Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q61_xKyHwzXu5dDyCQ1CahXsCtM.roa
File: Q61_xKyHwzXu5dDyCQ1CahXsCtM.roa (raw, json)
Hash identifier: EJ2YfwGDyN17wo0Sif2a069tA9e6jNNHaWvw9kjzWM4=
Subject key identifier: 43:AD:7F:C4:AC:87:C3:35:EE:E5:D0:F2:09:0D:42:6A:15:EC:0A:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185FCE9576D0538BEF7DD17546A4D68A9DC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q61_xKyHwzXu5dDyCQ1CahXsCtM.roa
Signing time: Sun 29 Jan 2023 09:43:48 +0000
ROA not before: Sun 29 Jan 2023 09:43:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 193.124.8.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.138.0/23 maxlen: 23
194.87.136.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.12.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.180.0/22 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fc:e9:57:6d:05:38:be:f7:dd:17:54:6a:4d:68:a9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 09:43:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ad7fc4ac87c335eee5d0f2090d426a15ec0ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:40:45:01:45:a1:bc:9a:f7:0b:8b:f0:20:65:
00:e3:55:53:41:e6:23:d5:5b:2a:d0:be:a5:7d:1b:
6d:c6:28:6e:80:9c:d9:d6:4f:18:24:38:9a:d7:8c:
94:72:e1:f1:34:df:c5:ef:6f:c2:21:7d:e9:2e:e8:
66:27:f5:4e:eb:a1:9e:a2:86:e7:57:08:be:f2:e0:
23:8b:6a:04:5b:f7:31:b1:c0:46:c4:e8:8f:9e:3d:
88:b4:a3:8d:2e:c5:8a:80:60:51:a1:e9:c7:00:d7:
93:00:ee:67:25:7a:a3:a2:fc:95:a9:72:83:b9:b6:
9e:52:43:b5:1c:6e:eb:5c:f7:26:57:01:62:7d:e3:
db:8c:7b:a9:26:e4:fc:51:84:99:8b:b7:5f:92:bc:
ec:3a:2b:ce:b2:60:07:37:c5:2d:3d:24:2c:05:9b:
43:45:f6:9d:bc:05:eb:73:c2:8b:11:f6:bb:c8:4a:
44:d0:bf:92:e7:a0:6f:c6:e5:93:34:85:da:29:76:
f8:79:fc:b4:8f:38:76:73:23:94:d2:2c:a1:45:a6:
74:8c:6a:76:32:22:48:9d:a6:26:8d:e2:d3:e7:8e:
4e:b5:53:ec:d1:19:4e:59:76:b9:7e:89:f4:1a:71:
fa:fd:5e:db:67:c2:27:51:77:e1:ab:b0:75:7a:0c:
f9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AD:7F:C4:AC:87:C3:35:EE:E5:D0:F2:09:0D:42:6A:15:EC:0A:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Q61_xKyHwzXu5dDyCQ1CahXsCtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.172.0/24
192.124.178.0/24
192.124.180.0/22
193.124.8.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.203.0/24
193.124.207.0/24
194.58.38.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.58.59.0/24
194.87.3.0/24
194.87.6.0/23
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.22.0/24
194.87.24.0/22
194.87.56.0/24
194.87.82.0/23
194.87.104.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.122.0/23
194.87.126.0/24
194.87.136.0/24
194.87.138.0/23
194.87.149.0/24
194.87.165.0/24
194.87.171.0/24
194.87.177.0/24
194.87.190.0/24
194.87.198.0/23
