Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cAIyiD4RW03pYV39oAm96bIshtM.roa
File: cAIyiD4RW03pYV39oAm96bIshtM.roa (raw, json)
Hash identifier: RE5Uhj4w7jDiog7Jgv/lz0T/PxQuU8QTWPx+ZzFlbmo=
Subject key identifier: 70:02:32:88:3E:11:5B:4D:E9:61:5D:FD:A0:09:BD:E9:B2:2C:86:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1ABFC35ADF2AEC2E823AA9EB6AD1C1D2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cAIyiD4RW03pYV39oAm96bIshtM.roa
Signing time: Tue 10 Oct 2023 18:00:56 +0000
ROA not before: Tue 10 Oct 2023 18:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1a:bf:c3:5a:df:2a:ec:2e:82:3a:a9:eb:6a:d1:c1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 10 18:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=700232883e115b4de9615dfda009bde9b22c86d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:43:3c:fb:3e:57:c8:17:9e:80:6e:53:ce:5f:
43:90:12:4c:d6:1c:6e:1f:db:0c:14:80:6e:ba:9b:
e4:9b:ba:42:4e:d3:8c:b2:77:52:d1:39:ab:da:9c:
f5:84:6b:96:a2:58:4c:63:28:68:36:41:33:e1:f2:
21:00:9c:c4:e1:f2:9a:49:9e:0a:af:4d:c2:1b:2c:
17:ee:bb:8f:15:68:2a:ad:30:a3:ca:17:10:de:da:
3f:29:4d:00:86:a8:4b:67:f5:a6:19:d2:de:6c:42:
2c:8f:c2:82:2e:e7:e2:41:28:0b:7a:fa:44:1f:cc:
41:76:3d:95:61:1b:54:3e:d1:0b:bd:f2:f5:d7:33:
3e:5b:4d:13:ba:52:98:88:79:ee:02:c1:54:2b:90:
b2:b4:1d:74:06:3f:84:db:d0:44:f9:50:ad:69:6a:
a1:cf:5e:8b:88:65:24:d1:87:87:71:8d:f3:12:7a:
13:80:f8:f9:1d:48:f6:2b:5a:f9:74:06:01:70:14:
ce:36:a8:f3:ef:d9:0b:af:c0:85:67:f4:7f:f4:e7:
93:f8:00:d3:22:1c:a7:25:f0:c5:5d:54:17:53:2a:
73:fd:2b:5e:d0:33:81:ad:64:19:ee:3b:32:22:9e:
42:1e:51:1e:03:8c:5d:2b:1f:91:58:f5:5f:57:70:
df:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:02:32:88:3E:11:5B:4D:E9:61:5D:FD:A0:09:BD:E9:B2:2C:86:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cAIyiD4RW03pYV39oAm96bIshtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
194.135.18.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.37.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e3:21:dd:d5:32:cc:66:e8:19:60:e0:9c:5f:22:34:aa:1d:
9b:42:91:8b:6f:1c:84:76:1c:d4:4c:63:57:41:a1:c1:01:ac:
01:45:87:2e:9b:61:87:c8:cb:d5:73:59:6e:c4:d4:68:6e:19:
f1:ec:3b:d1:c3:cc:79:f4:e8:05:25:36:30:ef:1c:fa:6a:92:
8c:aa:0e:58:06:f1:29:25:a1:2b:65:df:e4:21:88:44:98:c2:
ab:cf:ca:f2:7b:86:2d:a0:e9:42:45:38:72:25:2f:ee:17:c8:
09:ee:bc:c9:18:0f:f0:31:55:27:d5:b2:5a:3a:8d:41:33:bb:
98:b0:62:16:89:16:0d:0c:ef:3e:2f:68:69:71:bc:e5:1c:2f:
ae:d3:4a:b2:36:de:2c:62:96:fc:be:c8:d7:82:ac:42:18:b0:
47:d5:d7:1e:3e:a6:3c:72:7b:de:4b:4f:ac:d7:94:36:cf:bb:
3d:a7:0a:77:ab:53:68:b7:0b:0f:aa:d4:18:9e:d5:8e:e6:fa:
85:2a:33:26:66:ee:af:47:eb:b0:45:59:ae:e4:91:78:2a:97:
24:81:26:cc:82:22:9a:d8:b1:d3:d7:8d:e1:ce:2b:31:cc:7b:
ca:3b:21:35:34:35:40:66:c4:f4:c2:ba:32:0d:93:41:44:7c:
30:70:69:3a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYsav8Na3yrsLoI6qetq0cHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEwMTgwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDAyMzI4ODNlMTE1YjRkZTk2MTVkZmRhMDA5YmRlOWIyMmM4NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUM8+z5XyBeegG5Tzl9DkBJM1hxu
H9sMFIBuupvkm7pCTtOMsndS0Tmr2pz1hGuWolhMYyhoNkEz4fIhAJzE4fKaSZ4K
r03CGywX7ruPFWgqrTCjyhcQ3to/KU0AhqhLZ/WmGdLebEIsj8KCLufiQSgLevpE
H8xBdj2VYRtUPtELvfL11zM+W00TulKYiHnuAsFUK5CytB10Bj+E29BE+VCtaWqh
z16LiGUk0YeHcY3zEnoTgPj5HUj2K1r5dAYBcBTONqjz79kLr8CFZ/R/9OeT+ADT
IhynJfDFXVQXUypz/Ste0DOBrWQZ7jsyIp5CHlEeA4xdKx+RWPVfV3DfkQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFHACMog+EVtN6WFd/aAJvemyLIbTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY0FJeWlENFJXMDNwWVYzOW9BbTk2YklzaHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADChxIDBADDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4D
BADDhSUDBAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEB
ADbjId3VMsxm6Blg4JxfIjSqHZtCkYtvHIR2HNRMY1dBocEBrAFFhy6bYYfIy9Vz
WW7E1GhuGfHsO9HDzHn06AUlNjDvHPpqkoyqDlgG8SkloStl3+QhiESYwqvPyvJ7
hi2g6UJFOHIlL+4XyAnuvMkYD/AxVSfVslo6jUEzu5iwYhaJFg0M7z4vaGlxvOUc
L67TSrI23ixilvy+yNeCrEIYsEfV1x4+pjxye95LT6zXlDbPuz2nCnerU2i3Cw+q
1Bie1Y7m+oUqMyZm7q9H67BFWa7kkXgqlySBJsyCIprYsdPXjeHOKzHMe8o7ITU0
NUBmxPTCujINk0FEfDBwaTo=
-----END CERTIFICATE-----
Generated at Wed Oct 11 09:11:43 2023 by rpki-client on console-ams.rpki-client.org