Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZnQKucQPkNSv7ZeOBuCGO5HqwgI.roa
File: ZnQKucQPkNSv7ZeOBuCGO5HqwgI.roa (raw, json)
Hash identifier: tpnX+f1kzLlHVz1vFfZ6t0y42UdBIPRgAPbaebsHviw=
Subject key identifier: 66:74:0A:B9:C4:0F:90:D4:AF:ED:97:8E:06:E0:86:3B:91:EA:C2:02
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1FE446894B4A1EE17FCB3DA2D1F489C8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZnQKucQPkNSv7ZeOBuCGO5HqwgI.roa
Signing time: Wed 11 Oct 2023 17:58:55 +0000
ROA not before: Wed 11 Oct 2023 17:58:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:e4:46:89:4b:4a:1e:e1:7f:cb:3d:a2:d1:f4:89:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 17:58:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66740ab9c40f90d4afed978e06e0863b91eac202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:fd:01:54:dd:10:29:5e:76:46:96:ef:72:
14:ac:1d:f6:80:62:de:fd:98:be:42:67:3a:eb:e1:
01:e8:8b:ba:d1:db:ee:3b:15:66:08:0d:b7:e3:6b:
43:de:d4:3b:bb:13:7b:22:6b:f7:b0:e8:36:2d:f7:
cc:8d:20:75:2b:02:09:41:cf:a9:c6:3a:6f:5e:32:
27:de:70:c0:3d:48:b0:e0:41:a8:56:b8:2e:da:24:
24:91:f7:03:88:45:b1:11:99:dc:c2:af:83:6b:92:
83:fd:f8:bc:4b:2c:23:a0:e9:a7:ee:a5:c1:de:84:
16:b1:bc:29:06:7a:1d:a0:a2:52:c6:34:e1:e1:fd:
97:f0:8b:83:ec:fb:be:6c:9d:9a:fb:f7:e3:9e:f8:
b0:2b:ec:5c:6b:dc:89:b7:19:71:db:29:e6:85:d9:
d1:e8:f0:c0:e2:dd:35:83:e7:30:df:1a:18:7f:7a:
2a:ab:01:35:38:e0:ba:9f:fe:57:bd:51:44:b7:57:
e4:e0:a2:56:8c:ce:4f:0c:42:21:41:63:a4:ef:37:
f5:bd:16:3a:d8:27:f2:1b:59:12:15:d7:c7:7e:5b:
3d:c7:06:4f:2b:e7:cd:de:76:64:65:71:74:8d:69:
01:77:6e:8f:37:b6:04:81:9c:75:97:bd:b8:09:87:
c9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:74:0A:B9:C4:0F:90:D4:AF:ED:97:8E:06:E0:86:3B:91:EA:C2:02
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZnQKucQPkNSv7ZeOBuCGO5HqwgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.220.0/24
194.87.222.0/24
194.135.18.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.37.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
77:0b:26:e7:4b:8a:d1:d8:60:ec:cc:2a:f1:d6:5c:32:a0:81:
f3:ef:d9:e6:d1:2f:d9:0b:64:27:3d:f7:1a:c4:e3:95:ef:d6:
47:b1:13:40:40:06:36:f2:66:6c:58:93:3d:55:ed:76:3b:5e:
6d:c1:24:17:51:de:29:fb:c2:8c:78:3f:89:05:1a:2d:51:5a:
60:dc:71:df:c4:9d:9d:69:f1:16:bf:a6:5e:2b:7d:d5:c6:fb:
e6:b2:18:d5:fd:f9:f9:21:a2:45:1f:1f:ee:7f:18:06:75:90:
90:8d:1c:68:98:c9:d2:ae:57:57:39:80:92:19:da:f5:29:90:
46:b9:55:32:1b:0a:b3:c4:3b:ae:4d:87:28:19:c0:32:36:f4:
1b:62:14:69:b8:15:cb:87:9e:ec:df:20:09:4a:e3:80:8d:cf:
5d:4d:21:e1:5f:de:12:f7:b2:3c:1e:85:fc:50:c4:6a:cc:8e:
1a:5a:35:42:8a:21:53:c6:9f:cd:a9:ea:d0:6d:9c:d7:3d:bc:
ff:48:06:1b:0b:60:cf:8f:7b:79:3f:ff:ba:99:d2:4f:c5:c3:
ca:2e:ea:f6:4d:5f:6a:b4:b7:ac:f2:5d:b0:22:66:64:20:24:
35:32:d1:42:89:70:63:28:05:3a:16:12:e1:1c:ec:1d:59:f4:
e5:0e:af:18
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAYsf5EaJS0oe4X/LPaLR9InIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTc1ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc0MGFiOWM0MGY5MGQ0YWZlZDk3OGUwNmUwODYzYjkxZWFjMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuT9AVTdECledkaW73IUrB32gGLe
/Zi+Qmc66+EB6Iu60dvuOxVmCA2342tD3tQ7uxN7Imv3sOg2LffMjSB1KwIJQc+p
xjpvXjIn3nDAPUiw4EGoVrgu2iQkkfcDiEWxEZncwq+Da5KD/fi8SywjoOmn7qXB
3oQWsbwpBnodoKJSxjTh4f2X8IuD7Pu+bJ2a+/fjnviwK+xca9yJtxlx2ynmhdnR
6PDA4t01g+cw3xoYf3oqqwE1OOC6n/5XvVFEt1fk4KJWjM5PDEIhQWOk7zf1vRY6
2CfyG1kSFdfHfls9xwZPK+fN3nZkZXF0jWkBd26PN7YEgZx1l724CYfJQwIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFGZ0CrnED5DUr+2XjgbghjuR6sICMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWm5RS3VjUVBrTlN2N1plT0J1Q0dPNUhxd2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCCASAEAgABMIIB
GAMEAMB8sgMEAMB8tQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQA
wleDMAwDBADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74D
BADCV8gDBADCV9wDBADCV94DBADChxIDBADDOjYDBAHDOjoDBAHDOj4DBADDhQAD
BAHDhQYDBADDhR4DBADDhSUDBAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZI
hvcNAQELBQADggEBAHcLJudLitHYYOzMKvHWXDKggfPv2ebRL9kLZCc99xrE45Xv
1kexE0BABjbyZmxYkz1V7XY7Xm3BJBdR3in7wox4P4kFGi1RWmDccd/EnZ1p8Ra/
pl4rfdXG++ayGNX9+fkhokUfH+5/GAZ1kJCNHGiYydKuV1c5gJIZ2vUpkEa5VTIb
CrPEO65NhygZwDI29BtiFGm4FcuHnuzfIAlK44CNz11NIeFf3hL3sjwehfxQxGrM
jhpaNUKKIVPGn82p6tBtnNc9vP9IBhsLYM+Pe3k//7qZ0k/Fw8ou6vZNX2q0t6zy
XbAiZmQgJDUy0UKJcGMoBToWEuEc7B1Z9OUOrxg=
-----END CERTIFICATE-----
Generated at Wed Oct 18 12:35:12 2023 by rpki-client on console-fra.rpki-client.org