Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SgfyVnv70m2FBpd1vpEfapgiT2w.roa
File: SgfyVnv70m2FBpd1vpEfapgiT2w.roa (raw, json)
Hash identifier: 4zTQGb40rN+7hX3/fpANVPZ6LU/K62pZLsngqzGmlx0=
Subject key identifier: 4A:07:F2:56:7B:FB:D2:6D:85:06:97:75:BE:91:1F:6A:98:22:4F:6C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C16D1414FF3F9667F18D6BBDC6D5209A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SgfyVnv70m2FBpd1vpEfapgiT2w.roa
Signing time: Tue 28 Nov 2023 16:44:21 +0000
ROA not before: Tue 28 Nov 2023 16:44:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
193.124.203.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:d1:41:4f:f3:f9:66:7f:18:d6:bb:dc:6d:52:09:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 16:44:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a07f2567bfbd26d85069775be911f6a98224f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:45:8c:8b:8d:eb:1f:76:5f:12:96:04:41:0c:
ff:9b:ac:aa:6d:10:34:e5:fc:f8:c5:a7:dc:51:29:
be:e0:20:f8:b0:28:6e:95:37:e5:c3:7c:09:78:88:
12:0b:2b:ad:33:b3:4e:98:22:df:ae:ba:f6:14:23:
bb:d9:b4:44:dc:0e:12:e8:58:9c:25:89:bf:e6:21:
52:c4:19:29:ca:58:ce:d8:70:d2:31:39:e8:ab:6f:
8c:52:d1:25:15:38:de:e2:6f:da:78:97:28:aa:e5:
99:96:e0:d6:b4:a5:d7:e8:c7:14:c3:ca:e5:6e:e3:
53:f0:52:4a:1d:36:44:43:80:57:e3:c2:07:bc:70:
51:32:fd:ad:b4:63:a0:c7:68:67:5e:1f:e3:2d:df:
d2:db:6a:aa:4f:f1:86:78:9a:4a:7b:88:35:1a:f8:
0f:5e:15:1d:c4:90:1f:56:7e:33:e5:d7:4d:7b:ca:
7c:64:35:ab:7d:72:5f:9e:1e:22:bc:40:d0:bc:b6:
31:7d:05:72:0b:40:93:19:65:ee:2c:be:6a:17:7c:
43:51:b5:a9:4a:ba:08:8f:5e:38:3e:2e:1e:ab:54:
ec:50:f5:2f:54:04:27:76:46:5f:10:f2:4a:06:e2:
67:9c:da:78:2e:49:49:1e:8d:cf:a9:97:cc:df:7e:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:07:F2:56:7B:FB:D2:6D:85:06:97:75:BE:91:1F:6A:98:22:4F:6C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SgfyVnv70m2FBpd1vpEfapgiT2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
193.124.203.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:48:66:58:25:d5:09:30:92:61:ce:2a:32:46:d7:ba:d7:ff:
1b:6e:85:32:7a:45:bb:48:19:59:60:d2:60:55:31:97:32:40:
a9:9f:42:5e:11:e0:78:d7:a6:ce:2a:4f:0b:e8:e1:4d:16:34:
1f:2c:94:4d:f6:c7:9d:0c:51:b6:84:d8:c2:70:70:5e:26:f5:
fd:38:f8:17:a9:50:c7:54:8d:15:c4:2a:f9:d3:7a:58:02:72:
1f:20:37:77:4b:f4:5c:a5:7b:d2:fb:3a:8e:32:33:ed:95:40:
60:f5:ef:2e:b5:6f:9a:4c:3b:e7:82:f9:9c:fd:0a:57:7a:09:
df:97:2b:79:f6:dc:5e:8e:13:e6:e9:1e:bf:1d:b1:31:a6:5c:
30:ca:69:87:54:6f:0a:e0:e6:07:5a:ec:c4:a0:c7:79:d7:8c:
4c:40:c8:32:e7:78:47:20:1b:7a:f1:6c:29:bb:9e:c8:f8:97:
1e:5f:ec:4a:da:f0:38:22:a7:1a:20:4c:30:93:98:ae:5a:24:
5e:f4:e7:d7:dc:c7:ca:ed:c5:94:f4:21:c6:22:0e:6e:d7:2f:
59:57:37:66:03:30:b0:3f:d0:f2:e4:fb:6e:1c:9f:94:a0:4f:
e4:61:b2:5c:18:32:a5:f0:57:7c:41:45:97:0f:79:e0:4d:56:
d7:42:09:d9
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYwW0UFP8/lmfxjWu9xtUgmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI4MTY0NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA3ZjI1NjdiZmJkMjZkODUwNjk3NzViZTkxMWY2YTk4MjI0ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EWMi43rH3ZfEpYEQQz/m6yqbRA0
5fz4xafcUSm+4CD4sChulTflw3wJeIgSCyutM7NOmCLfrrr2FCO72bRE3A4S6Fic
JYm/5iFSxBkpyljO2HDSMTnoq2+MUtElFTje4m/aeJcoquWZluDWtKXX6McUw8rl
buNT8FJKHTZEQ4BX48IHvHBRMv2ttGOgx2hnXh/jLd/S22qqT/GGeJpKe4g1GvgP
XhUdxJAfVn4z5ddNe8p8ZDWrfXJfnh4ivEDQvLYxfQVyC0CTGWXuLL5qF3xDUbWp
SroIj144Pi4eq1TsUPUvVAQndkZfEPJKBuJnnNp4LklJHo3PqZfM337q+QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFEoH8lZ7+9JthQaXdb6RH2qYIk9sMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU2dmeVZudjcwbTJGQnBkMXZwRWZhcGdpVDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADBfMgDBADBfMsDBADCOi8DBADC
VwEwDAMEAMJXCwMEAMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwME
AMJXaAMEAMJXbAMEAcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswME
AMJXyAMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwME
ANTA1jANBgkqhkiG9w0BAQsFAAOCAQEAbEhmWCXVCTCSYc4qMkbXutf/G26FMnpF
u0gZWWDSYFUxlzJAqZ9CXhHgeNemzipPC+jhTRY0HyyUTfbHnQxRtoTYwnBwXib1
/Tj4F6lQx1SNFcQq+dN6WAJyHyA3d0v0XKV70vs6jjIz7ZVAYPXvLrVvmkw754L5
nP0KV3oJ35crefbcXo4T5ukevx2xMaZcMMpph1RvCuDmB1rsxKDHedeMTEDIMud4
RyAbevFsKbueyPiXHl/sStrwOCKnGiBMMJOYrlokXvTn19zHyu3FlPQhxiIObtcv
WVc3ZgMwsD/Q8uT7bhyflKBP5GGyXBgypfBXfEFFlw954E1W10IJ2Q==
-----END CERTIFICATE-----
Generated at Wed Nov 29 09:35:40 2023 by rpki-client on console-ams.rpki-client.org