Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QHIFOvk5MU8R0rJuV9Zlb-km3t8.roa
File: QHIFOvk5MU8R0rJuV9Zlb-km3t8.roa (raw, json)
Hash identifier: CA5GOiPnVmjc47y943nnh2t2huMJwPKeVgkIr9Jum/Q=
Subject key identifier: 40:72:05:3A:F9:39:31:4F:11:D2:B2:6E:57:D6:65:6F:E9:26:DE:DF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189CFF357F554CC053E21BBFD183DEBD6DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QHIFOvk5MU8R0rJuV9Zlb-km3t8.roa
Signing time: Mon 07 Aug 2023 12:22:58 +0000
ROA not before: Mon 07 Aug 2023 12:22:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 194.87.3.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:f3:57:f5:54:cc:05:3e:21:bb:fd:18:3d:eb:d6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 7 12:22:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4072053af939314f11d2b26e57d6656fe926dedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:51:f3:08:44:56:36:ec:51:83:d4:da:db:
90:0e:9e:62:fd:d1:58:38:15:1e:a5:3d:73:31:50:
35:0d:ad:57:cf:e7:31:a3:5a:4c:23:3d:24:28:60:
d5:27:7c:42:a5:83:39:f3:10:7c:64:c8:9f:13:16:
e4:3e:b6:8f:7d:44:8f:d0:ca:ee:b5:74:99:b1:29:
6d:3f:46:7f:59:7b:c0:3e:c9:a3:99:f0:8e:ca:b2:
95:1f:63:53:52:ea:11:01:9d:e5:c7:a4:a4:c1:1b:
73:9a:6e:cb:f8:e6:e2:f8:cd:c7:61:15:82:d3:d2:
8b:b3:02:a7:c8:21:8c:6c:42:85:15:36:a2:15:b7:
f3:c9:e4:6c:5d:65:4e:bb:c6:a8:7e:2e:a4:57:46:
5f:11:3a:e8:e7:20:18:fd:32:7e:6c:f6:6b:62:e5:
b3:8e:c0:6b:2e:36:2f:5e:f1:5b:2e:58:29:ed:9e:
15:82:6b:28:d8:18:a9:36:cf:1e:1b:bf:bf:a3:67:
ae:2d:89:e2:03:10:c0:bb:a9:c2:29:56:ab:75:dc:
e1:6c:e5:ea:46:f0:f9:23:55:15:94:82:1d:51:5c:
b0:6a:93:5c:d0:d5:7a:57:46:0a:5b:1d:8c:db:3e:
20:9f:77:f9:b8:2b:61:14:9a:12:43:ab:66:77:a0:
45:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:72:05:3A:F9:39:31:4F:11:D2:B2:6E:57:D6:65:6F:E9:26:DE:DF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QHIFOvk5MU8R0rJuV9Zlb-km3t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.3.0/24
194.87.16.0/24
194.87.34.0/24
194.87.42.0/24
194.87.86.0/24
194.87.91.0/24
194.87.104.0/24
194.87.117.0-194.87.120.255
194.87.176.0/23
194.87.188.0/24
195.58.56.0/24
195.58.61.0-195.58.62.255
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:31:cb:b0:6f:8c:43:80:c4:c0:88:74:ac:16:ce:c5:c2:1e:
87:8d:35:6d:d0:e1:ac:9b:0e:72:1b:c1:e5:e8:d5:00:91:d8:
5b:73:ab:03:4c:fc:6f:a6:92:d9:d7:13:0f:e1:40:cf:f8:fb:
00:71:63:93:08:ff:bf:8e:d0:c7:e5:8d:20:75:cc:ef:57:ad:
41:2c:ee:03:c8:13:f7:c5:dc:2e:d2:42:54:df:26:8d:c8:a7:
aa:3a:bc:64:23:c9:ef:aa:04:22:e8:78:84:0c:46:e9:46:79:
9f:7b:6a:15:7a:41:4e:12:d8:d7:2e:f5:f7:9d:44:f3:9e:e6:
dc:15:c6:cf:7f:3d:eb:a6:95:1a:fc:b1:6d:1a:c3:52:ab:66:
a8:4f:28:1b:b6:d7:b4:89:41:4d:38:8a:bf:d3:1e:82:5e:13:
b2:85:d5:6b:58:05:e6:f3:be:e0:68:5c:c0:b8:e1:0d:19:5a:
42:0a:6f:53:91:7e:bc:6a:a0:71:7f:59:f7:62:44:b2:1d:c6:
f4:85:c6:6b:4b:7e:20:0c:74:e5:48:75:f9:46:0f:5a:b2:a1:
76:c9:ee:4c:f7:16:43:8e:d2:de:36:7c:7c:74:66:1a:bf:d1:
33:63:4f:5c:78:49:96:4a:12:56:b8:70:1e:db:63:ec:7d:ec:
e3:e6:a4:f9
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYnP81f1VMwFPiG7/Rg969bfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA3MTIyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcyMDUzYWY5MzkzMTRmMTFkMmIyNmU1N2Q2NjU2ZmU5MjZkZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZxR8whEVjbsUYPU2tuQDp5i/dFY
OBUepT1zMVA1Da1Xz+cxo1pMIz0kKGDVJ3xCpYM58xB8ZMifExbkPraPfUSP0Mru
tXSZsSltP0Z/WXvAPsmjmfCOyrKVH2NTUuoRAZ3lx6SkwRtzmm7L+Obi+M3HYRWC
09KLswKnyCGMbEKFFTaiFbfzyeRsXWVOu8aofi6kV0ZfETro5yAY/TJ+bPZrYuWz
jsBrLjYvXvFbLlgp7Z4Vgmso2BipNs8eG7+/o2euLYniAxDAu6nCKVarddzhbOXq
RvD5I1UVlIIdUVywapNc0NV6V0YKWx2M2z4gn3f5uCthFJoSQ6tmd6BFUQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFEByBTr5OTFPEdKyblfWZW/pJt7fMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUUhJRk92azVNVThSMHJKdVY5WmxiLWttM3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAwlcDAwQA
wlcQAwQAwlciAwQAwlcqAwQAwldWAwQAwldbAwQAwldoMAwDBADCV3UDBADCV3gD
BAHCV7ADBADCV7wDBADDOjgwDAMEAMM6PQMEAMM6PgMEANTACDANBgkqhkiG9w0B
AQsFAAOCAQEAXTHLsG+MQ4DEwIh0rBbOxcIeh401bdDhrJsOchvB5ejVAJHYW3Or
A0z8b6aS2dcTD+FAz/j7AHFjkwj/v47Qx+WNIHXM71etQSzuA8gT98XcLtJCVN8m
jcinqjq8ZCPJ76oEIuh4hAxG6UZ5n3tqFXpBThLY1y71951E857m3BXGz38966aV
GvyxbRrDUqtmqE8oG7bXtIlBTTiKv9Megl4TsoXVa1gF5vO+4GhcwLjhDRlaQgpv
U5F+vGqgcX9Z92JEsh3G9IXGa0t+IAx05Uh1+UYPWrKhdsnuTPcWQ47S3jZ8fHRm
Gr/RM2NPXHhJlkoSVrhwHttj7H3s4+ak+Q==
-----END CERTIFICATE-----
Generated at Mon Aug 7 13:54:01 2023 by rpki-client on console-ams.rpki-client.org