Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XY0xZDTReWVq4Sfk5qJqtF1mPhg.roa
File: XY0xZDTReWVq4Sfk5qJqtF1mPhg.roa (raw, json)
Hash identifier: ortq2V8HsRqN3zStAKBPmK2fQUBTU9/b23nDN3DI84c=
Subject key identifier: 5D:8D:31:64:34:D1:79:65:6A:E1:27:E4:E6:A2:6A:B4:5D:66:3E:18
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189920EC8C61B38288CFD29C0F1BC834B36
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XY0xZDTReWVq4Sfk5qJqtF1mPhg.roa
Signing time: Wed 26 Jul 2023 11:56:29 +0000
ROA not before: Wed 26 Jul 2023 11:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:0e:c8:c6:1b:38:28:8c:fd:29:c0:f1:bc:83:4b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 26 11:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8d316434d179656ae127e4e6a26ab45d663e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:37:79:36:0d:7f:0a:1f:1f:3d:5c:8c:70:6a:
52:42:35:80:79:06:2b:a3:59:e9:07:f6:0b:22:4f:
1b:ca:0b:2b:4d:6f:27:ff:fb:fb:85:41:1b:19:9d:
37:36:1b:cb:7b:88:05:48:e6:26:fd:09:4b:c4:0f:
eb:81:ae:92:9d:72:a8:bc:ec:46:19:b3:e1:f7:2b:
e9:22:c4:cd:5b:a1:d2:6a:c3:36:fb:c6:57:59:d3:
91:2f:33:8a:54:7e:71:ed:ab:87:8e:16:18:2c:30:
80:00:00:d4:c5:27:41:4f:e7:a2:96:06:11:1c:7b:
0c:92:e8:85:4c:c6:6f:09:a0:36:dc:13:0d:d5:a6:
6d:57:96:0e:4d:21:1b:75:ac:0e:41:78:4d:96:0c:
f1:5a:27:62:aa:07:48:be:89:f7:cc:35:8e:c8:a8:
45:97:13:41:cc:b6:f7:0a:f3:b0:0d:c4:fb:4c:e3:
38:f0:73:f2:22:65:e5:49:9a:84:f6:df:27:88:b3:
eb:ca:9e:5d:a6:66:91:fc:7a:8b:dc:77:cf:3c:91:
64:57:27:be:e3:76:35:f2:33:3a:b0:25:8f:d5:a0:
7b:c0:97:bb:19:23:94:c8:dd:0d:c4:4d:42:fc:b1:
2a:35:42:40:61:0c:19:51:b6:46:04:d2:fd:df:c8:
61:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8D:31:64:34:D1:79:65:6A:E1:27:E4:E6:A2:6A:B4:5D:66:3E:18
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XY0xZDTReWVq4Sfk5qJqtF1mPhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
13:87:98:34:c0:9f:e3:61:c2:d1:9f:4a:45:34:c4:97:62:94:
1e:a7:4a:86:d8:17:fb:6b:f3:58:21:b5:fc:b4:87:d5:e4:a3:
51:96:cb:ca:e4:fd:3f:af:c4:e1:e8:bd:69:f4:08:d3:5d:52:
7c:20:5e:ee:c1:60:6e:97:7e:c8:cc:b2:ba:07:c3:be:ac:98:
fe:fd:1b:c7:b2:ab:2e:87:a8:31:b4:70:11:9d:a0:21:6a:17:
40:94:4b:60:4a:b9:00:13:a1:80:40:a5:6d:b0:e5:00:ea:90:
43:9d:dc:c2:ff:16:46:17:bb:60:1f:f8:74:d5:61:74:83:e7:
ed:6b:59:1f:84:87:49:a9:0f:92:51:4b:1b:65:dc:1d:ef:62:
f2:d5:88:de:6c:a8:36:5a:b7:a6:d6:9d:c0:32:4e:59:ac:f6:
75:88:a2:1f:61:37:b6:40:e2:9e:2c:8d:77:50:86:92:c1:c4:
e6:e6:4d:ce:1c:65:3d:5a:4e:74:f6:dd:b8:cd:31:f2:46:bd:
aa:45:31:d7:dd:51:83:9f:d8:3d:48:a8:1a:ec:ea:5f:0c:76:
74:98:d4:db:4d:35:b9:6c:64:60:fd:30:ac:b1:d6:8a:cc:bf:
d3:b3:c2:3e:b3:14:d5:6d:11:a0:b1:68:64:65:d4:2a:dd:6b:
e4:32:f4:92
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYmSDsjGGzgojP0pwPG8g0s2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI2MTE1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhkMzE2NDM0ZDE3OTY1NmFlMTI3ZTRlNmEyNmFiNDVkNjYzZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujd5Ng1/Ch8fPVyMcGpSQjWAeQYr
o1npB/YLIk8bygsrTW8n//v7hUEbGZ03NhvLe4gFSOYm/QlLxA/rga6SnXKovOxG
GbPh9yvpIsTNW6HSasM2+8ZXWdORLzOKVH5x7auHjhYYLDCAAADUxSdBT+eilgYR
HHsMkuiFTMZvCaA23BMN1aZtV5YOTSEbdawOQXhNlgzxWidiqgdIvon3zDWOyKhF
lxNBzLb3CvOwDcT7TOM48HPyImXlSZqE9t8niLPryp5dpmaR/HqL3HfPPJFkVye+
43Y18jM6sCWP1aB7wJe7GSOUyN0NxE1C/LEqNUJAYQwZUbZGBNL938hhpwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFF2NMWQ00XllauEn5OaiarRdZj4YMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWFkweFpEVFJlV1ZxNFNmazVxSnF0RjFtUGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FgMEAMB8sgMEAMB8tgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
yAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQA
wld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQAw4XCAwQA1MDxMA0GCSqGSIb3
DQEBCwUAA4IBAQATh5g0wJ/jYcLRn0pFNMSXYpQep0qG2Bf7a/NYIbX8tIfV5KNR
lsvK5P0/r8Th6L1p9AjTXVJ8IF7uwWBul37IzLK6B8O+rJj+/RvHsqsuh6gxtHAR
naAhahdAlEtgSrkAE6GAQKVtsOUA6pBDndzC/xZGF7tgH/h01WF0g+fta1kfhIdJ
qQ+SUUsbZdwd72Ly1YjebKg2Wrem1p3AMk5ZrPZ1iKIfYTe2QOKeLI13UIaSwcTm
5k3OHGU9Wk509t24zTHyRr2qRTHX3VGDn9g9SKga7OpfDHZ0mNTbTTW5bGRg/TCs
sdaKzL/Ts8I+sxTVbRGgsWhkZdQq3WvkMvSS
-----END CERTIFICATE-----
Generated at Tue Aug 1 06:45:59 2023 by rpki-client on console-ams.rpki-client.org