Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UapzSYkv4KtdvMevdF78VN_vLdc.roa
File: UapzSYkv4KtdvMevdF78VN_vLdc.roa (raw, json)
Hash identifier: NtCYadYsrPY3O8BTj+2Ru8A6Ms4i9c7/SDOGT47wsO4=
Subject key identifier: 51:AA:73:49:89:2F:E0:AB:5D:BC:C7:AF:74:5E:FC:54:DF:EF:2D:D7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A09128CFFB67C9FAAC3058C793C9B70E7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UapzSYkv4KtdvMevdF78VN_vLdc.roa
Signing time: Fri 18 Aug 2023 14:35:25 +0000
ROA not before: Fri 18 Aug 2023 14:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Aug 2023 17:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:12:8c:ff:b6:7c:9f:aa:c3:05:8c:79:3c:9b:70:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 18 14:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51aa7349892fe0ab5dbcc7af745efc54dfef2dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:1a:37:27:6f:44:92:b2:8f:d1:f2:ef:e0:
e3:6a:fe:51:02:86:72:95:c8:62:6e:d1:60:62:b3:
c6:cc:b9:33:37:c3:8c:a7:97:26:4f:af:17:a3:ae:
97:b0:1c:cd:47:6a:ed:62:f2:b9:7c:aa:ff:d7:7a:
85:0d:a4:f3:31:3b:1c:dd:c6:8e:c4:f7:be:75:f8:
06:d0:58:00:cd:ea:5a:8d:17:27:52:a6:c5:88:1d:
34:95:57:78:a7:ac:58:cd:ef:9c:78:47:88:d7:fb:
ab:6c:46:0e:2f:e5:99:44:c9:3c:6f:46:1f:34:d2:
4c:eb:02:c5:dd:ec:fd:2c:83:0e:c7:f9:0f:7f:d1:
cb:77:4d:9e:da:0b:2a:63:2d:4a:bc:73:8c:0c:98:
55:e0:51:d4:c0:55:79:fb:aa:e0:b1:03:8a:1c:af:
90:4f:e0:02:51:3c:ce:f8:74:61:91:41:0b:e7:72:
d6:73:e3:22:8d:df:5f:33:52:e2:44:61:8a:ee:d3:
72:8e:96:53:d6:ee:0b:3f:5c:be:8d:87:63:5c:03:
69:bd:5e:30:2a:ef:d6:86:b5:44:e1:af:2c:53:cf:
c7:79:6a:bd:01:6e:0f:59:36:95:f3:cc:b0:3a:40:
81:c3:c8:74:9a:9a:59:a3:a0:a6:31:9e:9a:b3:f5:
de:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AA:73:49:89:2F:E0:AB:5D:BC:C7:AF:74:5E:FC:54:DF:EF:2D:D7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UapzSYkv4KtdvMevdF78VN_vLdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/24
194.87.134.0/23
194.87.151.0/24
194.87.168.0/24
194.87.177.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.73.0/24
195.133.84.0/23
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:84:4e:6c:c7:3f:80:ae:a4:96:8a:90:1e:3b:9f:1d:00:ab:
35:f6:fe:4c:28:3c:d6:d8:1a:41:9d:8a:85:b8:bd:75:b8:07:
9d:73:23:ac:dc:2d:0c:3c:52:b6:ea:62:23:10:15:3e:a7:77:
c5:34:ca:09:96:ad:c6:da:b0:8f:2a:04:56:99:4f:5d:4b:f3:
d9:0c:c3:46:7c:97:c5:cd:3b:f3:f1:67:3d:51:3f:8e:35:ff:
11:98:a8:49:eb:1a:30:2b:a9:5a:d8:a9:45:de:5b:ef:ef:0b:
01:bc:ea:8f:cc:01:0b:9e:a2:54:85:5d:c6:db:5e:c2:c4:e1:
50:0a:e3:da:ec:da:0c:d7:c4:88:37:73:62:49:8f:3b:a9:5f:
95:db:38:75:16:dd:43:cc:81:1d:e5:22:b3:e1:d8:52:6d:30:
bf:85:12:92:5c:47:40:23:90:d5:0b:87:aa:e7:39:d0:3e:7e:
47:9d:d4:f7:b3:3c:15:13:4a:cf:25:5a:c7:bd:4d:b3:7c:da:
79:97:85:27:23:1d:82:e3:6e:58:93:4d:58:83:76:29:e0:80:
a7:0f:d8:84:54:a9:14:33:c1:a8:60:62:a2:5c:fc:9a:af:99:
0f:7b:1a:15:eb:8f:46:98:fa:86:93:5c:b2:81:37:9c:a0:d9:
6a:68:75:4a
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYoJEoz/tnyfqsMFjHk8m3DnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE4MTQzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWFhNzM0OTg5MmZlMGFiNWRiY2M3YWY3NDVlZmM1NGRmZWYyZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1waNydvRJKyj9Hy7+Djav5RAoZy
lchibtFgYrPGzLkzN8OMp5cmT68Xo66XsBzNR2rtYvK5fKr/13qFDaTzMTsc3caO
xPe+dfgG0FgAzepajRcnUqbFiB00lVd4p6xYze+ceEeI1/urbEYOL+WZRMk8b0Yf
NNJM6wLF3ez9LIMOx/kPf9HLd02e2gsqYy1KvHOMDJhV4FHUwFV5+6rgsQOKHK+Q
T+ACUTzO+HRhkUEL53LWc+Mijd9fM1LiRGGK7tNyjpZT1u4LP1y+jYdjXANpvV4w
Ku/WhrVE4a8sU8/HeWq9AW4PWTaV88ywOkCBw8h0mppZo6CmMZ6as/XeqQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFFGqc0mJL+CrXbzHr3Re/FTf7y3XMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWFwelNZa3Y0S3Rkdk1ldmRGNzhWTl92TGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
wHyyAwQAwHy2AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjovAwQAwjqaAwQA
wlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADCV0kDBADCV1MD
BADCV2wDBAHCV3IDBADCV3oDBADCV3wDBADCV4IDBAHCV4YDBADCV5cDBADCV6gD
BADCV7EDBADCV7MDBADCV74DBADCV8gDBADCV94DBADDOiQDBADDOjYDBAHDOjoD
BAHDOj4DBADDhQADBAHDhQYDBADDhR4DBADDhUkDBAHDhVQDBADUwPEwDQYJKoZI
hvcNAQELBQADggEBADuETmzHP4CupJaKkB47nx0AqzX2/kwoPNbYGkGdioW4vXW4
B51zI6zcLQw8UrbqYiMQFT6nd8U0ygmWrcbasI8qBFaZT11L89kMw0Z8l8XNO/Px
Zz1RP441/xGYqEnrGjArqVrYqUXeW+/vCwG86o/MAQueolSFXcbbXsLE4VAK49rs
2gzXxIg3c2JJjzupX5XbOHUW3UPMgR3lIrPh2FJtML+FEpJcR0AjkNULh6rnOdA+
fked1PezPBUTSs8lWse9TbN82nmXhScjHYLjbliTTViDdinggKcP2IRUqRQzwahg
YqJc/JqvmQ97GhXrj0aY+oaTXLKBN5yg2WpodUo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org