Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oJNjafz6ZKLe3HYV7eBATmpkTbs.roa
File: oJNjafz6ZKLe3HYV7eBATmpkTbs.roa (raw, json)
Hash identifier: JXFz4Et7pdCFGGqT3/xMD1l+D2RPGJg1oE+LWs7DjwI=
Subject key identifier: A0:93:63:69:FC:FA:64:A2:DE:DC:76:15:ED:E0:40:4E:6A:64:4D:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A2C392E7E0EA436C293AEFE4E446E337E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oJNjafz6ZKLe3HYV7eBATmpkTbs.roa
Signing time: Fri 25 Aug 2023 10:24:19 +0000
ROA not before: Fri 25 Aug 2023 10:24:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Aug 2023 10:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:39:2e:7e:0e:a4:36:c2:93:ae:fe:4e:44:6e:33:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 25 10:24:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0936369fcfa64a2dedc7615ede0404e6a644dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:04:5d:63:28:a7:50:34:54:f6:80:db:9f:
9c:c6:5a:04:b7:b6:15:31:3e:f9:88:f5:b5:c0:1c:
1f:df:e6:24:83:ef:9e:71:57:d5:c7:2b:69:07:0d:
06:4d:8f:da:85:09:87:2d:d1:7f:c6:6b:11:51:27:
37:a2:41:a5:d7:0f:31:86:1b:a9:29:8f:9c:a0:3e:
5f:a4:16:33:c0:16:b1:91:ee:06:f9:98:fb:88:10:
0c:75:7c:29:a4:c6:63:15:08:fc:3c:ad:ba:00:b1:
41:b4:25:e0:77:40:11:76:ad:63:2d:59:5e:ed:bd:
9b:ea:16:67:a3:f6:40:fe:d7:4e:fb:1c:08:06:dd:
27:92:50:8f:e3:af:fb:d1:2c:dc:95:7e:9d:d9:84:
93:f5:a7:6e:35:f7:6b:1d:fe:32:58:43:71:8d:e0:
0a:09:3d:3e:d2:eb:5e:22:de:7d:81:12:42:22:98:
4b:76:7d:45:48:16:8f:e2:a3:36:d5:0d:28:cc:f5:
c5:72:a3:64:86:9a:24:09:06:61:c6:a7:06:c7:bf:
da:6b:ad:b5:65:ea:93:b5:9b:0a:01:10:0c:b1:be:
77:79:2d:2e:4f:46:05:f2:27:a9:d2:29:43:9e:b3:
d1:3a:4a:92:a7:bf:dc:df:71:43:3f:62:00:2f:f7:
64:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:93:63:69:FC:FA:64:A2:DE:DC:76:15:ED:E0:40:4E:6A:64:4D:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/oJNjafz6ZKLe3HYV7eBATmpkTbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/24
194.87.134.0/23
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.73.0/24
195.133.84.0/23
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
98:a5:be:58:de:0b:cd:2f:8e:31:1b:05:93:5d:2b:72:b5:29:
41:a2:21:34:8f:b0:a8:b7:20:43:20:c6:b5:94:6d:73:b5:58:
c8:e7:73:7e:54:f9:93:2d:7f:14:8f:66:c1:de:98:09:cb:0c:
a9:19:52:14:3b:35:f3:9e:d1:99:0e:0b:90:e2:50:67:70:9e:
c6:7c:46:83:77:bd:8d:0a:11:9f:76:e6:a0:34:2b:ac:c5:8f:
61:a4:b5:be:aa:ed:ac:16:d8:1f:fb:27:89:6a:80:49:e6:f9:
14:90:b4:c0:94:51:c9:0e:19:ee:68:33:a8:e6:37:97:22:a3:
64:b3:1e:fd:dd:98:74:45:b4:ea:62:86:b8:76:70:c2:05:9b:
0d:64:3f:b1:88:dd:94:1d:ec:e0:ef:0c:0f:b4:b3:cc:6f:a3:
d5:b6:f3:34:56:56:79:af:ee:9a:c6:84:ed:06:e8:f0:68:b7:
28:c4:e5:9f:aa:03:05:85:8e:27:5b:80:fa:9f:6f:ac:78:4f:
77:ae:b7:13:0e:c0:6a:14:76:9b:85:1c:09:cd:67:1f:fd:3e:
9f:32:e8:ae:de:64:15:02:c6:53:b4:55:b5:33:96:e3:70:46:
93:79:1a:89:82:64:39:a8:16:b0:c7:43:b0:15:ba:a2:af:79:
e2:b7:88:18
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYosOS5+DqQ2wpOu/k5EbjN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI1MTAyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzNjM2OWZjZmE2NGEyZGVkYzc2MTVlZGUwNDA0ZTZhNjQ0ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptkEXWMop1A0VPaA25+cxloEt7YV
MT75iPW1wBwf3+Ykg++ecVfVxytpBw0GTY/ahQmHLdF/xmsRUSc3okGl1w8xhhup
KY+coD5fpBYzwBaxke4G+Zj7iBAMdXwppMZjFQj8PK26ALFBtCXgd0ARdq1jLVle
7b2b6hZno/ZA/tdO+xwIBt0nklCP46/70SzclX6d2YST9aduNfdrHf4yWENxjeAK
CT0+0uteIt59gRJCIphLdn1FSBaP4qM21Q0ozPXFcqNkhpokCQZhxqcGx7/aa621
ZeqTtZsKARAMsb53eS0uT0YF8iep0ilDnrPROkqSp7/c33FDP2IAL/dkOwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFKCTY2n8+mSi3tx2Fe3gQE5qZE27MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb0pOamFmejZaS0xlM0hZVjdlQkFUbXBrVGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBADA
fLIDBADBfBADBADBfFADBADBfIUDBADBfMgDBADCOi8DBADCOpoDBADCVwEwDAME
AMJXCwMEAMJXDAMEAsJXGAMEAMJXKAMEAMJXOAMEAMJXSQMEAMJXUwMEAMJXbAME
AcJXcgMEAMJXegMEAMJXfAMEAMJXggMEAcJXhgMEAMJXlwMEAMJXqAMEAMJXswME
AMJXvgMEAMJXyAMEAMJX3gMEAMM6JAMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAME
AcOFBgMEAMOFHgMEAMOFSQMEAcOFVAMEANTA8TANBgkqhkiG9w0BAQsFAAOCAQEA
mKW+WN4LzS+OMRsFk10rcrUpQaIhNI+wqLcgQyDGtZRtc7VYyOdzflT5ky1/FI9m
wd6YCcsMqRlSFDs1857RmQ4LkOJQZ3CexnxGg3e9jQoRn3bmoDQrrMWPYaS1vqrt
rBbYH/sniWqASeb5FJC0wJRRyQ4Z7mgzqOY3lyKjZLMe/d2YdEW06mKGuHZwwgWb
DWQ/sYjdlB3s4O8MD7SzzG+j1bbzNFZWea/umsaE7Qbo8Gi3KMTln6oDBYWOJ1uA
+p9vrHhPd663Ew7AahR2m4UcCc1nH/0+nzLort5kFQLGU7RVtTOW43BGk3kaiYJk
OagWsMdDsBW6oq954reIGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:46 2024 by rpki-client on console-ams.rpki-client.org