Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O9rbnCQhEhNLSYyiaAupTB76wRA.roa
File: O9rbnCQhEhNLSYyiaAupTB76wRA.roa (raw, json)
Hash identifier: CwwYooGexiPO52v1aj+YqGq8YfyCgQKh8d7C8fzTPok=
Subject key identifier: 3B:DA:DB:9C:24:21:12:13:4B:49:8C:A2:68:0B:A9:4C:1E:FA:C1:10
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185966FAF109C6A9FC719FF51E3AA6AE9B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O9rbnCQhEhNLSYyiaAupTB76wRA.roa
Signing time: Mon 09 Jan 2023 12:09:39 +0000
ROA not before: Mon 09 Jan 2023 12:09:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:6f:af:10:9c:6a:9f:c7:19:ff:51:e3:aa:6a:e9:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 9 12:09:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bdadb9c242112134b498ca2680ba94c1efac110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:71:a7:81:c6:2c:07:fa:88:e0:1d:4b:14:
a5:d1:ee:6f:84:82:a5:c6:76:c5:fd:b3:ad:38:83:
78:d4:2e:50:69:d7:a2:10:eb:79:5b:58:31:f7:d5:
68:c2:a4:8c:51:79:84:6e:fa:36:fe:87:49:a8:4a:
26:05:5a:56:73:d6:7f:45:8e:9e:58:1b:b4:37:5b:
ba:5d:5a:b8:76:38:a0:b2:d6:fc:b8:e9:75:b0:bc:
12:73:6d:bd:73:fb:e0:68:1e:0e:41:01:16:13:4a:
08:fa:5c:cf:6b:0f:54:fd:7f:f4:9f:1c:74:fa:14:
eb:2f:9c:be:83:ef:19:2c:2e:17:80:a1:16:82:89:
14:fb:eb:dc:06:6e:a6:85:ca:95:eb:00:7d:58:35:
54:d2:57:60:b9:f4:53:d0:f1:d2:c8:65:26:4f:ad:
3f:82:d2:cf:75:9c:99:43:f5:a5:4b:5e:3c:5e:85:
ff:27:7a:57:38:2e:55:5c:aa:cf:25:72:01:10:9c:
b1:9a:d8:29:a2:80:6d:24:98:a6:1d:0b:f8:b0:43:
58:1b:f9:f3:72:08:e5:c1:33:70:50:65:8b:87:a9:
1d:a9:fa:90:9c:87:8f:41:75:85:07:34:a1:70:ad:
d2:52:e6:fd:58:23:ae:bf:b9:02:66:7d:c9:ef:72:
50:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DA:DB:9C:24:21:12:13:4B:49:8C:A2:68:0B:A9:4C:1E:FA:C1:10
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O9rbnCQhEhNLSYyiaAupTB76wRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0-193.124.4.255
193.124.9.0/24
193.124.44.0/24
194.87.1.0/24
194.87.7.0/24
194.87.27.0/24
194.87.38.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.56.0/24
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
195.133.195.0/24
212.192.10.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:db:c9:72:c1:ab:88:19:c1:11:93:b0:50:83:2b:49:0f:b1:
f7:6a:df:c2:3e:cf:92:25:b0:b0:9b:86:e2:06:20:05:d3:14:
be:9b:8e:ef:c9:be:0c:7b:92:1a:21:96:93:9f:1b:65:86:ad:
ca:2e:12:73:9c:10:14:00:94:45:e1:36:5d:4c:4f:4d:df:54:
5d:47:24:db:ca:4b:4c:96:ce:7b:bb:ca:e4:27:fd:a6:79:5d:
4f:d0:a2:08:87:fd:6e:42:d6:40:95:21:49:7a:88:08:b0:89:
44:d1:0b:4b:55:0b:dc:69:ec:aa:cc:c3:cd:16:0d:da:4f:53:
ba:f1:c9:59:9b:36:9f:89:1a:e1:aa:a8:be:08:6d:27:90:12:
67:c0:8e:f7:a5:c5:68:8b:d7:9e:bc:84:7c:a8:46:ae:d8:54:
d6:e8:e7:5b:59:37:29:4c:9b:15:bb:bd:92:85:2b:b2:85:f6:
88:92:c1:c6:22:21:79:6e:68:9e:dc:15:c9:be:aa:f9:34:82:
4a:10:e0:81:fa:bf:d2:47:67:76:31:c3:c4:4a:5b:d3:4f:a1:
37:ef:8d:39:27:6a:45:98:52:ce:ba:7e:cb:d3:ff:55:68:e1:
a1:95:06:39:c1:de:68:62:26:65:3f:75:42:e9:3a:47:29:e3:
99:db:ec:13
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYWWb68QnGqfxxn/UeOqaum2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA5MTIwOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmRhZGI5YzI0MjExMjEzNGI0OThjYTI2ODBiYTk0YzFlZmFjMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT9xp4HGLAf6iOAdSxSl0e5vhIKl
xnbF/bOtOIN41C5QadeiEOt5W1gx99VowqSMUXmEbvo2/odJqEomBVpWc9Z/RY6e
WBu0N1u6XVq4djigstb8uOl1sLwSc229c/vgaB4OQQEWE0oI+lzPaw9U/X/0nxx0
+hTrL5y+g+8ZLC4XgKEWgokU++vcBm6mhcqV6wB9WDVU0ldgufRT0PHSyGUmT60/
gtLPdZyZQ/WlS148XoX/J3pXOC5VXKrPJXIBEJyxmtgpooBtJJimHQv4sENYG/nz
cgjlwTNwUGWLh6kdqfqQnIePQXWFBzShcK3SUub9WCOuv7kCZn3J73JQUQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFDva25wkIRITS0mMomgLqUwe+sEQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzlyYm5DUWhFaE5MU1l5aWFBdXBUQjc2d1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYwDAME
AMF8AwMEAMF8BAMEAMF8CQMEAMF8LAMEAMJXAQMEAMJXBwMEAMJXGwMEAMJXJgME
AMJXKgMEAMJXSQMEAcJXggMEAMJXpgMEAMJXqAMEAcJXsgMEAMJXuwMEAMKHEgME
AMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQAwzo4AwQAw4UAAwQAw4UeAwQAw4Uj
AwQAw4XDAwQA1MAKAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQB628lywauIGcER
k7BQgytJD7H3at/CPs+SJbCwm4biBiAF0xS+m47vyb4Me5IaIZaTnxtlhq3KLhJz
nBAUAJRF4TZdTE9N31RdRyTbyktMls57u8rkJ/2meV1P0KIIh/1uQtZAlSFJeogI
sIlE0QtLVQvcaeyqzMPNFg3aT1O68clZmzafiRrhqqi+CG0nkBJnwI73pcVoi9ee
vIR8qEau2FTW6OdbWTcpTJsVu72ShSuyhfaIksHGIiF5bmie3BXJvqr5NIJKEOCB
+r/SR2d2McPESlvTT6E37405J2pFmFLOun7L0/9VaOGhlQY5wd5oYiZlP3VC6TpH
KeOZ2+wT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org