Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a_NuyOd-AbzxM9UBZFYzBnVLdfI.roa
File: a_NuyOd-AbzxM9UBZFYzBnVLdfI.roa (raw, json)
Hash identifier: AbuEfuirO/JHBwDLOG3CFjUXeGHJhs68z8+kNrkSQEM=
Subject key identifier: 6B:F3:6E:C8:E7:7E:01:BC:F1:33:D5:01:64:56:33:06:75:4B:75:F2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A980A0DAE5805FCAD6BFDD335F8EF5B19
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a_NuyOd-AbzxM9UBZFYzBnVLdfI.roa
Signing time: Fri 15 Sep 2023 08:51:50 +0000
ROA not before: Fri 15 Sep 2023 08:51:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:0a:0d:ae:58:05:fc:ad:6b:fd:d3:35:f8:ef:5b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 15 08:51:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bf36ec8e77e01bcf133d50164563306754b75f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:33:b8:b1:cf:ed:65:30:42:03:81:94:70:
2b:1f:ea:eb:fe:6d:3f:fe:0d:0e:10:94:2c:47:e8:
c4:eb:5e:60:e4:80:4d:4e:f9:65:16:5a:4b:2e:ab:
63:f6:56:a1:53:20:2b:79:c0:58:e9:0d:89:3c:f0:
74:62:52:ba:a6:cf:b7:29:26:73:c6:e2:c4:75:cb:
f6:0c:16:7e:4e:d9:98:94:0a:d9:c6:b3:41:9a:0d:
46:1d:d2:e2:ba:76:4f:e4:4f:5d:53:2f:ee:b0:98:
08:d0:68:43:96:00:d1:fb:6d:07:bf:b0:4c:4b:7c:
b3:4e:91:8e:62:8f:b4:75:ec:cd:6b:b6:02:35:03:
43:3f:8a:87:f2:e6:d9:b8:ca:74:da:a2:95:21:9e:
1a:72:22:d9:82:af:8f:6d:c5:d8:02:06:dc:85:19:
b3:e9:80:0b:44:f2:40:3d:46:77:4b:50:35:a8:05:
78:df:83:fc:2e:98:46:85:c0:7b:c6:0b:1c:39:11:
0c:6a:2a:6b:da:4d:1d:0a:bd:bb:8b:d5:03:0a:d7:
c2:a2:aa:9e:af:07:c5:8a:55:1c:3e:d6:e3:fc:c6:
e8:0a:68:61:5f:24:5f:4d:53:9d:f9:df:a6:9b:fb:
83:bd:b6:50:63:54:d5:25:9b:fc:fb:76:cf:27:a0:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F3:6E:C8:E7:7E:01:BC:F1:33:D5:01:64:56:33:06:75:4B:75:F2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a_NuyOd-AbzxM9UBZFYzBnVLdfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.21.0/24
194.87.26.0/23
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
12:54:34:1a:38:74:68:50:21:e0:3b:60:72:e9:68:19:3a:15:
7f:b0:59:ec:4c:84:c9:fd:93:7c:8a:e9:d1:f5:72:5f:11:6d:
df:69:1f:4e:06:24:7f:ca:71:b6:73:3a:d8:07:79:1b:4a:f0:
81:81:0c:03:f1:e1:c9:50:4e:6f:6e:14:d5:03:74:c3:50:91:
3b:97:7a:b5:35:96:20:6a:44:f8:27:33:29:37:7e:68:86:52:
25:0f:45:51:bc:5a:5d:06:35:10:f1:23:bc:eb:ef:2f:c3:df:
71:eb:6a:e9:c8:ef:4f:f0:ab:d0:df:3c:e9:1f:8f:92:6b:6e:
5c:6d:4a:2d:3c:68:d4:c1:81:1e:3e:58:ba:aa:4b:6f:27:d1:
dc:7f:a5:d8:ed:1f:87:71:aa:1f:11:c4:de:94:33:d6:33:86:
bd:1a:ee:0e:3f:44:d4:46:35:46:6d:b7:7f:c0:55:d8:97:af:
2d:27:a1:35:15:c7:98:75:a5:35:31:10:1c:23:1f:be:d7:b3:
3a:99:d4:98:5c:8a:fe:d2:f7:eb:f0:10:53:6f:bb:6c:8a:c3:
f2:d0:87:8c:43:57:a8:c7:24:3d:d7:d3:84:24:21:f3:3c:5a:
61:48:f3:7d:0f:52:d6:3d:94:bb:b4:3b:07:8d:f7:7f:a5:d0:
16:f6:19:f1
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYqYCg2uWAX8rWv90zX471sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE1MDg1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYzNmVjOGU3N2UwMWJjZjEzM2Q1MDE2NDU2MzMwNjc1NGI3NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql4zuLHP7WUwQgOBlHArH+rr/m0/
/g0OEJQsR+jE615g5IBNTvllFlpLLqtj9lahUyArecBY6Q2JPPB0YlK6ps+3KSZz
xuLEdcv2DBZ+TtmYlArZxrNBmg1GHdLiunZP5E9dUy/usJgI0GhDlgDR+20Hv7BM
S3yzTpGOYo+0dezNa7YCNQNDP4qH8ubZuMp02qKVIZ4aciLZgq+PbcXYAgbchRmz
6YALRPJAPUZ3S1A1qAV434P8LphGhcB7xgscOREMaipr2k0dCr27i9UDCtfCoqqe
rwfFilUcPtbj/MboCmhhXyRfTVOd+d+mm/uDvbZQY1TVJZv8+3bPJ6DI4wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFGvzbsjnfgG88TPVAWRWMwZ1S3XyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYV9OdXlPZC1BYnp4TTlVQlpGWXpCblZMZGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcVAwQBwlcaAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwDBADCV4UD
BAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gDBADCV94D
BADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOF
HgMEAcOFKAMEAMOFSQMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAElQ0Gjh0aFAh
4DtgculoGToVf7BZ7EyEyf2TfIrp0fVyXxFt32kfTgYkf8pxtnM62Ad5G0rwgYEM
A/HhyVBOb24U1QN0w1CRO5d6tTWWIGpE+CczKTd+aIZSJQ9FUbxaXQY1EPEjvOvv
L8Pfcetq6cjvT/Cr0N886R+PkmtuXG1KLTxo1MGBHj5YuqpLbyfR3H+l2O0fh3Gq
HxHE3pQz1jOGvRruDj9E1EY1Rm23f8BV2JevLSehNRXHmHWlNTEQHCMfvtezOpnU
mFyK/tL36/AQU2+7bIrD8tCHjENXqMckPdfThCQh8zxaYUjzfQ9S1j2Uu7Q7B433
f6XQFvYZ8Q==
-----END CERTIFICATE-----
Generated at Tue Sep 19 09:34:02 2023 by rpki-client on console-ams.rpki-client.org