Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/04-KM7o7obwr4zH5SQQkJwMxb8s.roa
File: 04-KM7o7obwr4zH5SQQkJwMxb8s.roa (raw, json)
Hash identifier: R548NaTqp03Xtl/rpkdkrV0M6jN2x8axqs4Q74Y+O5Q=
Subject key identifier: D3:8F:8A:33:BA:3B:A1:BC:2B:E3:31:F9:49:04:24:27:03:31:6F:CB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019426AA8F3EEE6E8AAE33035405B27FDCD1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/04-KM7o7obwr4zH5SQQkJwMxb8s.roa
Signing time: Thu 02 Jan 2025 10:58:19 +0000
ROA not before: Thu 02 Jan 2025 10:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.93.143.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.16.0/24 maxlen: 24
109.176.18.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:aa:8f:3e:ee:6e:8a:ae:33:03:54:05:b2:7f:dc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d38f8a33ba3ba1bc2be331f94904242703316fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:c8:c8:c7:d6:0f:93:6a:6e:0b:36:cf:dd:
de:4b:c4:43:e4:6f:6d:54:a3:42:ac:74:4b:f0:04:
69:58:f4:67:eb:8b:40:f7:77:22:e2:16:d4:90:04:
37:f4:6f:ef:c6:ce:c6:b6:0b:3b:45:c8:83:c3:92:
1d:41:6a:d4:f3:f4:b6:41:09:7e:e4:6a:83:62:33:
28:87:be:e1:c9:50:64:7e:29:d1:ef:1f:43:a4:f9:
72:92:62:08:86:e5:b3:8e:e5:e3:ad:78:6e:d5:8b:
02:28:45:9b:94:b5:54:ce:0e:fb:0c:71:a5:f1:6f:
6c:55:ae:68:6d:a8:69:4b:02:28:80:2e:24:4e:ff:
80:08:14:0c:62:93:8a:25:2b:8b:4b:2d:12:5c:f4:
4a:f8:91:a7:10:b4:00:7d:8e:85:03:ee:c2:c4:02:
3b:05:cd:23:a1:8a:20:b6:03:43:57:8c:8a:7f:87:
54:f1:a4:f0:48:60:22:6e:ea:70:15:01:c1:05:5b:
ce:b7:0d:0f:ed:82:b9:34:9a:38:09:a4:6d:83:df:
bd:a8:3d:55:7a:ec:60:b7:9e:d8:ab:1f:f9:06:5f:
f9:13:1e:f5:a9:8e:16:fb:3f:d2:bc:5b:67:f6:29:
0e:6e:6d:f2:5c:04:4e:fa:29:25:a3:61:e5:89:ea:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8F:8A:33:BA:3B:A1:BC:2B:E3:31:F9:49:04:24:27:03:31:6F:CB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/04-KM7o7obwr4zH5SQQkJwMxb8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.143.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.172.0/22
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0-213.218.212.255
213.218.215.0/24
213.218.232.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:66:45:51:6a:05:e2:0b:99:0b:55:f7:b5:51:0d:20:b8:54:
2d:78:f8:b5:dd:6a:66:60:9c:17:f1:a0:5c:9d:c0:85:36:d5:
e9:df:70:40:db:12:f6:a6:ee:40:a6:6c:5e:19:6d:f7:8a:14:
c8:8d:7b:e5:e5:98:49:f1:f8:c7:be:98:c4:e4:f6:88:5a:c8:
fb:54:bb:0a:db:7b:0b:f8:02:49:9f:4e:ad:3e:50:5f:b2:ba:
ca:96:38:56:aa:26:e3:6c:49:ab:9f:d0:03:24:ce:25:47:a2:
d6:ac:2d:5e:d0:42:35:66:dd:8d:b3:56:b7:82:b0:0e:6b:67:
cb:82:3a:3a:7b:e0:59:93:f0:c0:22:16:aa:ff:cf:87:89:f2:
1a:d2:80:ba:b7:8f:38:cf:3c:69:e2:ea:3d:37:af:55:1a:40:
10:6e:24:0d:03:ea:4a:4e:31:6e:01:d6:42:e7:71:03:fd:2a:
71:6f:68:81:d4:59:be:97:7d:dd:0b:a5:5e:20:fd:b3:a0:17:
dc:ec:f7:45:d4:b6:34:ac:24:f6:53:ca:a9:15:3c:02:89:22:
f1:a8:7f:66:b4:75:5d:db:d2:85:4e:5b:9e:4a:71:5f:0d:d5:
2c:b0:ee:2f:4f:ee:58:1b:b8:81:e0:bd:09:30:83:06:df:2e:
53:d9:54:a5
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZQmqo8+7m6KrjMDVAWyf9zRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTA1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhmOGEzM2JhM2JhMWJjMmJlMzMxZjk0OTA0MjQyNzAzMzE2ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxfIyMfWD5Nqbgs2z93eS8RD5G9t
VKNCrHRL8ARpWPRn64tA93ci4hbUkAQ39G/vxs7Gtgs7RciDw5IdQWrU8/S2QQl+
5GqDYjMoh77hyVBkfinR7x9DpPlykmIIhuWzjuXjrXhu1YsCKEWblLVUzg77DHGl
8W9sVa5obahpSwIogC4kTv+ACBQMYpOKJSuLSy0SXPRK+JGnELQAfY6FA+7CxAI7
Bc0joYogtgNDV4yKf4dU8aTwSGAibupwFQHBBVvOtw0P7YK5NJo4CaRtg9+9qD1V
euxgt57Yqx/5Bl/5Ex71qY4W+z/SvFtn9ikObm3yXARO+iklo2Hliep1cQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFNOPijO6O6G8K+Mx+UkEJCcDMW/LMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMDQtS003bzdvYndyNHpINVNRUWtKd014YjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAE1djwMEAFKYCAMEAVKYsAMEAlKZiAMEAVnVLAMEAVnVMgMEAlnVOAMEAFnV
gQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YAD
BABZ1aIDBABZ1aQDBABZ1acDBABZ1akDBAJZ1awDBABZ1bUDBABZ1b8wDAMEAlnV
xAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQBbbDyAwQBuTF+AwQE
wmlQAwQA1CZPAwQB1CZYAwQC1dI0MAwDBADV2tMDBADV2tQDBADV2tcDBADV2ugw
DAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAKmZFUWoF4guZ
C1X3tVENILhULXj4td1qZmCcF/GgXJ3AhTbV6d9wQNsS9qbuQKZsXhlt94oUyI17
5eWYSfH4x76YxOT2iFrI+1S7Ctt7C/gCSZ9OrT5QX7K6ypY4Vqom42xJq5/QAyTO
JUei1qwtXtBCNWbdjbNWt4KwDmtny4I6OnvgWZPwwCIWqv/Ph4nyGtKAurePOM88
aeLqPTevVRpAEG4kDQPqSk4xbgHWQudxA/0qcW9ogdRZvpd93QulXiD9s6AX3Oz3
RdS2NKwk9lPKqRU8Aoki8ah/ZrR1XdvShU5bnkpxXw3VLLDuL0/uWBu4geC9CTCD
Bt8uU9lUpQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:26 2025 by rpki-client