Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QOQr9LucMeWpPtBEiZeeAmheFDs.roa
File: QOQr9LucMeWpPtBEiZeeAmheFDs.roa (raw, json)
Hash identifier: MhZgdekLQsW6m9bQW2WkqZJ4S2aNEnhpZxjajkXXj3Y=
Subject key identifier: 40:E4:2B:F4:BB:9C:31:E5:A9:3E:D0:44:89:97:9E:02:68:5E:14:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186BB8569357AC17694401EB9A812B78D9B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QOQr9LucMeWpPtBEiZeeAmheFDs.roa
Signing time: Tue 07 Mar 2023 10:02:07 +0000
ROA not before: Tue 07 Mar 2023 10:02:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.58.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
212.192.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:85:69:35:7a:c1:76:94:40:1e:b9:a8:12:b7:8d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 10:02:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e42bf4bb9c31e5a93ed04489979e02685e143b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:07:8e:df:61:78:3d:ed:a7:3f:9e:f7:78:
9b:61:69:71:35:ee:f4:c4:6b:69:72:d6:c1:16:17:
52:6f:03:16:e4:ee:f7:3c:46:97:0e:6b:15:9f:2c:
1a:f7:3f:bc:a4:1e:a9:4e:df:66:1e:2b:8b:49:f9:
ba:34:33:5c:ab:6e:6e:a9:3b:f7:66:cd:e8:75:29:
a4:4a:11:0d:4f:e0:8c:80:99:5d:ff:83:0d:f7:78:
de:a1:ce:8d:5c:9b:81:70:54:b3:07:74:66:9e:09:
3d:91:4d:d6:6b:84:88:03:f0:5a:18:99:72:13:b9:
64:10:18:ad:c8:aa:e0:87:ce:08:e4:2c:c0:46:34:
4f:51:a6:62:cc:67:c0:f3:0f:31:a9:ae:f0:ca:4b:
3e:05:c8:4f:5b:34:9b:ea:ae:57:d6:ce:e9:13:0c:
ed:02:04:ec:00:c7:8d:30:70:7b:d8:8a:dd:c5:a1:
3d:2f:46:b2:52:68:0f:63:87:a3:2f:63:00:c1:2f:
14:e4:d3:8c:f7:8f:3c:54:e8:0c:4b:83:58:7b:63:
32:f0:8f:13:7b:fd:78:8a:17:c6:e9:de:6a:ef:48:
07:21:c2:70:c2:5f:b5:1c:6f:fb:5f:db:66:cd:7a:
0c:52:b5:33:5d:1b:d1:11:1c:97:4e:ca:d4:05:0a:
1f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:2B:F4:BB:9C:31:E5:A9:3E:D0:44:89:97:9E:02:68:5E:14:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QOQr9LucMeWpPtBEiZeeAmheFDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.126.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.193.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.192.211.0/24
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
80:99:d1:0d:94:9e:4f:11:ec:94:c2:60:56:c3:61:76:cc:68:
d5:0d:3a:42:16:70:f8:cf:c9:3d:75:90:99:3e:3c:36:45:6e:
a8:dc:ca:37:91:e9:66:b0:de:87:a8:02:e5:6c:0b:f4:eb:8d:
0e:e8:9c:62:4f:ce:b7:84:b2:dc:0f:da:4c:5e:f7:e7:19:0a:
9c:76:cf:54:a9:6f:3e:04:3f:3d:a3:40:35:7f:d5:33:06:16:
8c:27:ae:52:ee:2d:93:91:27:f6:e6:1c:91:a6:aa:51:c5:58:
e5:50:6b:98:0b:63:80:ab:c8:ce:4d:d5:06:3f:bb:c4:18:e9:
4d:11:df:9f:63:cf:b6:0a:62:48:d7:06:b6:67:20:f9:01:29:
97:c5:e9:54:99:79:4d:d1:1c:53:d9:75:a3:d5:a6:45:c5:86:
8b:3c:64:40:ab:88:d1:2f:01:4a:f5:5c:99:7b:21:0d:98:de:
f0:85:9d:c9:fe:b1:4b:54:11:39:cf:e6:c6:4c:c0:7f:2b:e9:
7c:e8:9e:f7:88:fd:dd:3c:60:10:9b:f5:0e:5c:a1:7e:39:31:
4f:2d:fd:94:b1:13:99:bb:f6:15:fd:e4:5b:d5:f9:ce:66:89:
e8:54:b5:12:a7:14:7d:c0:50:de:67:cb:6c:bf:1b:7d:2c:da:
6a:85:21:93
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYa7hWk1esF2lEAeuagSt42bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA3MTAwMjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0MmJmNGJiOWMzMWU1YTkzZWQwNDQ4OTk3OWUwMjY4NWUxNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUgHjt9heD3tpz+e93ibYWlxNe70
xGtpctbBFhdSbwMW5O73PEaXDmsVnywa9z+8pB6pTt9mHiuLSfm6NDNcq25uqTv3
Zs3odSmkShENT+CMgJld/4MN93jeoc6NXJuBcFSzB3Rmngk9kU3Wa4SIA/BaGJly
E7lkEBityKrgh84I5CzARjRPUaZizGfA8w8xqa7wyks+BchPWzSb6q5X1s7pEwzt
AgTsAMeNMHB72IrdxaE9L0ayUmgPY4ejL2MAwS8U5NOM9488VOgMS4NYe2My8I8T
e/14ihfG6d5q70gHIcJwwl+1HG/7X9tmzXoMUrUzXRvRERyXTsrUBQofswIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFEDkK/S7nDHlqT7QRImXngJoXhQ7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUU9RcjlMdWNNZVdwUHRCRWlaZWVBbWhlRkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBADA
fLYDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgMEAMJXGwME
AMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwld+AwQAwleIAwQAwlelAwQAwler
AwQAwlfGAwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoyMAwDBALDOjQDBAbDOgADBADD
hTcDBADDhcEDBADDhcMDBAHUwAADBAHUwNADBADUwNMDBADUwQADBADUwQwwDQYJ
KoZIhvcNAQELBQADggEBAICZ0Q2Unk8R7JTCYFbDYXbMaNUNOkIWcPjPyT11kJk+
PDZFbqjcyjeR6Waw3oeoAuVsC/TrjQ7onGJPzreEstwP2kxe9+cZCpx2z1Spbz4E
Pz2jQDV/1TMGFownrlLuLZORJ/bmHJGmqlHFWOVQa5gLY4CryM5N1QY/u8QY6U0R
359jz7YKYkjXBrZnIPkBKZfF6VSZeU3RHFPZdaPVpkXFhos8ZECriNEvAUr1XJl7
IQ2Y3vCFncn+sUtUETnP5sZMwH8r6XzonveI/d08YBCb9Q5coX45MU8t/ZSxE5m7
9hX95FvV+c5miehUtRKnFH3AUN5ny2y/G30s2mqFIZM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org