Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3XTRydhRhaw4_0CzAtrpbYVXyw8.roa
File: 3XTRydhRhaw4_0CzAtrpbYVXyw8.roa (raw, json)
Hash identifier: bB3htAfHr3MaTfnRcB+2dcy0KfMOy1baoR8y/6NM4HE=
Subject key identifier: DD:74:D1:C9:D8:51:85:AC:38:FF:40:B3:02:DA:E9:6D:85:57:CB:0F
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019421B1CDFBE5039D4F151FACB6100E13B5
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3XTRydhRhaw4_0CzAtrpbYVXyw8.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.139.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.93.0/24 maxlen: 24
93.179.94.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.0/25 maxlen: 25
95.85.83.128/25 maxlen: 25
95.181.212.0/23 maxlen: 23
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 Jan 2025 14:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:cd:fb:e5:03:9d:4f:15:1f:ac:b6:10:0e:13:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd74d1c9d85185ac38ff40b302dae96d8557cb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:ae:d0:73:09:d0:71:40:00:c4:98:c3:1e:
c3:8e:92:61:9e:21:45:14:80:13:4e:a7:f9:5a:5f:
37:f8:a9:93:88:7c:6c:32:78:92:b8:7b:4c:15:7c:
2a:06:23:88:b0:58:8b:ba:83:f7:f8:4a:c2:45:68:
d2:aa:ee:45:57:e0:41:33:bb:e1:f9:b7:24:e8:46:
cc:a9:ca:11:eb:c0:ab:c0:d5:8c:08:13:4d:5e:89:
86:71:05:30:dc:c4:b8:04:bd:cc:b0:b1:e8:37:e2:
02:df:4b:ad:3b:12:8b:ad:b7:4a:16:20:6c:a2:5a:
8a:28:e1:1f:9b:00:e5:36:a5:ea:6c:91:13:90:9a:
93:d7:48:86:f4:7f:c2:76:cb:33:da:94:ad:8a:76:
06:4b:9c:a5:6f:20:f1:fb:89:a7:de:74:78:5e:46:
33:82:2e:f9:eb:a7:78:64:cd:92:a5:66:9e:62:1a:
4c:c8:15:19:b7:ac:4e:ec:8c:0e:30:54:b4:ee:98:
ff:cc:8a:27:44:58:f4:e9:b7:a6:92:b9:0d:40:f3:
cd:69:58:37:90:69:60:80:fd:26:64:7c:e3:f9:6d:
c2:c8:b6:3a:fb:c9:e2:55:66:70:c2:e7:84:b5:9f:
10:41:8c:d5:d0:69:76:63:41:a0:f6:11:3e:17:25:
d3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:74:D1:C9:D8:51:85:AC:38:FF:40:B3:02:DA:E9:6D:85:57:CB:0F
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3XTRydhRhaw4_0CzAtrpbYVXyw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.68.0/23
93.179.93.0-93.179.94.255
93.179.120.0/23
95.85.83.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:9a:29:ed:76:4b:02:e9:68:ed:15:cd:d2:a4:34:63:a7:63:
2b:33:ac:51:55:6c:b2:cc:55:e1:78:3f:ec:a9:98:27:59:e6:
06:74:5e:69:51:58:d1:cc:22:0e:24:ed:a7:f0:c2:76:21:fd:
dd:b8:13:64:05:16:2b:6a:9f:a8:0c:0d:dc:87:c7:6a:47:e2:
d6:b4:cd:4a:fc:1b:ae:e8:cd:9c:85:4f:76:85:3d:6c:c1:b2:
30:2d:df:35:c8:74:a9:af:77:07:35:c6:0c:1c:20:9b:10:fd:
cf:dd:4c:08:4d:b3:77:31:13:a2:95:ca:a1:b6:d8:38:80:48:
a8:9a:68:1d:0f:6f:60:21:7b:26:39:b1:f6:5f:42:0a:f5:35:
72:d0:e2:97:2c:bb:cf:e6:bb:2a:ae:be:dc:6b:e2:a4:a1:35:
bb:ff:62:6d:2c:af:3c:a2:da:65:9a:65:99:ab:e1:da:07:b2:
4e:61:2f:c8:b0:99:94:28:f4:27:28:e9:22:11:c3:ea:91:3f:
7a:27:66:eb:bf:65:82:83:37:3a:0a:f2:9f:1a:2a:62:fd:14:
02:65:c5:50:ac:27:a3:ec:4a:48:ee:ac:b0:e3:fa:5a:09:7c:
31:17:1f:2f:16:19:3a:3e:71:68:99:b0:ab:3e:3f:af:e0:58:
d8:d8:7b:c3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQhsc375QOdTxUfrLYQDhO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc0ZDFjOWQ4NTE4NWFjMzhmZjQwYjMwMmRhZTk2ZDg1NTdjYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/2u0HMJ0HFAAMSYwx7DjpJhniFF
FIATTqf5Wl83+KmTiHxsMniSuHtMFXwqBiOIsFiLuoP3+ErCRWjSqu5FV+BBM7vh
+bck6EbMqcoR68CrwNWMCBNNXomGcQUw3MS4BL3MsLHoN+IC30utOxKLrbdKFiBs
olqKKOEfmwDlNqXqbJETkJqT10iG9H/Cdssz2pStinYGS5ylbyDx+4mn3nR4XkYz
gi7566d4ZM2SpWaeYhpMyBUZt6xO7IwOMFS07pj/zIonRFj06bemkrkNQPPNaVg3
kGlggP0mZHzj+W3CyLY6+8niVWZwwueEtZ8QQYzV0Gl2Y0Gg9hE+FyXTqwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFN100cnYUYWsOP9AswLa6W2FV8sPMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvM1hUUnlkaFJoYXc0XzBDekF0cnBiWVZYeXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCW8SIAwQB
XbNEMAwDBABds10DBABds14DBAFds3gDBABfVVMDBAFftdQDBABtxIUDBADDtggw
FAQCAAIwDgMFASoEhoADBQAqCdXAMA0GCSqGSIb3DQEBCwUAA4IBAQA/mintdksC
6WjtFc3SpDRjp2MrM6xRVWyyzFXheD/sqZgnWeYGdF5pUVjRzCIOJO2n8MJ2If3d
uBNkBRYrap+oDA3ch8dqR+LWtM1K/Buu6M2chU92hT1swbIwLd81yHSpr3cHNcYM
HCCbEP3P3UwITbN3MROilcqhttg4gEiommgdD29gIXsmObH2X0IK9TVy0OKXLLvP
5rsqrr7ca+KkoTW7/2JtLK88otplmmWZq+HaB7JOYS/IsJmUKPQnKOkiEcPqkT96
J2brv2WCgzc6CvKfGipi/RQCZcVQrCej7EpI7qyw4/paCXwxFx8vFhk6PnFombCr
Pj+v4FjY2HvD
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:36:07 2025 by rpki-client