Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0FFaDN3JpTRfWHqIN0Ekqhj8uY.roa
File: O0FFaDN3JpTRfWHqIN0Ekqhj8uY.roa (raw, json)
Hash identifier: FUsnbfYkQ+cFFoIyfpIbd8HkIFnzG4HCaavBHnFWIdc=
Subject key identifier: 3B:41:45:68:33:77:26:94:D1:7D:61:EA:20:DD:04:92:A8:63:F2:E6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189B625D07838DD2B34D825A34580AD474B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0FFaDN3JpTRfWHqIN0Ekqhj8uY.roa
Signing time: Wed 02 Aug 2023 12:07:58 +0000
ROA not before: Wed 02 Aug 2023 12:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:25:d0:78:38:dd:2b:34:d8:25:a3:45:80:ad:47:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 2 12:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b41456833772694d17d61ea20dd0492a863f2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:eb:02:93:82:e4:5b:41:cf:5b:d8:e0:5c:58:
63:ce:3e:d7:a1:9f:96:ce:07:6c:db:4a:b5:d6:74:
c6:a1:31:8b:a6:70:76:22:09:91:8b:03:5a:37:50:
8f:30:7a:de:3e:57:20:0f:f7:35:97:7c:cd:94:96:
96:4f:a9:8c:7c:32:18:b6:11:fd:a3:4a:1e:c2:1d:
67:c0:04:11:1d:86:44:f6:dd:93:9c:11:0e:1d:b8:
45:97:02:68:74:a2:f5:68:10:c8:7e:49:ee:cb:d5:
03:24:9c:61:73:31:38:7e:e5:b3:17:1b:91:bf:29:
98:78:55:c9:83:41:38:ae:ac:2a:ed:dc:e3:da:ce:
78:89:11:5c:be:e2:70:a0:b8:7b:e5:e2:1a:3d:4f:
e9:43:f7:c2:3c:e9:22:52:5f:a8:d2:8e:d8:58:08:
c6:65:3c:60:cf:e0:90:75:58:a3:79:c5:37:02:69:
df:76:1b:0c:82:1e:34:a8:1a:99:c7:2c:a0:ba:ef:
40:6f:5e:98:98:15:06:57:03:bf:ae:1b:0d:bd:87:
f0:2d:47:b7:87:59:6f:65:4a:a2:a4:c7:d6:c6:ea:
29:ad:af:5f:c6:47:9f:12:99:2e:12:15:07:c4:08:
ce:18:10:0e:2b:3c:1c:57:d9:71:97:1a:e0:79:05:
20:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:41:45:68:33:77:26:94:D1:7D:61:EA:20:DD:04:92:A8:63:F2:E6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O0FFaDN3JpTRfWHqIN0Ekqhj8uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.3.0/24
194.87.16.0/24
194.87.34.0/24
194.87.42.0/24
194.87.86.0/24
194.87.91.0/24
194.87.104.0/24
194.87.117.0-194.87.120.255
194.87.176.0/23
194.87.188.0/24
195.58.59.0/24
195.58.61.0-195.58.62.255
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
26:42:fb:b9:e9:90:70:fc:91:ce:8f:26:1a:f3:48:96:d6:52:
86:22:7c:78:82:94:75:ef:23:e4:c1:45:90:70:01:42:40:50:
b2:e3:86:9f:6e:be:b7:c1:71:11:0c:3e:00:42:e3:29:9f:71:
4e:ec:05:42:df:49:d5:84:a0:80:d0:c2:b0:de:ea:fb:48:aa:
82:be:69:fa:35:bd:86:5c:58:15:4e:fe:db:64:8c:f1:4b:03:
5a:0c:c0:55:4c:26:69:5e:77:8b:4c:b2:04:a1:bc:e9:55:4f:
dc:e9:f6:85:a4:88:e8:75:f2:a6:dc:a5:f8:ce:0f:98:88:d1:
6f:51:3b:05:a5:f5:21:bb:ed:0b:da:74:c3:a8:4e:66:d6:c9:
6a:bb:99:a4:bc:a7:34:41:b5:85:e9:e1:81:2c:9b:8c:88:a4:
5e:e9:46:ce:f8:ea:eb:f2:7a:62:96:b1:f0:c0:6e:3b:6d:c5:
7a:f1:ba:82:04:87:84:db:b7:7f:29:0b:83:2a:e1:f5:ab:84:
0c:75:57:34:51:d7:b3:52:8c:ac:81:c9:98:df:32:9f:5b:4e:
85:be:e0:98:da:2d:32:46:83:c5:55:7c:e3:a8:24:cc:6c:af:
e4:d7:4f:ce:e6:35:23:7f:d1:9a:1b:11:0e:85:db:ef:99:6f:
1b:b7:1a:f5
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYm2JdB4ON0rNNglo0WArUdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAyMTIwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQxNDU2ODMzNzcyNjk0ZDE3ZDYxZWEyMGRkMDQ5MmE4NjNmMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+sCk4LkW0HPW9jgXFhjzj7XoZ+W
zgds20q11nTGoTGLpnB2IgmRiwNaN1CPMHrePlcgD/c1l3zNlJaWT6mMfDIYthH9
o0oewh1nwAQRHYZE9t2TnBEOHbhFlwJodKL1aBDIfknuy9UDJJxhczE4fuWzFxuR
vymYeFXJg0E4rqwq7dzj2s54iRFcvuJwoLh75eIaPU/pQ/fCPOkiUl+o0o7YWAjG
ZTxgz+CQdVijecU3AmnfdhsMgh40qBqZxyyguu9Ab16YmBUGVwO/rhsNvYfwLUe3
h1lvZUqipMfWxuopra9fxkefEpkuEhUHxAjOGBAOKzwcV9lxlxrgeQUgzwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDtBRWgzdyaU0X1h6iDdBJKoY/LmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzBGRmFETjNKcFRSZldIcUlOMEVrcWhqOHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAwlcDAwQA
wlcQAwQAwlciAwQAwlcqAwQAwldWAwQAwldbAwQAwldoMAwDBADCV3UDBADCV3gD
BAHCV7ADBADCV7wDBADDOjswDAMEAMM6PQMEAMM6PgMEANTACDANBgkqhkiG9w0B
AQsFAAOCAQEAJkL7uemQcPyRzo8mGvNIltZShiJ8eIKUde8j5MFFkHABQkBQsuOG
n26+t8FxEQw+AELjKZ9xTuwFQt9J1YSggNDCsN7q+0iqgr5p+jW9hlxYFU7+22SM
8UsDWgzAVUwmaV53i0yyBKG86VVP3On2haSI6HXyptyl+M4PmIjRb1E7BaX1Ibvt
C9p0w6hOZtbJaruZpLynNEG1henhgSybjIikXulGzvjq6/J6Ypax8MBuO23FevG6
ggSHhNu3fykLgyrh9auEDHVXNFHXs1KMrIHJmN8yn1tOhb7gmNotMkaDxVV846gk
zGyv5NdPzuY1I3/RmhsRDoXb75lvG7ca9Q==
-----END CERTIFICATE-----
Generated at Mon Aug 7 07:11:37 2023 by rpki-client on console-ams.rpki-client.org