Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nD8_FEQADd13Rkl9XZEeyFMY49w.roa
File: nD8_FEQADd13Rkl9XZEeyFMY49w.roa (raw, json)
Hash identifier: ACHJ9B21z50WzM6eS0/SlF6eFKFSB9J4xPdeRYwDDjQ=
Subject key identifier: 9C:3F:3F:14:44:00:0D:DD:77:46:49:7D:5D:91:1E:C8:53:18:E3:DC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189AFC235A79CAE0F4A82A7CE7A025BE6B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nD8_FEQADd13Rkl9XZEeyFMY49w.roa
Signing time: Tue 01 Aug 2023 06:21:27 +0000
ROA not before: Tue 01 Aug 2023 06:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:af:c2:35:a7:9c:ae:0f:4a:82:a7:ce:7a:02:5b:e6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 1 06:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c3f3f1444000ddd7746497d5d911ec85318e3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:f3:a1:d9:f9:af:8b:ca:27:3e:5f:15:68:
c4:bb:ae:26:b6:c8:c7:9a:c8:4f:95:07:3f:14:1f:
0d:ed:3f:92:33:68:ab:a1:37:db:6e:0c:aa:f8:5c:
64:23:e6:f7:72:be:9b:82:00:3e:31:3c:b0:5c:1a:
fa:f6:61:87:20:87:d2:7a:6a:4b:69:05:b1:a4:82:
c8:f3:b0:9c:8a:80:ff:be:7f:12:ca:95:d3:ab:56:
25:46:11:93:4c:29:6d:a7:7e:d7:08:22:3a:c3:1b:
bc:e8:01:7b:f1:53:74:ca:ef:40:b4:2f:c7:cb:7a:
9d:39:ca:b4:38:69:05:de:0a:a8:12:60:89:0c:01:
1f:79:d8:b6:f8:cc:93:2b:f0:4c:0c:ac:df:0f:b3:
74:2d:1e:80:bb:5c:1f:c1:48:f9:36:54:40:72:c1:
5c:c0:62:1b:fd:b4:23:14:15:d6:7a:cb:19:d8:03:
1e:cc:64:e7:b7:d2:86:f8:bb:f4:91:7b:d8:6c:4d:
f5:39:69:56:82:ee:67:ae:6d:c8:9e:08:39:05:1a:
bc:f2:cc:2b:29:19:20:ee:21:fc:5d:4f:d5:3c:32:
19:fe:66:0f:b2:86:55:cc:e6:e6:ca:69:42:03:d7:
ba:2c:e5:89:1b:b2:0c:28:89:23:9a:9f:29:cd:95:
ac:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3F:3F:14:44:00:0D:DD:77:46:49:7D:5D:91:1E:C8:53:18:E3:DC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nD8_FEQADd13Rkl9XZEeyFMY49w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
19:c2:bc:b1:21:92:7a:46:b1:30:76:52:31:20:de:04:d3:99:
6c:f5:38:72:46:9d:11:5e:51:c3:92:61:ce:9a:e4:5c:7c:56:
1a:d4:fd:fe:fa:ed:d6:8c:66:41:1f:6a:ee:c8:11:93:0e:a4:
dd:d7:fa:73:9b:e7:63:b5:21:c0:26:09:c7:61:de:96:8c:bc:
9d:97:38:cf:48:3e:c3:c4:83:49:f4:aa:63:38:72:bd:1c:2b:
25:94:5d:ab:5e:e6:a8:f4:03:10:34:53:87:32:55:06:ce:cb:
f0:9b:4f:8b:02:3a:5b:a6:4d:88:4c:9b:71:12:da:9f:11:38:
bf:76:8e:65:35:be:37:a6:a5:f1:8f:3d:13:44:3d:cf:fa:3b:
0b:b5:81:cc:d5:42:dc:b1:77:e0:ef:ed:9e:c2:75:c7:b3:0a:
f3:78:0c:57:f8:15:ed:e3:2d:db:84:6f:9c:04:7e:2e:71:6a:
2e:57:cd:dc:1a:28:bd:1e:0d:99:cc:ab:91:37:c1:2d:c5:30:
92:3d:34:60:ae:f4:24:98:2f:e2:1a:a9:45:68:43:31:fe:3c:
0c:54:df:40:41:47:bf:54:dd:15:a4:b1:97:34:27:30:d2:03:
1f:31:89:a0:0a:26:da:69:10:ef:8b:c3:49:6f:10:d4:5d:25:
62:2e:14:55
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAYmvwjWnnK4PSoKnznoCW+a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAxMDYyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNmM2YxNDQ0MDAwZGRkNzc0NjQ5N2Q1ZDkxMWVjODUzMThlM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RTzodn5r4vKJz5fFWjEu64mtsjH
mshPlQc/FB8N7T+SM2iroTfbbgyq+FxkI+b3cr6bggA+MTywXBr69mGHIIfSempL
aQWxpILI87CcioD/vn8SypXTq1YlRhGTTCltp37XCCI6wxu86AF78VN0yu9AtC/H
y3qdOcq0OGkF3gqoEmCJDAEfedi2+MyTK/BMDKzfD7N0LR6Au1wfwUj5NlRAcsFc
wGIb/bQjFBXWessZ2AMezGTnt9KG+Lv0kXvYbE31OWlWgu5nrm3Ingg5BRq88swr
KRkg7iH8XU/VPDIZ/mYPsoZVzObmymlCA9e6LOWJG7IMKIkjmp8pzZWswwIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFJw/PxREAA3dd0ZJfV2RHshTGOPcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbkQ4X0ZFUUFEZDEzUmtsOVhaRWV5Rk1ZNDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAMB8sgMEAMB8tgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
yAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQA
wld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzokAwQAwzo2AwQBwzo6AwQBwzo+AwQA
w4UAAwQBw4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQAw4XCAwQA1MDxMA0G
CSqGSIb3DQEBCwUAA4IBAQAZwryxIZJ6RrEwdlIxIN4E05ls9ThyRp0RXlHDkmHO
muRcfFYa1P3++u3WjGZBH2ruyBGTDqTd1/pzm+djtSHAJgnHYd6WjLydlzjPSD7D
xINJ9KpjOHK9HCsllF2rXuao9AMQNFOHMlUGzsvwm0+LAjpbpk2ITJtxEtqfETi/
do5lNb43pqXxjz0TRD3P+jsLtYHM1ULcsXfg7+2ewnXHswrzeAxX+BXt4y3bhG+c
BH4ucWouV83cGii9Hg2ZzKuRN8EtxTCSPTRgrvQkmC/iGqlFaEMx/jwMVN9AQUe/
VN0VpLGXNCcw0gMfMYmgCibaaRDvi8NJbxDUXSViLhRV
-----END CERTIFICATE-----
Generated at Wed Aug 2 09:49:44 2023 by rpki-client on console-fra.rpki-client.org