Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCnkhw-8ArvXMUFpZo85BQ79J6k.roa
File: yCnkhw-8ArvXMUFpZo85BQ79J6k.roa (raw, json)
Hash identifier: 0R6LNr0BEYkabE7gTwmt8t+rcwqaJmlVzO/Sem/M2iI=
Subject key identifier: C8:29:E4:87:0F:BC:02:BB:D7:31:41:69:66:8F:39:05:0E:FD:27:A9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A833E4BC42772DDCBDC92769B78B8D16C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCnkhw-8ArvXMUFpZo85BQ79J6k.roa
Signing time: Mon 11 Sep 2023 07:56:52 +0000
ROA not before: Mon 11 Sep 2023 07:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:3e:4b:c4:27:72:dd:cb:dc:92:76:9b:78:b8:d1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 11 07:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c829e4870fbc02bbd7314169668f39050efd27a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:55:17:97:17:82:7c:59:30:f7:12:de:c7:
f8:61:32:e3:e2:b9:71:3c:86:8e:9b:1e:73:18:34:
e2:6f:de:6d:e1:b4:10:9e:b9:3a:d1:21:5f:61:ae:
31:0b:71:cc:04:6d:e3:50:e6:96:8d:bf:8c:33:ed:
9d:ab:c5:bd:b9:e7:35:35:48:20:ee:60:59:d3:83:
32:01:0e:9f:ce:1b:fc:ef:ae:67:ce:84:2f:54:cf:
88:28:06:96:0a:45:60:7b:06:e9:44:0e:e1:1d:eb:
2a:01:7e:e7:cb:6d:9a:7f:07:5f:62:c8:e6:ba:b0:
92:14:e5:00:5d:c4:e0:40:f9:6e:36:39:e2:57:8a:
38:48:a2:a7:19:d2:94:76:fd:9b:bc:4a:de:af:0b:
3f:69:ad:60:52:18:9f:a1:2b:ea:4b:9e:78:72:10:
ce:d9:6c:fb:a5:f0:25:c8:57:73:c8:c2:df:f9:a0:
d5:c0:bd:51:b6:4a:fa:32:7b:55:a5:c4:f4:79:1c:
cb:73:b6:a3:01:24:aa:13:18:4f:3c:ef:2b:9f:f4:
06:82:18:47:14:8a:a2:62:dc:eb:e7:14:e5:f8:cf:
a7:e2:23:6e:1e:69:bc:3e:49:f2:bd:40:eb:67:38:
c2:af:d5:fb:0e:f3:ce:24:1b:cb:90:e8:32:46:58:
50:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:29:E4:87:0F:BC:02:BB:D7:31:41:69:66:8F:39:05:0E:FD:27:A9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yCnkhw-8ArvXMUFpZo85BQ79J6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
192.124.209.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.21.0/24
194.87.26.0/23
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
61:02:fe:5a:79:f8:84:18:1b:bc:67:b0:c5:56:1e:23:1e:44:
7c:1a:1a:09:f0:0d:bf:d6:1b:82:09:a8:67:58:dc:8e:1a:fe:
67:0a:b1:9f:c4:68:e0:6d:e7:21:b8:4f:f6:0b:29:6f:3f:29:
61:0c:5e:cc:67:c6:06:fe:dd:f8:ce:78:5e:24:0f:23:66:94:
fb:01:2a:ef:f4:56:df:57:b3:53:5e:69:ac:d7:57:5d:ec:92:
e3:70:b1:63:f4:21:d3:dc:16:4e:d3:af:81:3f:37:4d:23:ef:
ab:53:9c:51:32:30:51:11:d7:67:f1:4a:0f:c7:f1:0c:b5:ab:
7c:6d:5c:77:a4:a5:3b:69:6b:e7:d6:56:e1:79:b2:e2:66:39:
72:ce:bf:e7:32:a5:42:6d:9f:b8:8e:98:22:69:a0:86:f3:fc:
ee:bf:51:b4:06:a7:77:27:ab:35:2e:2b:22:3d:57:f1:50:cf:
56:c1:54:3a:92:92:2e:b1:ce:5d:79:ba:24:1b:02:d7:ff:07:
2c:6d:23:eb:82:2a:e7:76:68:85:78:cc:d0:f1:3e:84:41:bb:
51:93:55:83:1a:e6:80:32:f6:44:b6:4a:f9:cb:55:42:04:4f:
b4:e0:36:ad:cb:a4:8b:37:5a:16:99:47:ae:e0:b2:dd:b4:ed:
68:1a:3c:65
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYqDPkvEJ3Ldy9ySdpt4uNFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTExMDc1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI5ZTQ4NzBmYmMwMmJiZDczMTQxNjk2NjhmMzkwNTBlZmQyN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdtVF5cXgnxZMPcS3sf4YTLj4rlx
PIaOmx5zGDTib95t4bQQnrk60SFfYa4xC3HMBG3jUOaWjb+MM+2dq8W9uec1NUgg
7mBZ04MyAQ6fzhv8765nzoQvVM+IKAaWCkVgewbpRA7hHesqAX7ny22afwdfYsjm
urCSFOUAXcTgQPluNjniV4o4SKKnGdKUdv2bvErerws/aa1gUhifoSvqS554chDO
2Wz7pfAlyFdzyMLf+aDVwL1Rtkr6MntVpcT0eRzLc7ajASSqExhPPO8rn/QGghhH
FIqiYtzr5xTl+M+n4iNuHmm8PknyvUDrZzjCr9X7DvPOJBvLkOgyRlhQIQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFMgp5IcPvAK71zFBaWaPOQUO/SepMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveUNua2h3LThBcnZYTVVGcFpvODVCUTc5SjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAMB8sgMEAMB8vwMEAMB80QMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcVAwQBwlcaAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQBwleCMAwD
BADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gD
BADCV94DBADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOF
BgMEAMOFHgMEAcOFKAMEAMOFSQMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAYQL+
Wnn4hBgbvGewxVYeIx5EfBoaCfANv9YbggmoZ1jcjhr+Zwqxn8Ro4G3nIbhP9gsp
bz8pYQxezGfGBv7d+M54XiQPI2aU+wEq7/RW31ezU15prNdXXeyS43CxY/Qh09wW
TtOvgT83TSPvq1OcUTIwURHXZ/FKD8fxDLWrfG1cd6SlO2lr59ZW4Xmy4mY5cs6/
5zKlQm2fuI6YImmghvP87r9RtAandyerNS4rIj1X8VDPVsFUOpKSLrHOXXm6JBsC
1/8HLG0j64Iq53ZohXjM0PE+hEG7UZNVgxrmgDL2RLZK+ctVQgRPtOA2rcukizda
FplHruCy3bTtaBo8ZQ==
-----END CERTIFICATE-----
Generated at Tue Sep 12 17:18:05 2023 by rpki-client on console-ams.rpki-client.org