Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O8D8AbgPap2gvWaWHlcyb61kso8.roa
File: O8D8AbgPap2gvWaWHlcyb61kso8.roa (raw, json)
Hash identifier: vVNg6CL1pAdAXNaMq+zFXYVoz7qz8pg+fc8++jL4b6k=
Subject key identifier: 3B:C0:FC:01:B8:0F:6A:9D:A0:BD:66:96:1E:57:32:6F:AD:64:B2:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AE6A75385DCC63B1D89D4E645864515CB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O8D8AbgPap2gvWaWHlcyb61kso8.roa
Signing time: Sat 30 Sep 2023 15:14:00 +0000
ROA not before: Sat 30 Sep 2023 15:14:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e6:a7:53:85:dc:c6:3b:1d:89:d4:e6:45:86:45:15:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 30 15:14:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc0fc01b80f6a9da0bd66961e57326fad64b28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:cf:2b:a1:93:b3:77:14:7b:3c:b6:54:8d:
60:d8:0d:e8:4d:bd:17:37:b4:ab:3d:25:3a:39:8a:
cf:02:24:f9:e2:af:e1:54:8e:6e:84:d5:d2:2c:72:
ac:41:23:16:93:91:02:1f:7d:d9:d6:cb:4a:6d:64:
97:ed:7f:0a:71:2e:ec:99:c9:9e:dc:af:17:85:6d:
8f:03:c9:48:dd:42:e2:08:8c:d6:f5:5b:42:85:c0:
a4:90:19:3c:18:b4:46:dd:c2:02:85:46:ec:16:0b:
35:6b:0f:39:bf:15:53:8c:d2:2c:ac:ef:bb:18:36:
1a:72:4b:db:a6:51:a5:02:c6:87:75:79:2a:92:1c:
e1:71:c7:9f:55:a0:54:78:40:1a:8f:d6:ec:8e:25:
a6:58:b3:50:91:3a:b5:ba:4c:9d:23:12:e1:1f:c0:
2d:1e:fb:a7:c9:5c:db:36:bb:3e:31:1e:06:a9:91:
d9:6b:42:36:f7:62:04:9f:4e:43:37:2b:aa:3a:d4:
68:60:40:33:d2:4c:17:a3:46:e9:8e:c1:d8:03:b4:
24:75:b8:72:2d:b0:61:68:89:33:37:01:53:b3:7d:
04:25:02:31:83:75:68:b8:f4:9e:2e:a9:57:fd:25:
7a:6c:69:04:3c:98:2d:b8:56:ae:c5:d6:43:19:d8:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C0:FC:01:B8:0F:6A:9D:A0:BD:66:96:1E:57:32:6F:AD:64:B2:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O8D8AbgPap2gvWaWHlcyb61kso8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
194.135.18.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
12:97:51:6b:4d:87:67:46:c0:b4:ef:25:8e:60:ab:2b:cf:c4:
fb:c3:1c:b1:50:81:15:cc:9c:9b:3b:fc:a7:c8:0e:8c:10:d0:
16:4c:38:38:82:c8:8c:47:54:6b:79:8a:e6:fa:ba:57:7c:7a:
9a:46:2c:8e:d7:2f:f8:54:45:d9:0a:6b:68:e4:c3:a7:94:2e:
35:68:4d:f7:85:15:f5:1d:96:20:27:27:ce:4f:10:e6:b1:22:
31:0e:db:0f:7a:14:ab:fe:dd:77:a1:59:be:e7:86:a1:c4:b2:
36:6c:5b:64:06:46:a0:57:08:fe:48:53:8c:39:27:f9:e6:e3:
e4:a3:64:4a:49:c1:b2:47:3e:2d:2b:0c:14:57:11:96:ff:66:
ff:9e:97:47:9a:e8:d4:a0:ce:fd:f0:97:d3:fe:fd:97:be:98:
3c:3f:95:2e:80:b9:fc:d4:95:0a:37:76:a4:a6:1d:d7:cb:55:
48:07:a9:fd:9f:87:77:39:4b:b6:1e:03:5b:e1:91:64:2d:08:
c2:af:0a:18:88:f8:a1:b3:1b:4a:b3:da:c5:59:d4:fa:54:f8:
b2:c7:14:b1:62:be:33:a6:db:d5:99:5e:24:87:67:7e:61:5c:
df:08:14:1d:07:0b:fd:ee:58:16:6f:e6:58:6d:96:45:a1:7a:
02:09:bf:92
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYrmp1OF3MY7HYnU5kWGRRXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTMwMTUxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMwZmMwMWI4MGY2YTlkYTBiZDY2OTYxZTU3MzI2ZmFkNjRiMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvrPK6GTs3cUezy2VI1g2A3oTb0X
N7SrPSU6OYrPAiT54q/hVI5uhNXSLHKsQSMWk5ECH33Z1stKbWSX7X8KcS7smcme
3K8XhW2PA8lI3ULiCIzW9VtChcCkkBk8GLRG3cIChUbsFgs1aw85vxVTjNIsrO+7
GDYackvbplGlAsaHdXkqkhzhccefVaBUeEAaj9bsjiWmWLNQkTq1ukydIxLhH8At
HvunyVzbNrs+MR4GqZHZa0I292IEn05DNyuqOtRoYEAz0kwXo0bpjsHYA7Qkdbhy
LbBhaIkzNwFTs30EJQIxg3VouPSeLqlX/SV6bGkEPJgtuFauxdZDGdiegwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFDvA/AG4D2qdoL1mlh5XMm+tZLKPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzhEOEFiZ1BhcDJndldhV0hsY3liNjFrc284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADChxIDBADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOF
AAMEAcOFBgMEAMOFHgMEAcOFKAMEAMOFSQMEAcOFVDANBgkqhkiG9w0BAQsFAAOC
AQEAEpdRa02HZ0bAtO8ljmCrK8/E+8McsVCBFcycmzv8p8gOjBDQFkw4OILIjEdU
a3mK5vq6V3x6mkYsjtcv+FRF2QpraOTDp5QuNWhN94UV9R2WICcnzk8Q5rEiMQ7b
D3oUq/7dd6FZvueGocSyNmxbZAZGoFcI/khTjDkn+ebj5KNkSknBskc+LSsMFFcR
lv9m/56XR5ro1KDO/fCX0/79l76YPD+VLoC5/NSVCjd2pKYd18tVSAep/Z+HdzlL
th4DW+GRZC0Iwq8KGIj4obMbSrPaxVnU+lT4sscUsWK+M6bb1ZleJIdnfmFc3wgU
HQcL/e5YFm/mWG2WRaF6Agm/kg==
-----END CERTIFICATE-----
Generated at Sat Sep 30 17:31:54 2023 by rpki-client on console-ams.rpki-client.org