Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVr-tDuNlJ1kGrM7UhP-yplkcPE.roa
File: iVr-tDuNlJ1kGrM7UhP-yplkcPE.roa (raw, json)
Hash identifier: B1TmImJIkhy//DmzodL7LZxzibKar2fwRmD8xySc6ec=
Subject key identifier: 89:5A:FE:B4:3B:8D:94:9D:64:1A:B3:3B:52:13:FE:CA:99:64:70:F1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C435E7D58C7AC4D29DC0F6489F282B3D2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVr-tDuNlJ1kGrM7UhP-yplkcPE.roa
Signing time: Thu 07 Dec 2023 08:21:55 +0000
ROA not before: Thu 07 Dec 2023 08:21:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.215.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Dec 2023 06:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:5e:7d:58:c7:ac:4d:29:dc:0f:64:89:f2:82:b3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 08:21:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=895afeb43b8d949d641ab33b5213feca996470f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8a:1d:cf:d7:df:7f:1e:77:c9:cc:04:eb:eb:
de:fc:1c:57:db:2d:a9:33:20:d3:c1:76:ea:a3:07:
4c:6a:52:10:02:e3:cb:bf:96:95:eb:ff:bb:0e:6e:
60:98:20:6e:0b:33:d3:90:f0:fe:51:ff:39:e3:20:
1f:bc:c4:3a:9d:97:26:a2:5e:97:b8:2a:5b:56:94:
50:dd:6b:7f:d0:43:b7:65:97:c5:58:18:f2:f3:eb:
05:8b:87:e3:f0:77:ea:4b:58:e9:af:e9:3f:5e:97:
49:22:3a:97:24:4d:3b:71:a1:fd:70:58:a1:6a:3f:
5c:69:0e:e2:55:19:1b:54:6f:39:de:c2:7b:59:1b:
1c:de:db:e7:e9:4d:7d:64:cc:7b:07:58:40:ba:79:
76:fc:b9:26:9b:a1:8b:95:b1:75:e6:16:f8:bb:a7:
dc:db:85:61:71:7b:6a:63:54:57:b0:bb:76:8b:69:
04:cd:0e:23:c0:ad:bf:24:96:b0:5d:f3:cd:79:7a:
df:36:e0:6b:77:70:6e:1d:29:bf:01:4b:22:f4:8a:
32:93:46:a6:9a:64:4b:b5:6c:37:13:45:ae:17:d1:
6b:c5:f2:77:5d:29:5c:28:07:e2:7b:5b:7c:82:f5:
2d:6e:c2:98:e2:06:46:f6:99:69:56:6c:bb:6e:8d:
26:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5A:FE:B4:3B:8D:94:9D:64:1A:B3:3B:52:13:FE:CA:99:64:70:F1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVr-tDuNlJ1kGrM7UhP-yplkcPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
194.87.215.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
44:c0:34:ad:a9:be:f2:dd:27:44:a0:c1:03:41:5c:6c:ba:3c:
72:ca:ea:b7:ec:b9:15:4a:d9:cf:b7:a5:15:ff:5e:4f:9d:b6:
78:ab:0a:e6:01:d3:d5:54:a9:d7:0e:1a:1f:0c:91:1a:27:f0:
c0:fe:75:14:b7:70:c8:98:ef:f1:d2:d2:e2:00:82:39:c0:67:
3f:76:23:1c:97:f2:24:be:a1:ef:36:28:d6:f4:12:82:39:39:
e0:82:d3:e1:ff:94:59:ce:75:7c:05:10:f2:d2:c6:1b:d4:2a:
fb:6a:31:d5:2b:a1:50:34:40:84:5f:9d:4f:8c:c7:75:b2:44:
37:45:e1:82:a8:cb:9e:65:05:70:21:f5:bf:70:90:c9:6f:41:
2f:e4:c5:9f:58:3b:d1:ef:dc:b4:bb:80:53:fb:16:29:2e:84:
4a:c1:cc:45:ab:ff:a5:ec:82:60:e1:a3:85:29:be:3a:3b:15:
ff:82:45:bb:21:b3:a1:5a:50:6e:25:98:09:1b:fd:a2:c7:f9:
2d:24:d8:16:b3:fd:4d:56:7e:38:73:eb:32:e2:06:7e:bd:dc:
dd:6c:f7:56:a9:b6:2a:20:bf:64:1b:55:7d:2c:ae:1f:1e:cd:
fd:b4:72:6f:c6:3d:0b:55:10:8d:ad:ba:46:a1:66:8b:29:9e:
db:e5:f6:48
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYxDXn1Yx6xNKdwPZInygrPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA3MDgyMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVhZmViNDNiOGQ5NDlkNjQxYWIzM2I1MjEzZmVjYTk5NjQ3MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIodz9fffx53ycwE6+ve/BxX2y2p
MyDTwXbqowdMalIQAuPLv5aV6/+7Dm5gmCBuCzPTkPD+Uf854yAfvMQ6nZcmol6X
uCpbVpRQ3Wt/0EO3ZZfFWBjy8+sFi4fj8HfqS1jpr+k/XpdJIjqXJE07caH9cFih
aj9caQ7iVRkbVG853sJ7WRsc3tvn6U19ZMx7B1hAunl2/Lkmm6GLlbF15hb4u6fc
24VhcXtqY1RXsLt2i2kEzQ4jwK2/JJawXfPNeXrfNuBrd3BuHSm/AUsi9Ioyk0am
mmRLtWw3E0WuF9FrxfJ3XSlcKAfie1t8gvUtbsKY4gZG9plpVmy7bo0mtwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFIla/rQ7jZSdZBqzO1IT/sqZZHDxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVZyLXREdU5sSjFrR3JNN1VoUC15cGxrY1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAMEAMJX1wME
AcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEAMOFwgMEANTACwME
ANTA1jANBgkqhkiG9w0BAQsFAAOCAQEARMA0ram+8t0nRKDBA0FcbLo8csrqt+y5
FUrZz7elFf9eT522eKsK5gHT1VSp1w4aHwyRGifwwP51FLdwyJjv8dLS4gCCOcBn
P3YjHJfyJL6h7zYo1vQSgjk54ILT4f+UWc51fAUQ8tLGG9Qq+2ox1SuhUDRAhF+d
T4zHdbJEN0XhgqjLnmUFcCH1v3CQyW9BL+TFn1g70e/ctLuAU/sWKS6ESsHMRav/
peyCYOGjhSm+OjsV/4JFuyGzoVpQbiWYCRv9osf5LSTYFrP9TVZ+OHPrMuIGfr3c
3Wz3Vqm2KiC/ZBtVfSyuHx7N/bRyb8Y9C1UQja26RqFmiyme2+X2SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org