Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gsdPSsQrViI6brhRpRCPlbnr_Ks.roa
File: gsdPSsQrViI6brhRpRCPlbnr_Ks.roa (raw, json)
Hash identifier: gIbh2Sl7rQ3009wZkOcTzMn8eri9EpQd8vA4RhdEkJ0=
Subject key identifier: 82:C7:4F:4A:C4:2B:56:22:3A:6E:B8:51:A5:10:8F:95:B9:EB:FC:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C3DA690F4FC597B23FA6E019C64C00936
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gsdPSsQrViI6brhRpRCPlbnr_Ks.roa
Signing time: Wed 06 Dec 2023 05:42:55 +0000
ROA not before: Wed 06 Dec 2023 05:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147186
IP address blocks: 194.87.229.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3d:a6:90:f4:fc:59:7b:23:fa:6e:01:9c:64:c0:09:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 6 05:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82c74f4ac42b56223a6eb851a5108f95b9ebfcab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:36:6c:9a:13:aa:80:0f:da:c2:a6:20:31:66:
28:05:11:2b:65:be:43:71:75:54:07:05:20:b0:8d:
e4:aa:4c:85:03:ae:d9:4f:5d:3c:dc:2f:b7:de:99:
8d:4c:7c:95:aa:1d:77:28:e6:f8:03:78:bf:d9:d6:
55:70:59:6c:ef:ee:f0:33:7f:fd:2f:f3:ca:b8:10:
30:28:db:f7:b1:0b:46:d6:1b:30:c9:31:99:98:15:
44:6f:94:5b:f3:d6:82:c6:c8:9f:7e:4a:9b:f9:0e:
b9:58:14:a6:6f:5b:50:bb:22:d7:2d:56:72:e5:b6:
83:60:25:b9:36:1f:a2:2c:bc:aa:43:a0:50:3a:31:
eb:f6:9a:5d:ac:ff:bf:ea:40:26:e6:18:05:37:c6:
12:28:1e:fc:e3:83:15:11:f0:4f:e3:4a:36:a4:47:
e9:6a:50:0d:25:a3:a3:82:de:6b:53:b9:cd:cf:0b:
33:33:b3:da:ba:d5:7b:46:f0:8d:01:1a:3c:9d:df:
e3:b5:09:c9:cb:cc:a6:34:c6:f4:ab:91:75:b5:f3:
b7:16:26:29:bc:25:ea:b3:5b:dd:59:2c:fa:57:de:
e9:3f:15:80:28:06:bd:66:47:4f:91:e3:da:f2:09:
e8:b0:c0:b0:5d:5f:f8:b8:3c:7e:16:7d:38:1b:00:
d7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C7:4F:4A:C4:2B:56:22:3A:6E:B8:51:A5:10:8F:95:B9:EB:FC:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gsdPSsQrViI6brhRpRCPlbnr_Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.26.0/24
194.87.33.0/24
194.87.138.0/24
194.87.141.0/24
194.87.168.0/24
194.87.170.0/24
194.87.178.0/24
194.87.229.0/24
194.87.250.0/24
195.58.54.0/24
195.58.63.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
94:9e:bf:30:71:a4:e7:be:e4:32:79:0b:89:6c:44:a2:8a:47:
c7:06:62:67:27:9c:02:75:0d:a0:c6:9c:65:ad:46:4b:92:a7:
6b:67:1c:56:61:93:04:cf:75:8a:7c:7e:cc:72:93:b9:f5:ed:
b4:38:0c:86:c5:a3:6d:05:8c:70:fc:bf:20:1a:53:91:c8:eb:
42:4f:25:5d:3a:dd:4b:3b:e3:bd:09:27:0b:89:3d:30:03:11:
1f:95:59:90:56:e1:e7:13:3d:5b:c3:c8:bd:68:a6:88:16:74:
21:22:50:37:bf:40:75:f9:ad:f4:6b:2b:fd:a6:a6:fe:c7:7b:
7d:71:20:6a:65:db:d9:b4:46:d6:6b:59:5e:6b:0e:11:f1:de:
82:6f:3c:8c:2f:ec:7f:a7:0c:cb:d5:d6:c1:30:ec:7e:59:e7:
e6:ec:4e:3a:d3:e2:81:7e:8d:04:bb:81:a1:aa:be:30:7b:c7:
59:3e:2f:1c:4a:5e:ee:c5:8a:12:53:ee:74:cd:7c:86:2d:4e:
0a:67:72:0e:ce:dd:6a:cc:1d:95:da:37:74:22:6d:d9:68:83:
fd:46:7b:70:21:da:f4:5b:2b:41:1b:28:63:ce:fa:27:58:a1:
58:1e:1d:1a:b6:cb:52:b1:fa:9f:55:c0:3d:7c:69:d8:ab:1d:
86:de:c7:85
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYw9ppD0/Fl7I/puAZxkwAk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA2MDU0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM3NGY0YWM0MmI1NjIyM2E2ZWI4NTFhNTEwOGY5NWI5ZWJmY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTZsmhOqgA/awqYgMWYoBRErZb5D
cXVUBwUgsI3kqkyFA67ZT1083C+33pmNTHyVqh13KOb4A3i/2dZVcFls7+7wM3/9
L/PKuBAwKNv3sQtG1hswyTGZmBVEb5Rb89aCxsiffkqb+Q65WBSmb1tQuyLXLVZy
5baDYCW5Nh+iLLyqQ6BQOjHr9ppdrP+/6kAm5hgFN8YSKB7844MVEfBP40o2pEfp
alANJaOjgt5rU7nNzwszM7PautV7RvCNARo8nd/jtQnJy8ymNMb0q5F1tfO3FiYp
vCXqs1vdWSz6V97pPxWAKAa9ZkdPkePa8gnosMCwXV/4uDx+Fn04GwDXBwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFILHT0rEK1YiOm64UaUQj5W56/yrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ3NkUFNzUXJWaUk2YnJoUnBSQ1BsYm5yX0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwlcaAwQA
wlchAwQAwleKAwQAwleNAwQAwleoAwQAwleqAwQAwleyAwQAwlflAwQAwlf6AwQA
wzo2AwQAwzo/AwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQCUnr8wcaTnvuQyeQuJ
bESiikfHBmJnJ5wCdQ2gxpxlrUZLkqdrZxxWYZMEz3WKfH7McpO59e20OAyGxaNt
BYxw/L8gGlORyOtCTyVdOt1LO+O9CScLiT0wAxEflVmQVuHnEz1bw8i9aKaIFnQh
IlA3v0B1+a30ayv9pqb+x3t9cSBqZdvZtEbWa1leaw4R8d6CbzyML+x/pwzL1dbB
MOx+Wefm7E460+KBfo0Eu4Ghqr4we8dZPi8cSl7uxYoSU+50zXyGLU4KZ3IOzt1q
zB2V2jd0Im3ZaIP9RntwIdr0WytBGyhjzvonWKFYHh0atstSsfqfVcA9fGnYqx2G
3seF
-----END CERTIFICATE-----
Generated at Fri Dec 8 08:55:01 2023 by rpki-client on console-ams.rpki-client.org