Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/llOIsoZ-_2sZP3SLJH35lo7V9GA.roa
File: llOIsoZ-_2sZP3SLJH35lo7V9GA.roa (raw, json)
Hash identifier: vTpqL+O35HWJLoQ7Ep/6JnDpcSZ5M7OKbP5V/brg1/8=
Subject key identifier: 96:53:88:B2:86:7E:FF:6B:19:3F:74:8B:24:7D:F9:96:8E:D5:F4:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189D02FC308F2C004FF2CB18E9824BC5C31
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/llOIsoZ-_2sZP3SLJH35lo7V9GA.roa
Signing time: Mon 07 Aug 2023 13:28:58 +0000
ROA not before: Mon 07 Aug 2023 13:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:2f:c3:08:f2:c0:04:ff:2c:b1:8e:98:24:bc:5c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 7 13:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=965388b2867eff6b193f748b247df9968ed5f460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:96:d5:67:eb:21:37:e9:79:97:69:38:4d:d9:
72:0c:ee:71:78:85:68:ac:66:8f:33:29:d5:be:6e:
3c:27:d2:5b:76:5c:05:8e:10:64:c7:55:36:0a:74:
05:f4:5c:05:27:2c:45:e3:fb:53:77:22:11:85:bd:
e6:d5:03:8f:9f:8f:8e:52:7d:79:ff:71:5a:c5:c5:
59:17:18:24:24:56:2e:23:f1:07:c4:19:53:db:21:
21:b1:5d:34:ce:92:60:3a:cc:63:b9:8f:ab:e0:5b:
f1:17:bb:d9:70:25:e5:46:79:28:a2:06:38:62:68:
8d:14:f1:be:69:3c:c4:df:5e:8c:7a:4b:3e:5a:01:
fe:f2:c5:df:6d:00:11:64:1a:6e:27:79:f3:18:c5:
5e:0a:09:ab:c7:c3:a2:e2:a8:6d:49:a8:02:a5:6d:
9a:c6:8b:a7:d0:8a:82:a2:58:eb:ca:1f:a9:2d:24:
a1:90:19:35:16:ee:a5:13:b5:3c:5f:6a:05:1b:a4:
d4:ba:b9:14:b4:f9:bc:b6:8f:ef:7a:7f:0b:a6:df:
a4:dc:e4:54:f2:ca:a7:2f:08:d3:d1:50:82:81:96:
15:cc:a4:3b:9c:a0:50:2c:e0:2a:d2:3a:24:4b:e5:
1a:d9:af:ca:ac:7f:08:78:88:d2:58:1a:af:96:5f:
f8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:53:88:B2:86:7E:FF:6B:19:3F:74:8B:24:7D:F9:96:8E:D5:F4:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/llOIsoZ-_2sZP3SLJH35lo7V9GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0b:93:6b:52:5f:89:f7:1f:72:b5:9e:0e:63:10:1b:a1:f5:
59:99:c3:7a:93:9a:4a:4d:2e:58:eb:74:8b:a6:0b:3a:be:a2:
91:d9:4d:b3:9b:d4:53:9a:46:b5:18:58:4f:f3:eb:8e:7d:a3:
08:f1:91:af:64:ed:73:8d:27:d4:36:a3:7d:58:d9:11:a8:69:
f1:4d:2d:4e:eb:30:b7:44:b4:92:b4:84:39:bf:fe:d3:78:69:
ab:3a:4a:55:2d:3b:da:70:cf:e4:ba:41:30:ab:33:ee:d9:15:
6f:35:75:b2:23:ac:9d:a3:04:02:f9:06:b1:a5:e5:0c:3a:c0:
2f:40:47:94:3c:56:0f:2e:86:42:67:a7:66:f8:06:df:67:91:
28:b8:ea:2c:20:69:b9:b4:b6:29:b4:b0:e7:41:26:6a:57:64:
f8:92:dd:47:14:82:0c:97:5f:f1:d7:51:65:60:ca:13:88:ca:
41:8d:06:f4:51:54:0e:51:49:fd:b2:ad:b5:e3:f5:d2:6a:50:
b7:bc:ef:dd:62:35:e5:79:0e:46:10:28:f6:ee:12:65:2d:de:
64:a7:29:03:84:71:c1:48:56:19:14:61:1c:e5:24:0b:4d:0a:
30:06:01:e5:0e:5f:e8:1c:05:c6:f3:76:b0:85:b3:2b:e8:14:
56:82:4d:06
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYnQL8MI8sAE/yyxjpgkvFwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA3MTMyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUzODhiMjg2N2VmZjZiMTkzZjc0OGIyNDdkZjk5NjhlZDVmNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypbVZ+shN+l5l2k4TdlyDO5xeIVo
rGaPMynVvm48J9JbdlwFjhBkx1U2CnQF9FwFJyxF4/tTdyIRhb3m1QOPn4+OUn15
/3FaxcVZFxgkJFYuI/EHxBlT2yEhsV00zpJgOsxjuY+r4FvxF7vZcCXlRnkoogY4
YmiNFPG+aTzE316Meks+WgH+8sXfbQARZBpuJ3nzGMVeCgmrx8Oi4qhtSagCpW2a
xoun0IqColjryh+pLSShkBk1Fu6lE7U8X2oFG6TUurkUtPm8to/ven8Lpt+k3ORU
8sqnLwjT0VCCgZYVzKQ7nKBQLOAq0jokS+Ua2a/KrH8IeIjSWBqvll/4KwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFJZTiLKGfv9rGT90iyR9+ZaO1fRgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbGxPSXNvWi1fMnNaUDNTTEpIMzVsbzdWOUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAwHyyAwQAwHy2AwQAwHy/AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjov
AwQAwjqaAwQAwlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADC
V0kDBADCV1MDBADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBAHCV4YDBADC
V5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gDBADCV94DBADDOiQDBADD
OjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4DBADDhSMDBADDhUkDBAHD
hVQDBADDhcIDBADUwPEwDQYJKoZIhvcNAQELBQADggEBAFoLk2tSX4n3H3K1ng5j
EBuh9VmZw3qTmkpNLljrdIumCzq+opHZTbOb1FOaRrUYWE/z6459owjxka9k7XON
J9Q2o31Y2RGoafFNLU7rMLdEtJK0hDm//tN4aas6SlUtO9pwz+S6QTCrM+7ZFW81
dbIjrJ2jBAL5BrGl5Qw6wC9AR5Q8Vg8uhkJnp2b4Bt9nkSi46iwgabm0tim0sOdB
JmpXZPiS3UcUggyXX/HXUWVgyhOIykGNBvRRVA5RSf2yrbXj9dJqULe8791iNeV5
DkYQKPbuEmUt3mSnKQOEccFIVhkUYRzlJAtNCjAGAeUOX+gcBcbzdrCFsyvoFFaC
TQY=
-----END CERTIFICATE-----
Generated at Tue Aug 8 10:43:31 2023 by rpki-client on console-fra.rpki-client.org