Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nEB1vt1yBxl14lRLhPIIZMFYayc.roa
File: nEB1vt1yBxl14lRLhPIIZMFYayc.roa (raw, json)
Hash identifier: tAk8lQYX38aYV4FEMMefu3cq+qvv8S4FtNxkHYB1Vik=
Subject key identifier: 9C:40:75:BE:DD:72:07:19:75:E2:54:4B:84:F2:08:64:C1:58:6B:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A6FC85C7B5117AC534CCC17C616B8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nEB1vt1yBxl14lRLhPIIZMFYayc.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
212.193.5.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 15:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6f:c8:5c:7b:51:17:ac:53:4c:cc:17:c6:16:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4075bedd72071975e2544b84f20864c1586b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:ce:75:70:55:58:dc:13:f0:31:f8:26:a3:
c2:95:f9:d2:4a:59:fd:f7:94:d6:84:b7:77:64:c9:
41:ec:44:76:8b:05:f0:e1:fb:15:86:db:20:06:00:
a3:07:3b:59:19:b4:22:00:1a:ca:43:5f:25:2c:80:
5f:85:42:4d:16:41:32:48:b4:c6:30:42:57:d5:66:
e2:d3:7e:7b:8d:de:f4:9e:59:cc:98:05:51:35:62:
3c:5f:b5:a9:ed:1e:f8:cd:f8:9a:4d:77:d9:4f:b4:
6c:b3:8c:a3:b6:fe:fc:bc:50:f6:f0:99:ff:26:43:
83:c9:a7:3f:eb:dc:bf:89:11:ef:e6:88:54:1f:a1:
62:9e:10:d9:4c:d3:42:64:53:87:2c:b0:01:10:2d:
b5:96:a2:92:e1:d7:64:fb:81:0e:07:10:79:c4:1f:
59:9f:93:79:73:74:1d:17:0b:6f:95:81:47:83:a1:
08:d5:11:7a:11:3d:1d:42:6e:d4:e4:dc:ca:97:15:
c1:47:b5:57:34:2f:ee:f6:03:08:4d:f6:b0:eb:10:
26:24:7b:0a:64:09:5c:8d:88:c0:82:b7:9a:ce:ef:
26:46:d2:e0:54:8d:58:ff:9b:58:42:06:4e:ab:69:
de:75:e9:91:bf:15:46:12:0c:ce:18:6b:ff:1d:4a:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:40:75:BE:DD:72:07:19:75:E2:54:4B:84:F2:08:64:C1:58:6B:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nEB1vt1yBxl14lRLhPIIZMFYayc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
195.133.194.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
41:cc:dc:48:23:6d:20:ed:fd:ae:c7:71:cd:a8:96:cd:75:de:
49:57:34:88:d1:b6:1d:89:df:99:3a:cc:6b:4e:04:57:f6:c0:
81:98:2b:88:7f:3d:a5:58:07:ed:22:b1:2c:66:02:52:0e:5c:
5e:d6:57:d4:ae:12:66:5c:85:4c:12:7b:44:b0:bf:9c:9e:ec:
7f:6b:1c:69:c6:39:7e:92:45:bf:23:33:f4:91:fe:2d:f8:45:
f4:f0:b4:9c:84:5d:43:82:7d:59:fd:1e:12:43:10:b1:3c:b3:
78:cb:e2:38:0b:01:3a:49:e0:92:97:bb:d8:d9:e4:44:b3:8e:
d6:ae:58:f6:0d:a7:2a:99:85:50:37:45:1b:d8:63:4a:83:ed:
8f:e5:5e:19:1b:81:fe:c8:a6:5c:80:4d:30:dd:05:cf:83:e3:
89:25:ca:fc:3a:98:3a:61:a0:66:28:ab:c8:18:90:cd:42:e2:
00:1c:c7:a8:41:ec:98:58:92:e6:7e:bb:fa:3e:cc:c9:26:6c:
28:17:e1:89:fa:91:e0:0b:25:72:8f:ac:71:17:fd:55:20:a6:
00:24:6a:fc:23:47:e4:f4:bc:7f:c0:fd:d9:08:f9:17:ae:cb:
a3:57:bb:96:79:b3:ee:00:a4:b4:61:55:cf:25:56:a6:77:67:
e8:c9:32:d2
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYzKKm/IXHtRF6xTTMwXxha4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQwNzViZWRkNzIwNzE5NzVlMjU0NGI4NGYyMDg2NGMxNTg2YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9bOdXBVWNwT8DH4JqPClfnSSln9
95TWhLd3ZMlB7ER2iwXw4fsVhtsgBgCjBztZGbQiABrKQ18lLIBfhUJNFkEySLTG
MEJX1Wbi0357jd70nlnMmAVRNWI8X7Wp7R74zfiaTXfZT7Rss4yjtv78vFD28Jn/
JkODyac/69y/iRHv5ohUH6FinhDZTNNCZFOHLLABEC21lqKS4ddk+4EOBxB5xB9Z
n5N5c3QdFwtvlYFHg6EI1RF6ET0dQm7U5NzKlxXBR7VXNC/u9gMITfaw6xAmJHsK
ZAlcjYjAgreazu8mRtLgVI1Y/5tYQgZOq2nedemRvxVGEgzOGGv/HUqq+wIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFJxAdb7dcgcZdeJUS4TyCGTBWGsnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbkVCMXZ0MXlCeGwxNGxSTGhQSUlaTUZZYXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAMEAcM6OgME
AcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEAMOFwgMEANTBBTANBgkqhkiG
9w0BAQsFAAOCAQEAQczcSCNtIO39rsdxzaiWzXXeSVc0iNG2HYnfmTrMa04EV/bA
gZgriH89pVgH7SKxLGYCUg5cXtZX1K4SZlyFTBJ7RLC/nJ7sf2scacY5fpJFvyMz
9JH+LfhF9PC0nIRdQ4J9Wf0eEkMQsTyzeMviOAsBOkngkpe72NnkRLOO1q5Y9g2n
KpmFUDdFG9hjSoPtj+VeGRuB/simXIBNMN0Fz4PjiSXK/DqYOmGgZiiryBiQzULi
ABzHqEHsmFiS5n67+j7MySZsKBfhifqR4Aslco+scRf9VSCmACRq/CNH5PS8f8D9
2Qj5F67Lo1e7lnmz7gCktGFVzyVWpndn6Mky0g==
-----END CERTIFICATE-----
Generated at Fri Jan 12 19:58:26 2024 by rpki-client on console-fra.rpki-client.org