Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LfNNvfTN4YujobwuhbpS9OGax3k.roa
File: LfNNvfTN4YujobwuhbpS9OGax3k.roa (raw, json)
Hash identifier: Ugcw43WYtdqjK0NjgzXRNoDDqwgi5aVPLoz3IdA46CU=
Subject key identifier: 2D:F3:4D:BD:F4:CD:E1:8B:A3:A1:BC:2E:85:BA:52:F4:E1:9A:C7:79
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C3E72E147D9BAF384AEB530AEC70B067F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LfNNvfTN4YujobwuhbpS9OGax3k.roa
Signing time: Wed 06 Dec 2023 09:26:05 +0000
ROA not before: Wed 06 Dec 2023 09:26:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:72:e1:47:d9:ba:f3:84:ae:b5:30:ae:c7:0b:06:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 6 09:26:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2df34dbdf4cde18ba3a1bc2e85ba52f4e19ac779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:99:a1:f5:c8:a9:81:1d:4f:4f:80:34:5d:7b:
b3:c4:7d:94:10:9b:cc:f6:75:19:79:d9:d3:f3:82:
7d:91:8d:44:17:f9:65:e0:fe:fa:1c:1f:e4:5e:fe:
ab:05:2b:5d:8d:3d:f8:c0:b8:8f:bf:6d:8e:5a:dd:
25:6a:b8:49:ff:16:2c:83:15:18:a0:71:a5:69:87:
2b:16:cb:14:f6:7f:e4:c0:a2:06:07:d4:e5:82:a7:
05:4c:3f:a2:81:2f:06:f0:32:be:82:76:01:26:d9:
76:ef:e6:16:bc:e0:88:0b:24:d0:dc:28:94:13:c2:
ac:05:d9:a3:0a:3e:eb:b7:6d:97:90:43:d8:60:d9:
f7:63:0c:9a:1a:b9:fa:ad:bc:0d:5a:80:8b:c4:ec:
0a:7c:dd:46:93:8a:02:d4:d3:8b:52:56:6c:a5:72:
16:94:41:0d:47:36:43:29:43:93:20:10:7a:a3:a7:
8b:f8:01:96:64:ce:4b:4e:e4:d0:7f:85:72:10:6c:
3e:da:59:1b:6e:28:8f:62:53:8b:3b:9a:7c:64:ed:
d3:63:2a:b3:fd:ad:b9:bf:71:e0:cd:f6:ae:5a:62:
71:48:6c:c4:c8:97:eb:e9:37:f9:f8:54:91:72:0d:
cd:6e:cd:b5:e9:d3:53:04:a7:3b:a9:cb:ef:83:f2:
02:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F3:4D:BD:F4:CD:E1:8B:A3:A1:BC:2E:85:BA:52:F4:E1:9A:C7:79
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LfNNvfTN4YujobwuhbpS9OGax3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
39:5b:a8:dc:e3:e7:48:5a:50:d8:39:7c:e2:de:77:df:ea:16:
de:46:85:e6:30:58:6d:8b:65:b0:8c:eb:e3:3b:2b:3b:10:8a:
7a:87:4e:52:de:69:35:bd:39:64:09:88:6d:e6:27:fd:33:04:
c0:b0:23:04:3f:5d:99:ed:13:6f:4d:75:9f:bb:47:d7:37:0e:
1d:cc:12:17:53:58:2c:ad:a5:45:02:a3:5c:44:c0:fd:63:73:
a8:08:51:ba:b6:13:c6:ec:01:f3:71:6b:e8:24:bb:5c:09:aa:
d4:29:7d:83:27:0e:31:92:df:54:07:8a:01:4f:14:ae:15:46:
9a:6c:86:6d:77:86:3b:34:ef:b6:22:53:41:3a:71:89:3f:93:
bf:27:34:35:da:43:ab:47:fb:b5:e7:de:22:f9:3b:0f:e7:c3:
73:6d:72:e1:86:19:be:9a:f3:d1:c6:95:c9:7f:15:e2:3b:77:
04:0f:1f:f0:af:cb:59:70:14:a0:2c:3c:30:7c:87:2d:82:7c:
66:47:b6:2c:c9:a3:73:dd:d6:17:89:38:d6:23:04:e8:3e:8a:
02:52:c5:87:44:51:53:0b:59:76:fb:ac:a6:fe:ac:bd:08:11:
17:ce:96:16:2e:32:49:59:db:0d:42:cb:45:d7:f8:9d:c3:b4:
26:67:d9:33
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYw+cuFH2brzhK61MK7HCwZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA2MDkyNjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGYzNGRiZGY0Y2RlMThiYTNhMWJjMmU4NWJhNTJmNGUxOWFjNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJmh9cipgR1PT4A0XXuzxH2UEJvM
9nUZednT84J9kY1EF/ll4P76HB/kXv6rBStdjT34wLiPv22OWt0larhJ/xYsgxUY
oHGlaYcrFssU9n/kwKIGB9TlgqcFTD+igS8G8DK+gnYBJtl27+YWvOCICyTQ3CiU
E8KsBdmjCj7rt22XkEPYYNn3YwyaGrn6rbwNWoCLxOwKfN1Gk4oC1NOLUlZspXIW
lEENRzZDKUOTIBB6o6eL+AGWZM5LTuTQf4VyEGw+2lkbbiiPYlOLO5p8ZO3TYyqz
/a25v3HgzfauWmJxSGzEyJfr6Tf5+FSRcg3Nbs216dNTBKc7qcvvg/ICAwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFC3zTb30zeGLo6G8LoW6UvThmsd5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTGZOTnZmVE40WXVqb2J3dWhicFM5T0dheDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAMEAcM6OgME
AcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwMEANTA1jANBgkqhkiG
9w0BAQsFAAOCAQEAOVuo3OPnSFpQ2Dl84t533+oW3kaF5jBYbYtlsIzr4zsrOxCK
eodOUt5pNb05ZAmIbeYn/TMEwLAjBD9dme0Tb011n7tH1zcOHcwSF1NYLK2lRQKj
XETA/WNzqAhRurYTxuwB83Fr6CS7XAmq1Cl9gycOMZLfVAeKAU8UrhVGmmyGbXeG
OzTvtiJTQTpxiT+Tvyc0NdpDq0f7tefeIvk7D+fDc21y4YYZvprz0caVyX8V4jt3
BA8f8K/LWXAUoCw8MHyHLYJ8Zke2LMmjc93WF4k41iME6D6KAlLFh0RRUwtZdvus
pv6svQgRF86WFi4ySVnbDULLRdf4ncO0JmfZMw==
-----END CERTIFICATE-----
Generated at Wed Dec 6 19:39:43 2023 by rpki-client on console-ams.rpki-client.org