Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tnqt176eOfENYsc7lthXCNw2py0.roa
File: Tnqt176eOfENYsc7lthXCNw2py0.roa (raw, json)
Hash identifier: 1voiI7r9BlsQ2r0ygxYFypgbPxGkQ4sgLe1zPdcIouk=
Subject key identifier: 4E:7A:AD:D7:BE:9E:39:F1:0D:62:C7:3B:96:D8:57:08:DC:36:A7:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C87E7B4D04774B8C22CF1A8F2EB453521
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tnqt176eOfENYsc7lthXCNw2py0.roa
Signing time: Wed 20 Dec 2023 15:45:58 +0000
ROA not before: Wed 20 Dec 2023 15:45:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
212.193.5.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:e7:b4:d0:47:74:b8:c2:2c:f1:a8:f2:eb:45:35:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 20 15:45:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e7aadd7be9e39f10d62c73b96d85708dc36a72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:53:f7:91:30:c7:f0:da:7c:30:0a:e4:06:8c:
85:7e:36:5b:51:e3:0e:a5:1a:1d:40:e5:08:d3:e5:
90:52:e2:84:08:5d:8e:79:1a:80:86:5d:75:df:44:
f0:6e:d4:0b:f6:7c:94:7a:43:2c:d8:b2:d2:ba:b3:
aa:d9:61:fc:a6:af:86:f4:22:7e:d1:bf:27:00:a7:
cd:d1:c1:2d:11:f8:71:3d:b4:4a:9b:44:e4:01:c9:
86:c2:11:e1:30:b4:d4:fe:c5:79:af:5c:1f:83:4c:
d6:84:5b:2f:76:57:12:e9:aa:0f:b6:df:36:10:95:
dc:d0:7a:63:e4:e7:72:c9:ba:e1:f6:32:ee:7d:e1:
18:c9:11:28:09:19:c5:1a:80:e6:2f:bf:0b:61:3b:
c5:34:11:e6:c9:98:a1:6d:90:3a:78:66:81:04:4a:
a9:49:09:ee:01:54:3c:5a:19:4e:93:e9:cc:01:38:
a8:40:5a:1a:52:f5:39:35:06:16:39:f1:80:86:45:
74:2b:9d:41:05:7a:9a:a8:91:2d:ab:dd:1d:bc:30:
14:5c:c1:74:42:6d:34:8f:c6:9e:d3:30:ba:b9:83:
b9:d8:af:53:d5:86:52:01:33:c6:ae:41:93:e1:f6:
4e:0f:88:dd:33:6e:f0:17:8b:ce:93:c7:a3:f7:f8:
79:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7A:AD:D7:BE:9E:39:F1:0D:62:C7:3B:96:D8:57:08:DC:36:A7:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tnqt176eOfENYsc7lthXCNw2py0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.11.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d7:01:c9:36:27:7a:be:47:a3:e9:4d:9a:a3:18:e3:c2:9b:
52:89:5f:c9:9b:8c:24:ee:a6:28:2d:05:ab:30:bb:09:9b:8f:
11:5e:08:7b:a7:86:fb:67:72:75:b6:46:51:7f:0d:48:0c:be:
95:f0:27:ab:7e:69:b6:26:d6:92:6c:93:95:55:64:60:09:c6:
2b:6d:a9:89:92:c2:e8:71:de:55:73:09:cd:38:07:33:78:a9:
ef:ab:8d:e2:b6:8a:f0:77:a6:5c:a2:c8:c7:eb:57:3c:56:97:
88:29:ba:37:dc:3c:85:9f:ab:b5:c7:8f:e9:db:b4:59:35:15:
41:17:63:64:3b:1d:f0:32:02:a2:8d:91:18:6d:ed:e4:c0:b5:
db:46:09:19:6c:2d:11:9d:95:23:5c:4b:79:52:fa:6b:6b:fd:
89:2d:5a:7f:e9:60:11:7b:ba:c6:48:ad:98:49:65:74:3f:0b:
7f:fe:14:81:04:aa:55:b1:b3:d0:94:bb:ba:a8:59:2e:e8:7b:
c4:5c:d8:d5:a8:92:4d:ba:37:32:d8:51:ab:26:4c:51:e0:3a:
46:e6:7c:17:36:7b:16:90:36:79:2d:a3:84:96:6e:e1:71:9d:
15:30:81:7c:c4:cc:24:cb:e7:66:e6:90:af:89:a5:d3:f6:5b:
e2:fe:b2:f0
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYyH57TQR3S4wizxqPLrRTUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjIwMTU0NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdhYWRkN2JlOWUzOWYxMGQ2MmM3M2I5NmQ4NTcwOGRjMzZhNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFP3kTDH8Np8MArkBoyFfjZbUeMO
pRodQOUI0+WQUuKECF2OeRqAhl1130TwbtQL9nyUekMs2LLSurOq2WH8pq+G9CJ+
0b8nAKfN0cEtEfhxPbRKm0TkAcmGwhHhMLTU/sV5r1wfg0zWhFsvdlcS6aoPtt82
EJXc0Hpj5Odyybrh9jLufeEYyREoCRnFGoDmL78LYTvFNBHmyZihbZA6eGaBBEqp
SQnuAVQ8WhlOk+nMATioQFoaUvU5NQYWOfGAhkV0K51BBXqaqJEtq90dvDAUXMF0
Qm00j8ae0zC6uYO52K9T1YZSATPGrkGT4fZOD4jdM27wF4vOk8ej9/h5ZwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFE56rde+njnxDWLHO5bYVwjcNqctMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVG5xdDE3NmVPZkVOWXNjN2x0aFhDTncycHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAMEAcM6OgME
AcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEAMOFwgMEANTACwMEANTBBTAN
BgkqhkiG9w0BAQsFAAOCAQEAFtcByTYner5Ho+lNmqMY48KbUolfyZuMJO6mKC0F
qzC7CZuPEV4Ie6eG+2dydbZGUX8NSAy+lfAnq35ptibWkmyTlVVkYAnGK22piZLC
6HHeVXMJzTgHM3ip76uN4raK8HemXKLIx+tXPFaXiCm6N9w8hZ+rtceP6du0WTUV
QRdjZDsd8DICoo2RGG3t5MC120YJGWwtEZ2VI1xLeVL6a2v9iS1af+lgEXu6xkit
mElldD8Lf/4UgQSqVbGz0JS7uqhZLuh7xFzY1aiSTbo3MthRqyZMUeA6RuZ8FzZ7
FpA2eS2jhJZu4XGdFTCBfMTMJMvnZuaQr4ml0/Zb4v6y8A==
-----END CERTIFICATE-----
Generated at Fri Dec 22 04:31:00 2023 by rpki-client on console-fra.rpki-client.org