Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh0b5wGmhEccil7Qp6rI33bhC7w.roa
File: wh0b5wGmhEccil7Qp6rI33bhC7w.roa (raw, json)
Hash identifier: jJIyTBy5K5djmASougxHSD8S0RcE5biYd1/gph/hGEE=
Subject key identifier: C2:1D:1B:E7:01:A6:84:47:1C:8A:5E:D0:A7:AA:C8:DF:76:E1:0B:BC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01898710B7C1B55C49AE81A028571E2130A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh0b5wGmhEccil7Qp6rI33bhC7w.roa
Signing time: Mon 24 Jul 2023 08:42:47 +0000
ROA not before: Mon 24 Jul 2023 08:42:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 08:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:10:b7:c1:b5:5c:49:ae:81:a0:28:57:1e:21:30:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 24 08:42:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c21d1be701a684471c8a5ed0a7aac8df76e10bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7c:2b:3d:8c:eb:92:d6:53:b0:ec:ed:7d:53:
1b:d0:74:02:db:3b:ed:84:ac:02:b2:4f:e3:ba:e2:
ac:75:08:13:2e:4c:15:c8:1a:23:5d:59:bc:61:0d:
cb:07:38:4e:96:a3:9f:b2:84:30:44:9f:2a:86:44:
79:2b:5d:94:29:3e:d5:de:2a:df:15:58:00:ba:4a:
41:02:06:7a:7a:ad:47:e6:21:e9:94:1e:f6:9d:71:
12:28:9e:3e:2e:f5:ea:75:33:53:ee:3b:6f:4f:3a:
6d:36:0f:40:a6:d9:04:19:20:ee:f5:c8:80:84:05:
ad:76:32:d7:88:33:59:4b:76:a1:e6:fa:39:58:12:
fa:00:28:5b:9e:d8:97:8b:83:34:de:15:46:66:03:
4e:fb:b6:2b:e1:c2:a0:6b:7b:2e:55:95:06:e3:b8:
f3:f4:e1:ce:f8:4a:c3:4f:32:6a:9b:36:93:59:45:
1e:2c:e5:40:2e:9d:69:ce:ce:bb:75:c3:45:5b:fe:
d7:4d:65:4a:f3:32:49:e4:85:39:a8:13:d0:1f:e1:
b5:c8:11:fe:ab:3e:a6:06:49:31:06:59:8b:23:93:
9a:e2:e4:c7:67:54:86:2c:c0:9d:25:21:b6:ce:fb:
93:97:50:ff:4c:bb:e5:52:26:b8:8e:4a:d9:64:74:
a1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1D:1B:E7:01:A6:84:47:1C:8A:5E:D0:A7:AA:C8:DF:76:E1:0B:BC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wh0b5wGmhEccil7Qp6rI33bhC7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.182.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/23
212.192.241.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
75:b2:4f:23:16:ce:66:61:b1:95:8c:6e:63:5b:ce:9d:71:86:
12:57:83:87:48:55:b4:b3:16:65:1a:b6:e5:6e:a6:4c:5f:37:
38:3d:67:29:7e:8e:b2:2a:47:24:2c:98:e8:79:c5:2a:16:00:
8a:c2:3c:e1:e8:9d:89:52:4a:6e:8d:c0:26:38:3b:51:e5:d8:
c5:65:fc:04:19:09:12:a6:06:50:a8:65:f0:40:77:e1:c3:66:
33:a1:2d:59:4f:f9:3d:00:a1:ff:29:a4:cb:34:4a:af:92:d2:
50:92:63:dd:28:d0:7b:f1:4d:8b:85:d5:53:3e:92:c9:04:6a:
3f:f3:6f:3b:d6:41:f2:55:c5:13:a4:ed:b0:f3:98:65:4c:dd:
9a:d7:b1:51:1f:fe:59:70:3f:7d:79:de:ab:89:ab:c4:ae:8e:
1f:d1:ba:7f:cc:8b:ee:70:be:96:b3:dd:57:5a:d9:79:9e:dd:
fa:5b:10:09:29:77:61:88:90:f8:1a:30:bc:cc:fe:ec:a0:ea:
ba:4f:49:70:f3:ec:df:24:0e:a7:19:1a:91:27:aa:ce:77:3d:
de:9f:b6:76:39:be:68:70:a8:fe:66:ff:55:86:af:6b:80:e5:
40:04:26:1f:72:12:ca:34:a5:00:59:07:5f:40:ff:05:2c:40:
a9:e2:60:e5
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAYmHELfBtVxJroGgKFceITCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI0MDg0MjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFkMWJlNzAxYTY4NDQ3MWM4YTVlZDBhN2FhYzhkZjc2ZTEwYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHwrPYzrktZTsOztfVMb0HQC2zvt
hKwCsk/juuKsdQgTLkwVyBojXVm8YQ3LBzhOlqOfsoQwRJ8qhkR5K12UKT7V3irf
FVgAukpBAgZ6eq1H5iHplB72nXESKJ4+LvXqdTNT7jtvTzptNg9AptkEGSDu9ciA
hAWtdjLXiDNZS3ah5vo5WBL6AChbntiXi4M03hVGZgNO+7Yr4cKga3suVZUG47jz
9OHO+ErDTzJqmzaTWUUeLOVALp1pzs67dcNFW/7XTWVK8zJJ5IU5qBPQH+G1yBH+
qz6mBkkxBlmLI5Oa4uTHZ1SGLMCdJSG2zvuTl1D/TLvlUia4jkrZZHSheQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFMIdG+cBpoRHHIpe0KeqyN924Qu8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd2gwYjV3R21oRWNjaWw3UXA2ckkzM2JoQzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAMB8sgMEAMB8tgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8
yAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXATAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQA
wld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQBw4XCAwQA1MDxAwQC1MD4MA0G
CSqGSIb3DQEBCwUAA4IBAQB1sk8jFs5mYbGVjG5jW86dcYYSV4OHSFW0sxZlGrbl
bqZMXzc4PWcpfo6yKkckLJjoecUqFgCKwjzh6J2JUkpujcAmODtR5djFZfwEGQkS
pgZQqGXwQHfhw2YzoS1ZT/k9AKH/KaTLNEqvktJQkmPdKNB78U2LhdVTPpLJBGo/
82871kHyVcUTpO2w85hlTN2a17FRH/5ZcD99ed6riavEro4f0bp/zIvucL6Ws91X
Wtl5nt36WxAJKXdhiJD4GjC8zP7soOq6T0lw8+zfJA6nGRqRJ6rOdz3en7Z2Ob5o
cKj+Zv9Vhq9rgOVABCYfchLKNKUAWQdfQP8FLECp4mDl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org