Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dHYWqkC4gJOCp4dZf3dIgai0N48.roa
File: dHYWqkC4gJOCp4dZf3dIgai0N48.roa (raw, json)
Hash identifier: E6qRgooI5/CgCG38Qt0K4JidOS4K3eYhhROl37IXzDg=
Subject key identifier: 74:76:16:AA:40:B8:80:93:82:A7:87:59:7F:77:48:81:A8:B4:37:8F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C57090F5058F70BEBC0BEC82D8102F507
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dHYWqkC4gJOCp4dZf3dIgai0N48.roa
Signing time: Mon 11 Dec 2023 04:01:00 +0000
ROA not before: Mon 11 Dec 2023 04:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:09:0f:50:58:f7:0b:eb:c0:be:c8:2d:81:02:f5:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 11 04:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=747616aa40b8809382a787597f774881a8b4378f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:6f:35:fa:07:0e:08:aa:cc:79:d9:b4:8e:
7e:c3:fe:ec:8a:34:48:e6:79:8d:fd:6a:09:50:69:
1b:36:2e:89:72:10:92:4b:8b:d1:65:df:06:fe:65:
d2:a6:c6:59:c2:9c:6e:8f:5e:43:cf:62:85:72:67:
13:42:84:b8:49:d8:ef:2f:c8:9d:85:71:27:83:e5:
bc:be:83:23:36:2a:4f:cb:4c:47:0a:4c:13:ba:a5:
cb:70:7e:f1:b6:df:51:e7:cb:e5:58:b2:b4:b2:8f:
f7:a7:83:74:e4:63:3e:30:74:24:f6:64:94:de:11:
e1:33:b9:a4:01:77:93:33:8b:7f:14:0a:70:fe:86:
f7:85:91:db:21:cb:2f:5c:2f:40:91:1b:19:5d:90:
fe:e9:0a:14:14:3a:05:64:94:6e:3b:6b:f7:5e:36:
39:4c:6b:c6:15:ba:cb:5c:98:ff:a2:0f:1e:bd:36:
13:19:89:3b:94:4a:9f:e7:b7:02:ec:24:3e:cf:53:
6e:ab:37:ae:e2:1c:73:73:ea:53:e2:b0:59:f2:b8:
8c:08:92:f0:af:97:ee:6f:94:ff:37:0d:85:84:d3:
4e:0a:f8:22:96:cb:01:7e:fd:41:c8:a3:60:01:3d:
75:6b:b7:26:73:05:fc:93:00:41:ff:12:45:b3:d9:
e8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:76:16:AA:40:B8:80:93:82:A7:87:59:7F:77:48:81:A8:B4:37:8F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dHYWqkC4gJOCp4dZf3dIgai0N48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.26.0/24
194.87.138.0/24
194.87.141.0/24
194.87.168.0/24
194.87.170.0/24
194.87.178.0/24
194.87.229.0/24
194.87.250.0/24
195.58.54.0/24
195.58.63.0/24
212.192.1.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ca:b5:2e:3a:fc:e4:0f:ec:74:bd:3d:8a:ef:26:14:90:a3:
eb:b2:e9:49:93:40:aa:d2:57:1b:94:18:15:39:7a:93:76:9a:
2a:9f:b4:c5:cd:3f:5f:52:30:a2:6a:b6:a0:53:55:b6:8d:75:
9c:ec:bd:ab:87:38:5e:fb:52:07:c9:b6:9b:18:09:66:cd:cc:
1b:9d:8e:58:53:e7:ef:ff:e5:f6:25:51:91:b4:b4:0b:4e:16:
f0:2a:09:70:d8:71:f2:d8:c0:dc:24:47:51:28:b0:f0:51:0a:
06:c0:eb:08:a2:e1:e5:60:a0:19:b2:69:27:c8:f4:d7:54:b5:
dc:1d:7e:c9:e2:cd:52:79:da:37:62:ed:0d:5a:59:81:a6:d7:
32:12:38:2a:99:8c:c0:ee:99:3f:44:ce:67:f5:d1:56:ec:38:
91:06:e3:91:b6:0d:da:85:47:a2:2d:a7:1e:45:f3:5a:4c:36:
93:79:2b:29:5e:da:e1:20:aa:03:1d:15:44:40:62:c0:38:57:
dc:de:eb:1d:0a:83:e9:bf:47:7b:5c:58:0f:3f:0c:26:d0:e4:
8b:34:6a:25:1c:e3:83:51:c0:45:39:0a:e2:cc:88:c4:05:2d:
ef:de:31:bd:60:e5:c0:dc:c9:38:1e:a3:8a:1c:5e:cc:2c:11:
12:e9:ed:10
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYxXCQ9QWPcL68C+yC2BAvUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjExMDQwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDc2MTZhYTQwYjg4MDkzODJhNzg3NTk3Zjc3NDg4MWE4YjQzNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy5vNfoHDgiqzHnZtI5+w/7sijRI
5nmN/WoJUGkbNi6JchCSS4vRZd8G/mXSpsZZwpxuj15Dz2KFcmcTQoS4SdjvL8id
hXEng+W8voMjNipPy0xHCkwTuqXLcH7xtt9R58vlWLK0so/3p4N05GM+MHQk9mSU
3hHhM7mkAXeTM4t/FApw/ob3hZHbIcsvXC9AkRsZXZD+6QoUFDoFZJRuO2v3XjY5
TGvGFbrLXJj/og8evTYTGYk7lEqf57cC7CQ+z1Nuqzeu4hxzc+pT4rBZ8riMCJLw
r5fub5T/Nw2FhNNOCvgilssBfv1ByKNgAT11a7cmcwX8kwBB/xJFs9noYQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHR2FqpAuICTgqeHWX93SIGotDePMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZEhZV3FrQzRnSk9DcDRkWmYzZElnYWkwTjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwlcaAwQA
wleKAwQAwleNAwQAwleoAwQAwleqAwQAwleyAwQAwlflAwQAwlf6AwQAwzo2AwQA
wzo/AwQA1MABAwQA1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQAxyrUuOvzkD+x0vT2K
7yYUkKPrsulJk0Cq0lcblBgVOXqTdpoqn7TFzT9fUjCiaragU1W2jXWc7L2rhzhe
+1IHybabGAlmzcwbnY5YU+fv/+X2JVGRtLQLThbwKglw2HHy2MDcJEdRKLDwUQoG
wOsIouHlYKAZsmknyPTXVLXcHX7J4s1Sedo3Yu0NWlmBptcyEjgqmYzA7pk/RM5n
9dFW7DiRBuORtg3ahUeiLaceRfNaTDaTeSspXtrhIKoDHRVEQGLAOFfc3usdCoPp
v0d7XFgPPwwm0OSLNGolHOODUcBFOQrizIjEBS3v3jG9YOXA3Mk4HqOKHF7MLBES
6e0Q
-----END CERTIFICATE-----
Generated at Tue Dec 12 14:34:21 2023 by rpki-client on console-ams.rpki-client.org