Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkoKOPePzF1UDERQ0iSHCxXI8qI.roa
File: zkoKOPePzF1UDERQ0iSHCxXI8qI.roa (raw, json)
Hash identifier: XMHIvPfhAlcTPYLkrxszDAPjxrDc5JIho2kz3WVbGT8=
Subject key identifier: CE:4A:0A:38:F7:8F:CC:5D:54:0C:44:50:D2:24:87:0B:15:C8:F2:A2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B4294265EBCDB6FBB6450A84C9C661D71
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkoKOPePzF1UDERQ0iSHCxXI8qI.roa
Signing time: Wed 18 Oct 2023 11:38:07 +0000
ROA not before: Wed 18 Oct 2023 11:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:94:26:5e:bc:db:6f:bb:64:50:a8:4c:9c:66:1d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 18 11:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce4a0a38f78fcc5d540c4450d224870b15c8f2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8d:f4:9c:2f:bd:9f:c7:b2:f8:f9:2c:39:4a:
f9:2c:14:78:f3:ef:35:64:a6:ce:27:8e:7f:fb:84:
59:f8:eb:63:74:67:f1:a6:fa:52:40:c0:bd:e2:29:
ec:ed:6d:b9:7a:39:fe:55:33:e2:60:98:a0:34:d5:
cb:5e:c2:46:ce:c6:22:b2:08:5a:6d:4c:4f:52:a7:
46:60:64:6a:da:e5:3e:02:b3:9b:d9:a0:bf:fc:b0:
a0:70:89:38:89:84:e4:05:3e:6c:a9:13:07:d2:30:
6e:91:ac:17:72:1f:ae:6a:37:7b:00:31:92:22:2e:
41:f0:c4:a5:ac:61:fa:26:53:bb:c3:9a:af:18:d4:
12:ac:52:67:39:8b:33:11:57:6b:c5:94:ef:f9:61:
da:66:a3:18:30:1e:1e:f1:7f:3d:31:11:39:66:40:
cd:ec:21:5b:89:1f:85:aa:90:a4:ea:5c:ca:26:59:
c6:d0:5f:b8:55:6b:e4:72:0c:a2:c9:44:74:9a:8f:
a4:d0:2a:e3:56:71:14:cb:03:0c:3a:3d:07:f5:c7:
68:28:6c:03:ee:32:a6:5f:53:72:57:f6:02:2f:13:
53:2a:c9:6c:ad:da:a8:d6:d3:6c:d7:22:1c:c2:fe:
a4:50:75:77:06:2f:dc:8f:ac:f2:f4:c2:6b:ed:f1:
74:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4A:0A:38:F7:8F:CC:5D:54:0C:44:50:D2:24:87:0B:15:C8:F2:A2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zkoKOPePzF1UDERQ0iSHCxXI8qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.181.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.220.0/24
194.87.222.0/24
194.135.18.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
76:aa:27:e8:78:46:55:14:c4:13:33:3f:b1:c7:cf:78:45:e5:
7c:dd:41:7f:6c:2e:19:76:ee:48:8c:26:cf:a5:f6:6a:f3:c8:
6a:52:37:c1:bd:9b:cd:a5:18:b5:a9:c8:d9:01:dd:c1:7c:9c:
94:d3:8d:29:53:b6:8f:87:e0:15:d2:4d:13:c5:5c:16:f6:6f:
34:07:ea:25:e7:ec:f6:1d:70:cc:d8:ab:df:01:4b:8c:2d:b6:
82:9c:6d:50:2e:9b:e4:bc:cd:f8:9b:9a:f3:fc:f0:69:3c:22:
43:1f:3b:64:3d:9c:c9:45:82:d2:28:42:54:50:92:04:e7:1d:
55:29:6f:17:b6:77:45:b2:17:ba:10:e4:4b:7e:52:94:cb:f0:
83:b1:af:8c:c4:52:41:63:17:a1:37:71:b5:97:46:0e:f9:01:
e6:3b:e1:fe:fe:f1:b7:e6:0f:29:16:4b:fe:c9:9f:d6:3c:8f:
c6:ab:01:68:7f:55:36:d6:e2:c7:35:09:42:1e:98:a6:d1:1b:
f5:94:30:1f:e3:b1:f9:a2:1e:43:2f:70:d5:18:e0:56:b9:50:
a3:4a:1b:be:06:7b:c5:c3:15:90:e2:a8:64:01:74:d5:e7:a3:
06:20:08:3f:87:7f:1e:70:b2:c6:ff:1d:28:6a:23:cc:97:3b:
35:d9:7a:45
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYtClCZevNtvu2RQqEycZh1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE4MTEzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRhMGEzOGY3OGZjYzVkNTQwYzQ0NTBkMjI0ODcwYjE1YzhmMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio30nC+9n8ey+PksOUr5LBR48+81
ZKbOJ45/+4RZ+OtjdGfxpvpSQMC94ins7W25ejn+VTPiYJigNNXLXsJGzsYisgha
bUxPUqdGYGRq2uU+ArOb2aC//LCgcIk4iYTkBT5sqRMH0jBukawXch+uajd7ADGS
Ii5B8MSlrGH6JlO7w5qvGNQSrFJnOYszEVdrxZTv+WHaZqMYMB4e8X89MRE5ZkDN
7CFbiR+FqpCk6lzKJlnG0F+4VWvkcgyiyUR0mo+k0CrjVnEUywMMOj0H9cdoKGwD
7jKmX1NyV/YCLxNTKslsrdqo1tNs1yIcwv6kUHV3Bi/cj6zy9MJr7fF0VQIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFM5KCjj3j8xdVAxEUNIkhwsVyPKiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvemtvS09QZVB6RjFVREVSUTBpU0hDeFhJOHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAMB8sgMEAMB8tQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQA
wleDMAwDBADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74D
BADCV8gDBADCV9wDBADCV94DBADChxIDBADDOjYDBAHDOjoDBAHDOj4DBADDhQAD
BAHDhQYDBADDhR4DBAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQEL
BQADggEBAHaqJ+h4RlUUxBMzP7HHz3hF5XzdQX9sLhl27kiMJs+l9mrzyGpSN8G9
m82lGLWpyNkB3cF8nJTTjSlTto+H4BXSTRPFXBb2bzQH6iXn7PYdcMzYq98BS4wt
toKcbVAum+S8zfibmvP88Gk8IkMfO2Q9nMlFgtIoQlRQkgTnHVUpbxe2d0WyF7oQ
5Et+UpTL8IOxr4zEUkFjF6E3cbWXRg75AeY74f7+8bfmDykWS/7Jn9Y8j8arAWh/
VTbW4sc1CUIemKbRG/WUMB/jsfmiHkMvcNUY4Fa5UKNKG74Ge8XDFZDiqGQBdNXn
owYgCD+Hfx5wssb/HShqI8yXOzXZekU=
-----END CERTIFICATE-----
Generated at Thu Oct 19 05:14:54 2023 by rpki-client on console-ams.rpki-client.org