Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TK3soZ3fBVd-btQTbU54smbYXxk.roa
File: TK3soZ3fBVd-btQTbU54smbYXxk.roa (raw, json)
Hash identifier: 83V4Nv8OOvhkZJQTRiyCqHbyJlHbRcEZzYowhL8UzjI=
Subject key identifier: 4C:AD:EC:A1:9D:DF:05:57:7E:6E:D4:13:6D:4E:78:B2:66:D8:5F:19
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B468D4A9CF3410F5657306DAC1F0BB62A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TK3soZ3fBVd-btQTbU54smbYXxk.roa
Signing time: Thu 19 Oct 2023 06:09:06 +0000
ROA not before: Thu 19 Oct 2023 06:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 13:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:8d:4a:9c:f3:41:0f:56:57:30:6d:ac:1f:0b:b6:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 19 06:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cadeca19ddf05577e6ed4136d4e78b266d85f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3e:c0:d4:79:d3:d4:de:5f:4f:d2:bb:64:5d:
ef:12:6f:44:c4:01:30:8d:9d:ea:f2:99:d9:85:87:
89:27:00:fc:de:2a:01:d2:52:6b:2d:59:ab:34:60:
c9:c3:0c:9b:b8:08:fd:fe:c6:1b:26:30:df:f5:5a:
c5:e2:60:93:39:98:f9:e5:63:08:3c:54:87:35:5c:
aa:2e:c3:1c:43:b2:6b:58:46:02:76:ed:fe:45:bf:
ec:1e:9c:70:41:a5:37:52:ac:5c:1d:0e:f4:3f:c9:
0a:f6:0b:b7:b2:65:26:69:a3:94:90:a7:dd:10:6f:
01:74:60:92:4e:33:22:54:50:4d:17:fc:89:07:4a:
77:45:f4:92:a1:71:78:83:11:43:5f:5c:38:d3:88:
ac:c8:0f:f1:a1:a9:31:7c:97:10:d3:de:11:50:92:
f9:ba:51:6e:f7:0b:a4:35:38:94:bb:f4:d8:d4:05:
14:9c:87:45:91:dc:de:41:af:b5:29:d2:81:97:18:
a4:9e:49:c9:bd:a4:c2:de:ba:00:1c:18:e1:94:71:
19:7e:58:3e:83:24:c5:72:3e:e9:8a:c3:4a:57:af:
d6:1c:8f:b8:c9:2f:e6:13:84:a8:fa:a6:fa:ce:06:
50:0b:2c:a3:04:4d:94:dd:29:09:6f:ee:89:4c:eb:
2f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AD:EC:A1:9D:DF:05:57:7E:6E:D4:13:6D:4E:78:B2:66:D8:5F:19
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TK3soZ3fBVd-btQTbU54smbYXxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.220.0/24
194.87.222.0/24
194.135.18.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:82:6a:41:63:39:68:0c:ef:90:80:bb:f9:87:80:b2:61:8f:
29:75:af:39:c7:d9:15:1e:5b:d5:31:b7:0b:b4:97:b7:84:d1:
85:f7:bc:f1:2c:57:66:5a:9a:da:7e:a5:32:3b:ef:cb:2a:25:
d7:86:f2:1c:70:41:21:c8:1c:1a:5b:b9:b1:8a:72:e3:ef:e8:
ca:63:13:c3:be:9c:c1:1c:aa:c5:9a:de:3e:47:f5:55:f7:05:
dd:bf:ac:3e:8d:99:18:a3:43:b3:18:cf:df:18:5e:8f:f1:4e:
96:aa:2e:cb:fd:fe:67:38:d3:8a:ac:31:cf:89:b5:62:22:d1:
12:5d:76:d2:8f:17:2a:b3:6f:c8:f5:1c:8a:dc:e2:c1:05:57:
66:29:11:d8:44:b4:14:a7:0f:e4:5e:38:5a:d0:55:ca:7d:4c:
e2:44:9d:be:77:84:20:19:e5:78:61:85:45:96:65:5a:3d:79:
8e:0a:da:14:23:25:f4:79:6f:51:f1:1e:25:02:60:a8:8a:ae:
ba:b5:61:85:87:98:cc:60:3a:59:14:8f:2d:fd:8a:12:0f:44:
55:64:c3:3f:0f:64:b7:f2:8f:2b:82:08:cb:4b:72:48:28:0b:
a9:8f:6d:1d:c8:31:05:d6:96:79:7c:cc:8c:b8:43:23:49:cb:
07:99:8a:99
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYtGjUqc80EPVlcwbawfC7YqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE5MDYwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FkZWNhMTlkZGYwNTU3N2U2ZWQ0MTM2ZDRlNzhiMjY2ZDg1ZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z7A1HnT1N5fT9K7ZF3vEm9ExAEw
jZ3q8pnZhYeJJwD83ioB0lJrLVmrNGDJwwybuAj9/sYbJjDf9VrF4mCTOZj55WMI
PFSHNVyqLsMcQ7JrWEYCdu3+Rb/sHpxwQaU3UqxcHQ70P8kK9gu3smUmaaOUkKfd
EG8BdGCSTjMiVFBNF/yJB0p3RfSSoXF4gxFDX1w404isyA/xoakxfJcQ094RUJL5
ulFu9wukNTiUu/TY1AUUnIdFkdzeQa+1KdKBlxiknknJvaTC3roAHBjhlHEZflg+
gyTFcj7pisNKV6/WHI+4yS/mE4So+qb6zgZQCyyjBE2U3SkJb+6JTOsv5wIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFEyt7KGd3wVXfm7UE21OeLJm2F8ZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVEszc29aM2ZCVmQtYnRRVGJVNTRzbWJZWHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAMB8sgMEAMB8tQMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV74DBADCV8gDBADCV9wD
BADCV94DBADChxIDBADDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4D
BAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEBAFqCakFj
OWgM75CAu/mHgLJhjyl1rznH2RUeW9Uxtwu0l7eE0YX3vPEsV2Zamtp+pTI778sq
JdeG8hxwQSHIHBpbubGKcuPv6MpjE8O+nMEcqsWa3j5H9VX3Bd2/rD6NmRijQ7MY
z98YXo/xTpaqLsv9/mc404qsMc+JtWIi0RJddtKPFyqzb8j1HIrc4sEFV2YpEdhE
tBSnD+ReOFrQVcp9TOJEnb53hCAZ5XhhhUWWZVo9eY4K2hQjJfR5b1HxHiUCYKiK
rrq1YYWHmMxgOlkUjy39ihIPRFVkwz8PZLfyjyuCCMtLckgoC6mPbR3IMQXWlnl8
zIy4QyNJyweZipk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org