:f8:a9:37:
8e:01:c1:09:69:7f:14:84:ec:f0:04:ae:bf:80:fc:
22:b2:42:20:3a:ec:be:2d:d0:e5:5f:bb:b4:b8:5c:
b8:78:2f:dd:fe:79:0d:37:5f:51:23:55:49:c1:ad:
19:41:ea:0c:8f:42:ec:fb:cd:3d:fb:28:5e:2c:be:
3e:dc:4d:65:5a:07:26:69:a2:2e:7e:ea:0b:d5:57:
4f:22:1d:3e:42:4e:fa:7c:55:16:0b:62:e8:53:72:
00:f1:f2:f7:f3:eb:c1:8c:9c:18:66:67:48:7c:19:
67:7e:04:e9:c7:87:c7:ab:dd:3c:66:93:e9:4e:5d:
0d:f5:9a:f1:06:0b:31:2c:ff:55:90:9d:ed:26:48:
71:bc:1a:68:e8:fb:00:54:5f:e7:02:51:07:d5:c7:
fd:a2:5f:79:2d:d7:ca:61:38:d0:ca:5c:aa:f3:b2:
09:4d:f8:55:98:2f:7c:6b:43:5d:05:34:08:59:0c:
1b:7a:89:f9:86:1e:c9:92:64:77:5b:f6:f5:b5:56:
1f:c7:bf:fe:83:a0:a1:1f:6e:90:90:95:1c:fb:8b:
2e:30:17:b1:4f:86:10:ae:af:e4:73:b2:77:20:93:
29:82:e4:7b:2b:0c:5e:64:4e:33:52:a7:b2:2d:88:
d0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B3:84:78:0D:2C:81:A0:DA:BA:F2:89:63:51:6B:32:5E:3D:F9:72
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LbOEeA0sgaDauvKJY1FrMl49-XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
194.135.18.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.37.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:5e:1d:9a:ce:f7:4f:51:6d:d9:32:cb:2d:c2:9b:7e:e6:25:
b4:5e:55:12:c7:8a:49:53:22:b5:88:60:ee:25:0c:c9:ab:53:
3a:64:28:14:6a:1d:b4:14:92:32:06:c0:7f:b3:62:49:36:87:
97:b2:ad:83:41:5f:ae:38:41:c2:01:2d:d2:16:5e:72:21:4d:
0c:a3:f0:76:e3:a0:c4:28:9b:e5:a9:29:80:38:29:b7:21:59:
55:4d:db:d2:3c:37:72:7e:a8:a5:0c:39:8f:a7:ff:ef:08:85:
ae:c9:2f:60:69:15:98:fc:a2:2f:71:93:2f:f7:a7:5f:3b:8a:
32:e8:01:45:e1:f1:73:02:55:e2:37:34:14:24:5c:c4:f2:2c:
de:5a:2a:a1:03:8c:c3:75:a3:28:3b:28:ad:32:fe:7e:f8:85:
69:52:5f:6f:30:1b:1a:3f:d0:36:2b:91:20:72:a0:ee:ec:37:
61:a9:88:3c:7c:67:fd:e8:93:fb:55:16:77:28:74:a1:1c:61:
cd:a7:35:32:99:63:02:e7:aa:f3:a6:77:78:4c:84:23:50:3c:
66:0e:54:86:1d:7c:fc:5c:03:a1:b2:41:60:25:a6:81:37:4d:
76:8b:32:0f:9a:21:b6:ce:28:5e:c8:c7:8e:e1:b2:df:af:56:
9f:28:67:8f
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYsUfn4RcretDi/oQmzzqii6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MTI1MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIzODQ3ODBkMmM4MWEwZGFiYWYyODk2MzUxNmIzMjVlM2RmOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMz1kqBBRqP/oo34qTeOAcEJaX8U
hOzwBK6/gPwiskIgOuy+LdDlX7u0uFy4eC/d/nkNN19RI1VJwa0ZQeoMj0Ls+809
+yheLL4+3E1lWgcmaaIufuoL1VdPIh0+Qk76fFUWC2LoU3IA8fL38+vBjJwYZmdI
fBlnfgTpx4fHq908ZpPpTl0N9ZrxBgsxLP9VkJ3tJkhxvBpo6PsAVF/nAlEH1cf9
ol95LdfKYTjQylyq87IJTfhVmC98a0NdBTQIWQwbeon5hh7JkmR3W/b1tVYfx7/+
g6ChH26QkJUc+4suMBexT4YQrq/kc7J3IJMpguR7KwxeZE4zUqeyLYjQiQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFC2zhHgNLIGg2rryiWNRazJePflyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTGJPRWVBMHNnYURhdXZLSlkxRnJNbDQ5LVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADChxIwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOF
BgMEAMOFHgMEAMOFJQMEAcOFKAMEAMOFSQMEAcOFVAMEANTA1jANBgkqhkiG9w0B
AQsFAAOCAQEACl4dms73T1Ft2TLLLcKbfuYltF5VEseKSVMitYhg7iUMyatTOmQo
FGodtBSSMgbAf7NiSTaHl7Ktg0FfrjhBwgEt0hZeciFNDKPwduOgxCib5akpgDgp
tyFZVU3b0jw3cn6opQw5j6f/7wiFrskvYGkVmPyiL3GTL/enXzuKMugBReHxcwJV
4jc0FCRcxPIs3loqoQOMw3WjKDsorTL+fviFaVJfbzAbGj/QNiuRIHKg7uw3YamI
PHxn/eiT+1UWdyh0oRxhzac1MpljAueq86Z3eEyEI1A8Zg5Uhh18/FwDobJBYCWm
gTdNdosyD5ohts4oXsjHjuGy369Wnyhnjw==
-----END CERTIFICATE-----
Generated at Tue Oct 10 18:46:15 2023 by rpki-client on console-ams.rpki-client.org