Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nnZq52KlYxmpbW-uc7YUyQuUL7U.roa
File: nnZq52KlYxmpbW-uc7YUyQuUL7U.roa (raw, json)
Hash identifier: 1U2Zdrqz/P5cJgOHG8UeVfP7jnJS38AumFMMSfV/amE=
Subject key identifier: 9E:76:6A:E7:62:A5:63:19:A9:6D:6F:AE:73:B6:14:C9:0B:94:2F:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B7B8ED870D442029423FD594B0313EA95
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nnZq52KlYxmpbW-uc7YUyQuUL7U.roa
Signing time: Sun 29 Oct 2023 13:10:40 +0000
ROA not before: Sun 29 Oct 2023 13:10:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 11:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7b:8e:d8:70:d4:42:02:94:23:fd:59:4b:03:13:ea:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 29 13:10:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e766ae762a56319a96d6fae73b614c90b942fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:00:c0:ca:cd:4d:93:c5:dd:94:7e:52:49:56:
ef:6e:46:88:91:38:1d:f5:35:f6:4e:b8:c1:1e:33:
16:45:d6:15:21:72:fc:76:48:32:2a:e4:51:30:94:
c0:de:b5:b0:16:60:d2:52:9e:32:9a:94:15:d7:b4:
01:56:97:4f:2a:f9:55:5f:e1:4a:5f:43:b7:18:46:
ba:04:3d:ab:3d:08:d0:72:0a:7d:ad:31:0f:a8:f9:
69:12:eb:33:be:86:7b:da:7a:13:78:62:29:27:23:
eb:54:89:2f:f0:b4:a4:43:48:77:63:a5:e9:30:75:
06:02:24:38:08:2c:62:10:39:43:b2:0c:49:3c:7b:
b5:97:51:f2:5c:e2:00:a4:7e:ea:21:1e:f4:83:59:
96:61:28:28:32:94:f2:3e:cd:22:42:84:44:8d:a4:
a1:cd:59:49:05:b6:aa:f8:62:4d:69:4a:0c:68:80:
94:c8:29:ff:26:91:c3:d8:36:d4:47:99:22:fd:8e:
72:81:62:d0:2a:4a:b1:db:2f:d2:8a:24:aa:9f:99:
ee:62:76:e2:a8:76:88:9e:18:e6:d4:4f:30:10:e6:
c1:5a:21:55:f6:f9:8e:cf:e9:8c:34:be:83:90:01:
85:df:78:a6:76:65:0b:4f:d2:d6:94:c1:d0:17:89:
89:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:76:6A:E7:62:A5:63:19:A9:6D:6F:AE:73:B6:14:C9:0B:94:2F:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nnZq52KlYxmpbW-uc7YUyQuUL7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.35.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
09:bf:0a:8a:da:cf:f0:d3:df:e8:a8:23:14:8e:fd:70:86:48:
9f:80:97:30:fd:e0:bf:30:91:1a:1f:1a:5e:b7:94:6f:a8:ad:
b7:bf:3c:41:e4:26:76:00:e1:90:05:81:0d:57:39:33:5c:04:
ff:b2:bc:f0:91:aa:47:4f:14:8f:57:99:e1:11:b4:b4:1a:ce:
2b:40:20:48:80:c9:49:05:bb:0c:1a:0e:fb:25:2e:29:e6:8b:
f4:e1:b3:4d:37:36:5d:27:0a:6f:fe:a9:dc:5c:b7:d2:7e:ac:
e1:8b:f6:ec:09:b4:5c:86:17:db:af:17:38:e6:08:1d:d7:60:
ce:d3:8a:b9:10:97:80:f3:95:43:92:70:e4:5c:d8:d2:75:14:
61:9b:26:15:b7:80:4d:d0:2f:22:e9:18:9c:63:6e:f8:d6:25:
72:03:a2:eb:51:8d:0c:dd:ad:e8:af:3c:b3:53:93:b4:49:6c:
93:aa:f6:37:1b:f6:06:2d:db:5d:0e:c1:f5:08:3a:a5:17:ca:
b6:83:90:8e:36:60:09:80:be:f1:57:e9:0e:fd:72:da:8d:89:
a3:d6:96:47:95:26:4b:5b:6e:00:46:c0:91:ab:f5:f6:52:c9:
3f:34:fd:29:c9:d1:a5:bb:01:45:ec:25:1d:2d:ff:ec:ea:e4:
46:1c:a7:83
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYt7jthw1EIClCP9WUsDE+qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI5MTMxMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc2NmFlNzYyYTU2MzE5YTk2ZDZmYWU3M2I2MTRjOTBiOTQyZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQDAys1Nk8XdlH5SSVbvbkaIkTgd
9TX2TrjBHjMWRdYVIXL8dkgyKuRRMJTA3rWwFmDSUp4ympQV17QBVpdPKvlVX+FK
X0O3GEa6BD2rPQjQcgp9rTEPqPlpEuszvoZ72noTeGIpJyPrVIkv8LSkQ0h3Y6Xp
MHUGAiQ4CCxiEDlDsgxJPHu1l1HyXOIApH7qIR70g1mWYSgoMpTyPs0iQoREjaSh
zVlJBbaq+GJNaUoMaICUyCn/JpHD2DbUR5ki/Y5ygWLQKkqx2y/SiiSqn5nuYnbi
qHaInhjm1E8wEObBWiFV9vmOz+mMNL6DkAGF33imdmULT9LWlMHQF4mJiQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFJ52audipWMZqW1vrnO2FMkLlC+1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbm5acTUyS2xZeG1wYlctdWM3WVV5UXVVTDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAMB8sgMEAMB8tQMEAMB8vQMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQA
wleDMAwDBADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV74DBADCV8gD
BADCV94DBADDOiMDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4DBAHDhSgD
BADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEBAAm/Coraz/DT3+io
IxSO/XCGSJ+AlzD94L8wkRofGl63lG+orbe/PEHkJnYA4ZAFgQ1XOTNcBP+yvPCR
qkdPFI9XmeERtLQazitAIEiAyUkFuwwaDvslLinmi/Ths003Nl0nCm/+qdxct9J+
rOGL9uwJtFyGF9uvFzjmCB3XYM7TirkQl4DzlUOScORc2NJ1FGGbJhW3gE3QLyLp
GJxjbvjWJXIDoutRjQzdreivPLNTk7RJbJOq9jcb9gYt210OwfUIOqUXyraDkI42
YAmAvvFX6Q79ctqNiaPWlkeVJktbbgBGwJGr9fZSyT80/SnJ0aW7AUXsJR0t/+zq
5EYcp4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org