Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kTn3sZjHKtfBT1QfqDbufQjzCtI.roa
File: kTn3sZjHKtfBT1QfqDbufQjzCtI.roa (raw, json)
Hash identifier: yorL7LPBUiEZ7sq5ffyYOzXnK+Jhe2LPXlDs4OaC8Rk=
Subject key identifier: 91:39:F7:B1:98:C7:2A:D7:C1:4F:54:1F:A8:36:EE:7D:08:F3:0A:D2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018972EC2A0675B0512B63813D87B2D3E876
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kTn3sZjHKtfBT1QfqDbufQjzCtI.roa
Signing time: Thu 20 Jul 2023 10:50:27 +0000
ROA not before: Thu 20 Jul 2023 10:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:ec:2a:06:75:b0:51:2b:63:81:3d:87:b2:d3:e8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 10:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9139f7b198c72ad7c14f541fa836ee7d08f30ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:d9:86:92:65:65:46:36:59:2f:ea:f9:71:
29:d9:6c:8a:97:32:79:e0:5a:33:63:fa:95:75:a0:
6e:ce:40:ad:d4:d3:c0:94:86:b4:7f:c0:66:06:f5:
eb:36:7b:c1:9d:5e:5f:61:b4:7c:6c:dd:17:0a:4c:
71:85:43:5e:ed:68:a5:b5:d2:fb:65:81:d4:1a:c2:
a2:32:fa:e2:66:ee:d1:ce:e3:09:88:2d:ae:51:60:
14:6f:d6:d4:73:af:f4:be:d1:2b:16:f5:6b:5f:61:
42:cf:af:9d:ae:b3:df:bb:83:93:5b:46:96:07:1e:
18:8a:86:32:60:49:20:5b:8a:7f:5d:2f:2b:b8:9f:
54:a3:40:36:28:79:ae:03:4b:c0:48:70:69:f1:fb:
1a:89:9c:1e:2f:84:5b:60:de:af:7c:00:0b:25:11:
a5:71:7e:40:d9:e0:f1:a2:61:08:e9:ae:93:8c:2f:
72:6a:5c:39:4f:45:56:63:7b:e9:e8:a9:bd:da:67:
54:a3:e9:57:14:ef:03:74:ad:dc:02:13:46:49:36:
b9:e4:6d:13:09:54:f6:23:35:a8:97:39:c3:51:dc:
53:06:4e:76:58:79:72:7f:fa:1d:9b:1a:bc:fe:51:
b4:ab:b6:4b:f1:15:af:1c:37:fe:56:b6:1f:97:bc:
e3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:39:F7:B1:98:C7:2A:D7:C1:4F:54:1F:A8:36:EE:7D:08:F3:0A:D2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kTn3sZjHKtfBT1QfqDbufQjzCtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/23
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
193.124.204.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.3.0/24
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.177.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.135.24.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/23
212.192.241.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:12:b7:20:cd:48:e2:34:73:5e:09:9d:86:c7:47:1a:1a:ea:
df:cd:10:96:2c:b3:dd:d6:28:c1:22:f0:26:2e:3e:a0:fb:97:
68:14:37:90:21:a8:8a:3d:c8:af:6d:13:8f:65:35:30:3c:87:
ba:7b:a4:b7:cc:f5:70:04:6f:b8:8f:12:3f:2c:d3:0d:4b:61:
89:53:13:af:17:66:cc:8a:6e:90:2d:27:6b:62:34:35:84:2e:
8d:d2:2b:72:c5:27:0e:7e:f6:db:28:35:64:7f:ea:dc:d5:43:
5e:99:3b:4c:7a:1c:82:a0:96:fd:b0:60:65:13:1f:f5:8c:13:
b1:51:10:ac:70:27:3d:50:54:33:00:b1:b1:9d:82:c7:d9:63:
7f:af:af:f0:28:a0:ff:49:47:54:07:2b:6a:20:a2:83:db:63:
9b:ae:34:cb:48:cd:e1:4b:a1:39:1b:8b:60:c2:a9:35:e0:a5:
91:39:03:5b:d3:78:ce:d3:af:7d:f1:ad:ac:57:39:d3:43:62:
22:07:17:50:c5:5a:27:65:89:3a:6b:a6:0e:95:43:50:45:e1:
ad:f0:8a:df:a8:98:32:77:5f:d7:97:23:cf:b0:b4:9c:a1:8e:
e5:b0:85:bd:76:44:6c:a9:62:5c:69:96:75:22:88:c2:56:89:
b1:47:28:5e
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAYly7CoGdbBRK2OBPYey0+h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTA1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM5ZjdiMTk4YzcyYWQ3YzE0ZjU0MWZhODM2ZWU3ZDA4ZjMwYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkfZhpJlZUY2WS/q+XEp2WyKlzJ5
4FozY/qVdaBuzkCt1NPAlIa0f8BmBvXrNnvBnV5fYbR8bN0XCkxxhUNe7WiltdL7
ZYHUGsKiMvriZu7RzuMJiC2uUWAUb9bUc6/0vtErFvVrX2FCz6+drrPfu4OTW0aW
Bx4YioYyYEkgW4p/XS8ruJ9Uo0A2KHmuA0vASHBp8fsaiZweL4RbYN6vfAALJRGl
cX5A2eDxomEI6a6TjC9yalw5T0VWY3vp6Km92mdUo+lXFO8DdK3cAhNGSTa55G0T
CVT2IzWolznDUdxTBk52WHlyf/odmxq8/lG0q7ZL8RWvHDf+VrYfl7zjUQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFJE597GYxyrXwU9UH6g27n0I8wrSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva1RuM3NaakhLdGZCVDFRZnFEYnVmUWp6Q3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEAT5M5gMEAMB8sgMEAMB8tQMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8
hQMEAMF8yAMEAMF8zAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXAQMEAMJXAwMEAMJX
BzAMAwQAwlcLAwQAwlcMAwQAwlcQAwQCwlcYAwQAwlckAwQAwlcoAwQAwlcrAwQA
wlc4AwQAwldJAwQAwldOAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQB
wleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlexAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfMAwQAwlfeAwQAwlfwAwQAwocYAwQAwzo2AwQB
wzo6AwQBwzo+AwQAw4UAAwQBw4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQB
w4XCAwQA1MDxAwQC1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQBNErcgzUjiNHNeCZ2G
x0caGurfzRCWLLPd1ijBIvAmLj6g+5doFDeQIaiKPcivbROPZTUwPIe6e6S3zPVw
BG+4jxI/LNMNS2GJUxOvF2bMim6QLSdrYjQ1hC6N0ityxScOfvbbKDVkf+rc1UNe
mTtMehyCoJb9sGBlEx/1jBOxURCscCc9UFQzALGxnYLH2WN/r6/wKKD/SUdUBytq
IKKD22ObrjTLSM3hS6E5G4tgwqk14KWROQNb03jO06998a2sVznTQ2IiBxdQxVon
ZYk6a6YOlUNQReGt8IrfqJgyd1/XlyPPsLScoY7lsIW9dkRsqWJcaZZ1IojCVomx
Ryhe
-----END CERTIFICATE-----
Generated at Thu Jul 20 11:55:45 2023 by rpki-client on console-ams.rpki-client.org