Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sErGzzlAiy3YEBzuGG9x5lKdWFA.roa
File: sErGzzlAiy3YEBzuGG9x5lKdWFA.roa (raw, json)
Hash identifier: Lxub/44eedZe6BhVPO0I3vttjw8+O+N5EkdCtBanNdY=
Subject key identifier: B0:4A:C6:CF:39:40:8B:2D:D8:10:1C:EE:18:6F:71:E6:52:9D:58:50
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B135610E249373A461050802214A09E9F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sErGzzlAiy3YEBzuGG9x5lKdWFA.roa
Signing time: Mon 09 Oct 2023 07:28:09 +0000
ROA not before: Mon 09 Oct 2023 07:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:56:10:e2:49:37:3a:46:10:50:80:22:14:a0:9e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 07:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b04ac6cf39408b2dd8101cee186f71e6529d5850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:82:30:fd:6f:f3:9a:d4:94:24:d5:a1:27:a1:
7a:35:20:14:75:d5:f3:e0:b0:02:6f:74:6e:22:55:
c6:1d:b5:94:da:e0:6b:83:8b:e8:a7:01:b3:ab:c8:
4d:17:d1:55:dd:b3:bb:40:a3:45:bb:f2:d3:c6:e2:
d0:66:11:57:61:bf:d4:8e:29:7c:05:19:78:6e:c0:
91:bc:fc:ad:f4:25:85:46:02:84:7e:bb:f0:d6:4f:
29:2c:bf:ba:a9:09:58:e9:44:1d:ea:6a:7b:6a:1c:
a0:10:61:d9:21:29:6b:9c:58:6d:9d:74:17:e4:bf:
b5:35:f2:ac:03:8f:a3:88:da:f8:90:be:0d:2d:f4:
fd:47:71:6b:07:e7:f1:13:c0:04:83:5b:30:1f:1e:
7c:0f:7e:84:ad:f4:19:27:2a:3c:dc:16:0e:a9:99:
42:1a:1b:ba:bb:80:33:cf:e9:50:e1:6f:3b:04:4f:
49:f7:3f:f0:59:b6:53:66:77:8c:75:e5:28:4b:e1:
1c:a8:af:20:4e:3f:a3:35:35:25:1b:58:b6:f1:f0:
32:52:8a:c3:53:3a:5f:26:14:b2:dc:4a:dd:93:c7:
d3:80:fa:da:d4:97:93:38:3e:77:fa:87:49:ff:b1:
79:13:1f:09:fc:04:f0:3d:ab:d6:7e:75:ec:e4:7e:
9b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4A:C6:CF:39:40:8B:2D:D8:10:1C:EE:18:6F:71:E6:52:9D:58:50
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sErGzzlAiy3YEBzuGG9x5lKdWFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
194.135.18.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.37.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
83:6e:dd:20:61:b6:24:1f:66:fb:13:26:a1:c0:7b:de:17:03:
bf:dc:15:38:95:ba:f0:f6:be:6b:60:40:0e:a8:43:7d:24:ea:
a5:56:63:b5:66:33:1f:a5:4e:86:ab:4d:72:cf:2d:32:e3:57:
8d:78:d0:fa:84:31:78:ad:16:d5:57:e3:80:48:da:f3:d2:be:
38:d3:21:f8:95:7f:8f:03:0a:1c:a9:65:29:ca:c4:cf:96:fc:
23:5e:5a:bb:8e:93:4b:46:c4:19:fd:c2:57:77:0e:35:35:10:
89:19:25:6f:76:58:2e:00:6a:3a:5e:65:f2:28:ca:46:07:0d:
84:78:a2:33:9e:0d:94:42:65:7a:b0:57:fa:8e:52:d2:00:65:
8f:1f:bc:6b:66:bf:1a:92:0d:79:86:42:94:f5:be:f7:9f:e5:
e7:37:8f:79:fe:4a:a1:c3:85:e5:2a:7d:fd:71:63:cf:6c:8b:
74:16:59:23:b8:09:e7:b4:ea:22:3d:74:a8:07:63:a9:eb:a3:
a3:dc:d2:5e:78:01:ef:d0:0c:c0:0a:17:ec:49:67:92:f5:59:
d5:82:21:b1:7d:6f:0d:4c:b8:a6:a4:99:0a:30:67:4e:95:14:
cd:20:00:bc:6b:e7:f6:3c:2e:89:27:15:e3:6e:ba:62:1c:02:
a6:a6:a2:ac
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYsTVhDiSTc6RhBQgCIUoJ6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MDcyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRhYzZjZjM5NDA4YjJkZDgxMDFjZWUxODZmNzFlNjUyOWQ1ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YIw/W/zmtSUJNWhJ6F6NSAUddXz
4LACb3RuIlXGHbWU2uBrg4vopwGzq8hNF9FV3bO7QKNFu/LTxuLQZhFXYb/Ujil8
BRl4bsCRvPyt9CWFRgKEfrvw1k8pLL+6qQlY6UQd6mp7ahygEGHZISlrnFhtnXQX
5L+1NfKsA4+jiNr4kL4NLfT9R3FrB+fxE8AEg1swHx58D36ErfQZJyo83BYOqZlC
Ghu6u4Azz+lQ4W87BE9J9z/wWbZTZneMdeUoS+EcqK8gTj+jNTUlG1i28fAyUorD
UzpfJhSy3Erdk8fTgPra1JeTOD53+odJ/7F5Ex8J/ATwPavWfnXs5H6b4wIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFLBKxs85QIst2BAc7hhvceZSnVhQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc0VyR3p6bEFpeTNZRUJ6dUdHOXg1bEtkV0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQAwleDMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADChxIwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOF
BgMEAMOFHgMEAMOFJQMEAcOFKAMEAMOFSQMEAcOFVAMEANTA1jANBgkqhkiG9w0B
AQsFAAOCAQEAg27dIGG2JB9m+xMmocB73hcDv9wVOJW68Pa+a2BADqhDfSTqpVZj
tWYzH6VOhqtNcs8tMuNXjXjQ+oQxeK0W1VfjgEja89K+ONMh+JV/jwMKHKllKcrE
z5b8I15au46TS0bEGf3CV3cONTUQiRklb3ZYLgBqOl5l8ijKRgcNhHiiM54NlEJl
erBX+o5S0gBljx+8a2a/GpINeYZClPW+95/l5zePef5KocOF5Sp9/XFjz2yLdBZZ
I7gJ57TqIj10qAdjqeujo9zSXngB79AMwAoX7ElnkvVZ1YIhsX1vDUy4pqSZCjBn
TpUUzSAAvGvn9jwuiScV4266YhwCpqairA==
-----END CERTIFICATE-----
Generated at Mon Oct 9 13:34:28 2023 by rpki-client on console-ams.rpki-client.org