Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fYuYeTt5hf5bdls1FqsMPef83ho.roa
File: fYuYeTt5hf5bdls1FqsMPef83ho.roa (raw, json)
Hash identifier: WXLbqUnGHbfZhuNS6KRyaUyl83SdSJsKJnpe4Xt9x2o=
Subject key identifier: 7D:8B:98:79:3B:79:85:FE:5B:76:5B:35:16:AB:0C:3D:E7:FC:DE:1A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B6FB63DE5A66B068878EB271D01D5C5AB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fYuYeTt5hf5bdls1FqsMPef83ho.roa
Signing time: Fri 27 Oct 2023 05:58:16 +0000
ROA not before: Fri 27 Oct 2023 05:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.63.0/24 maxlen: 24
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:b6:3d:e5:a6:6b:06:88:78:eb:27:1d:01:d5:c5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 27 05:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d8b98793b7985fe5b765b3516ab0c3de7fcde1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:a7:a1:88:27:df:24:18:68:ef:fe:31:12:
c2:14:7d:54:82:1a:12:a4:d5:3f:d2:59:2e:a7:61:
8a:23:7a:6f:32:1b:e9:5c:1d:13:25:ee:72:f1:56:
0b:24:65:a0:46:00:14:e4:6c:9a:8c:b7:90:32:36:
e6:d0:de:80:e4:3b:ed:4c:9b:f5:e3:d7:0e:3d:4f:
69:e2:b8:15:79:bb:a8:4d:04:61:1b:16:1b:7d:ef:
72:65:5f:f9:8e:83:7d:84:9c:f2:05:4a:49:6e:fb:
26:8b:32:09:64:2b:4e:bc:12:00:cf:a4:39:35:9a:
2f:9e:19:a0:62:e6:85:bf:bf:7b:41:20:d8:bf:6c:
54:78:a3:e4:e1:b6:4b:59:9f:37:cf:e4:eb:53:04:
bd:60:fa:5b:3f:cd:f4:f7:c1:8e:14:b6:b5:8c:72:
b7:5a:02:7b:6d:c9:4b:f8:79:cd:4c:a2:8e:aa:c2:
ff:5d:eb:58:c1:f4:4c:01:83:55:53:fa:83:e1:49:
6b:be:e5:17:84:b9:15:9d:77:d2:35:f6:d2:67:02:
ee:ac:21:90:a0:23:0b:44:46:82:f7:32:d7:78:c4:
21:79:9c:bf:97:54:98:68:05:51:f9:b0:0f:4f:d4:
6d:82:a8:3f:03:2b:4d:01:f1:7e:5b:4f:0b:2f:02:
f6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8B:98:79:3B:79:85:FE:5B:76:5B:35:16:AB:0C:3D:E7:FC:DE:1A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fYuYeTt5hf5bdls1FqsMPef83ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.35.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
27:85:c6:9c:f0:76:48:23:3c:2b:1f:b2:6e:36:d9:35:da:1f:
7c:c3:60:ad:9a:39:2f:46:4f:cd:62:c9:84:0a:97:38:c2:1e:
ce:03:0d:b5:be:62:a5:72:38:c3:42:1b:5b:0c:6b:13:3d:f5:
2f:dd:60:9e:1c:47:3d:7f:a6:c7:97:99:6a:6f:c9:4d:4e:dc:
8b:2e:d9:bb:74:03:27:38:ab:4a:88:05:b6:23:ff:6e:e1:c2:
44:8d:68:67:9a:51:93:91:d0:04:be:18:76:f4:42:9e:4d:a2:
41:e6:25:38:d2:d3:53:a2:15:52:b8:2a:ee:6e:35:2f:fd:52:
34:48:bc:d3:25:83:d7:a9:eb:b5:fc:23:e4:64:d3:14:ca:f6:
bd:2e:e7:99:c1:c4:f7:77:fd:2e:ed:46:9f:f1:d7:44:42:df:
05:9a:11:21:c4:b5:4f:b1:a6:58:db:8a:93:78:43:c1:02:aa:
66:ce:7c:0e:b5:15:26:6f:32:30:43:f1:3b:30:ee:a1:c0:0b:
76:4e:97:c1:17:18:89:26:66:34:41:65:19:e3:60:1c:66:9d:
3a:85:ae:8e:44:8d:84:a5:61:a1:a6:45:d2:74:dd:6a:16:38:
af:3f:7d:45:aa:74:63:0f:50:84:20:43:c1:5a:4a:0b:0f:db:
70:ad:a2:b4
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYtvtj3lpmsGiHjrJx0B1cWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI3MDU1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhiOTg3OTNiNzk4NWZlNWI3NjViMzUxNmFiMGMzZGU3ZmNkZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIqnoYgn3yQYaO/+MRLCFH1UghoS
pNU/0lkup2GKI3pvMhvpXB0TJe5y8VYLJGWgRgAU5GyajLeQMjbm0N6A5DvtTJv1
49cOPU9p4rgVebuoTQRhGxYbfe9yZV/5joN9hJzyBUpJbvsmizIJZCtOvBIAz6Q5
NZovnhmgYuaFv797QSDYv2xUeKPk4bZLWZ83z+TrUwS9YPpbP83098GOFLa1jHK3
WgJ7bclL+HnNTKKOqsL/XetYwfRMAYNVU/qD4UlrvuUXhLkVnXfSNfbSZwLurCGQ
oCMLREaC9zLXeMQheZy/l1SYaAVR+bAPT9Rtgqg/AytNAfF+W08LLwL2VQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFH2LmHk7eYX+W3ZbNRarDD3n/N4aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZll1WWVUdDVoZjViZGxzMUZxc01QZWY4M2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAMB8sgMEAMB8tQMEAMB8vQMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQA
wleDMAwDBADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV74DBADCV8gD
BADCV94DBADDOiMDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4DBAHDhSgD
BADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEBACeFxpzwdkgjPCsf
sm422TXaH3zDYK2aOS9GT81iyYQKlzjCHs4DDbW+YqVyOMNCG1sMaxM99S/dYJ4c
Rz1/pseXmWpvyU1O3Isu2bt0Ayc4q0qIBbYj/27hwkSNaGeaUZOR0AS+GHb0Qp5N
okHmJTjS01OiFVK4Ku5uNS/9UjRIvNMlg9ep67X8I+Rk0xTK9r0u55nBxPd3/S7t
Rp/x10RC3wWaESHEtU+xpljbipN4Q8ECqmbOfA61FSZvMjBD8Tsw7qHAC3ZOl8EX
GIkmZjRBZRnjYBxmnTqFro5EjYSlYaGmRdJ03WoWOK8/fUWqdGMPUIQgQ8FaSgsP
23CtorQ=
-----END CERTIFICATE-----
Generated at Sun Oct 29 14:04:21 2023 by rpki-client on console-ams.rpki-client.org