194.87.202.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.12.0/24
195.133.55.0/24
195.133.94.0/24
195.133.193.0-195.133.195.255
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:57:dc:cf:47:fc:44:55:71:f8:89:64:98:a1:db:b9:87:c2:
ad:bc:7a:98:6e:e1:4b:80:60:5e:99:1c:d2:d4:1b:3d:89:6c:
85:84:55:e0:89:bb:a0:11:db:00:49:bf:60:ba:6b:98:b4:59:
2b:84:96:aa:59:93:fb:29:32:a6:fc:14:20:5f:af:de:2d:99:
c0:78:95:a4:79:84:d0:8e:fd:21:0a:87:ca:f6:e6:6a:06:cb:
33:1b:59:fc:3d:ce:f5:1b:85:92:b4:fb:24:22:90:61:3b:7c:
22:12:f9:99:a1:bb:13:f3:32:c4:9d:1b:8d:c8:3d:e3:f8:b9:
72:b1:9f:81:17:5e:c8:f9:73:10:e7:0c:3a:82:9c:5e:c7:f0:
90:88:e6:2b:ff:f0:3f:d8:ef:3d:c5:37:97:41:70:6c:94:31:
eb:b9:fb:04:06:5b:6d:d0:52:9d:d8:cd:6b:e4:2b:07:0b:b7:
58:1a:e0:3f:0c:f5:0c:cf:60:a7:d8:a1:b4:eb:f9:37:d0:19:
bf:d4:d1:14:56:52:a7:3b:75:83:59:7d:71:50:e0:26:80:a8:
57:15:86:31:4a:aa:5c:d4:cf:c6:7f:1f:33:86:3d:96:79:bf:
40:36:d7:d9:6f:7d:90:c7:b5:51:2a:51:38:dc:51:db:e6:a5:
bc:aa:92:d8
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAYX86VdtBTi+990XVGpNaKncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI5MDk0MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FkN2ZjNGFjODdjMzM1ZWVlNWQwZjIwOTBkNDI2YTE1ZWMwYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0BFAUWhvJr3C4vwIGUA41VTQeYj
1Vsq0L6lfRttxihugJzZ1k8YJDia14yUcuHxNN/F72/CIX3pLuhmJ/VO66Geoobn
Vwi+8uAji2oEW/cxscBGxOiPnj2ItKONLsWKgGBRoenHANeTAO5nJXqjovyVqXKD
ubaeUkO1HG7rXPcmVwFifePbjHupJuT8UYSZi7dfkrzsOivOsmAHN8UtPSQsBZtD
RfadvAXrc8KLEfa7yEpE0L+S56BvxuWTNIXaKXb4efy0jzh2cyOU0iyhRaZ0jGp2
MiJInaYmjeLT545OtVPs0RlOWXa5fon0GnH6/V7bZ8InUXfhq7B1egz5DQIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFEOtf8Ssh8M17uXQ8gkNQmoV7ArTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUTYxX3hLeUh3elh1NWREeUNRMUNhaFhzQ3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCCAVAEAgABMIIB
SAMEAMB8rAMEAMB8sgMEAsB8tAMEAMF8CAMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
ywMEAMF8zwMEAMI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQAwlcDAwQB
wlcGMAwDBADCVwsDBADCVwwDBADCVxADBADCVxYDBALCVxgDBADCVzgDBAHCV1ID
BADCV2gwDAMEAcJXcgMEAMJXdAMEAMJXdgMEAcJXegMEAMJXfgMEAMJXiAMEAcJX
igMEAMJXlQMEAMJXpQMEAMJXqwMEAMJXsQMEAMJXvgMEAcJXxgMEAMJXygMEAcJX
0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQA
w4VeMAwDBADDhcEDBALDhcADBAHUwAADBAHUwNADBADUwQADBADUwQwwDQYJKoZI
hvcNAQELBQADggEBAC1X3M9H/ERVcfiJZJih27mHwq28ephu4UuAYF6ZHNLUGz2J
bIWEVeCJu6AR2wBJv2C6a5i0WSuElqpZk/spMqb8FCBfr94tmcB4laR5hNCO/SEK
h8r25moGyzMbWfw9zvUbhZK0+yQikGE7fCIS+ZmhuxPzMsSdG43IPeP4uXKxn4EX
Xsj5cxDnDDqCnF7H8JCI5iv/8D/Y7z3FN5dBcGyUMeu5+wQGW23QUp3YzWvkKwcL
t1ga4D8M9QzPYKfYobTr+TfQGb/U0RRWUqc7dYNZfXFQ4CaAqFcVhjFKqlzUz8Z/
HzOGPZZ5v0A219lvfZDHtVEqUTjcUdvmpbyqktg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org