Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0PeEQ3Ak2uqkCpxcgdp5VM-MWBI.roa
File: 0PeEQ3Ak2uqkCpxcgdp5VM-MWBI.roa (raw, json)
Hash identifier: 4QZCYHlmawdWXznguaUVuIy6lKPcKVbN0kjTozaKD8M=
Subject key identifier: D0:F7:84:43:70:24:DA:EA:A4:0A:9C:5C:81:DA:79:54:CF:8C:58:12
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019113FBF4873569B49AC4DCF9B07FE7DDCF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0PeEQ3Ak2uqkCpxcgdp5VM-MWBI.roa
Signing time: Fri 02 Aug 2024 16:46:04 +0000
ROA not before: Fri 02 Aug 2024 16:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.220.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.210.39.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Aug 2024 12:11:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:fb:f4:87:35:69:b4:9a:c4:dc:f9:b0:7f:e7:dd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 16:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0f784437024daeaa40a9c5c81da7954cf8c5812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:42:23:15:eb:8b:40:29:bb:10:29:34:e0:39:
96:76:69:a3:d0:08:63:d8:71:36:d9:00:ec:7d:58:
05:6f:32:fe:b5:24:cb:b9:56:4f:16:04:3c:78:87:
ed:f4:23:e3:5d:08:6d:ca:9d:74:cd:b8:a0:28:6d:
d3:86:24:9e:9d:86:6b:2f:cf:ce:7c:b4:7e:1a:75:
8d:39:0e:f6:0f:06:a0:2a:df:06:a0:84:f6:8a:dd:
ea:01:e8:dc:a5:37:b5:e5:bd:72:c5:2b:06:ed:d8:
b2:41:8e:b3:00:69:07:86:99:32:24:0a:4d:4d:7d:
0c:49:92:8b:fa:ac:f1:01:c2:ff:e3:a9:bc:61:f6:
5f:ee:94:1c:8b:db:e6:3b:c3:a8:13:e8:4f:dd:67:
d1:80:8c:21:7a:73:73:38:a6:d4:00:20:84:75:ae:
19:0c:a4:cc:17:d3:0b:8e:a3:7f:3b:09:92:11:46:
41:58:9c:6f:dc:77:54:ae:19:a6:b8:c3:3a:1c:56:
f2:a1:79:e9:a8:cd:66:5e:20:90:95:04:7e:6e:0e:
11:ee:c2:c0:6e:10:d0:5e:52:89:1c:be:39:ca:15:
e2:14:9d:ba:8a:a4:40:1c:c3:2d:b5:22:9b:94:d2:
c5:4c:bf:ae:bd:73:9d:ff:ca:33:7b:32:92:91:8c:
e6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F7:84:43:70:24:DA:EA:A4:0A:9C:5C:81:DA:79:54:CF:8C:58:12
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0PeEQ3Ak2uqkCpxcgdp5VM-MWBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.220.0/24
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.39.0/24
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:89:45:9b:ec:a0:0f:f9:07:fe:74:62:bc:85:b9:56:fb:bb:
07:5b:a5:2f:ef:52:17:cf:44:ba:c2:b1:99:56:c5:76:ed:97:
27:8b:d0:73:e2:50:20:46:81:6a:e6:e9:b4:42:41:fe:fb:74:
e6:68:1d:13:95:a4:99:34:63:07:51:00:c5:9b:47:87:b2:7c:
bb:2a:88:4d:23:da:9d:99:6b:1f:d3:89:47:a5:66:27:7d:db:
67:06:ed:8f:ce:4f:3f:41:95:1b:22:f5:7e:36:d3:43:6c:ca:
f9:26:e8:b2:88:57:f8:d7:49:87:6f:e9:ae:7f:d7:d5:83:55:
7e:e1:9b:6e:f9:70:bc:46:02:08:3b:23:29:38:ea:bf:f6:03:
66:56:8e:dc:b7:3c:b2:16:e6:ef:a0:3a:9b:b3:4e:30:d3:eb:
93:3f:f7:d1:d8:2a:ef:5f:f3:b6:9d:fa:5e:73:d0:28:b9:56:
47:c5:de:41:05:eb:b3:0c:f7:6b:21:f2:ef:ef:bc:c0:f4:dc:
19:04:e3:e7:f0:99:8f:61:5d:f7:24:52:46:44:e6:55:0f:aa:
3c:e6:33:bc:69:db:98:e6:5d:33:88:3e:91:f2:05:e3:ad:51:
eb:c9:b1:4e:93:3e:63:a6:b6:4a:33:20:22:92:97:41:86:e9:
2d:75:74:6a
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZET+/SHNWm0msTc+bB/593PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODAyMTY0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY3ODQ0MzcwMjRkYWVhYTQwYTljNWM4MWRhNzk1NGNmOGM1ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUIjFeuLQCm7ECk04DmWdmmj0Ahj
2HE22QDsfVgFbzL+tSTLuVZPFgQ8eIft9CPjXQhtyp10zbigKG3ThiSenYZrL8/O
fLR+GnWNOQ72DwagKt8GoIT2it3qAejcpTe15b1yxSsG7diyQY6zAGkHhpkyJApN
TX0MSZKL+qzxAcL/46m8YfZf7pQci9vmO8OoE+hP3WfRgIwhenNzOKbUACCEda4Z
DKTMF9MLjqN/OwmSEUZBWJxv3HdUrhmmuMM6HFbyoXnpqM1mXiCQlQR+bg4R7sLA
bhDQXlKJHL45yhXiFJ26iqRAHMMttSKblNLFTL+uvXOd/8ozezKSkYzmtQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFND3hENwJNrqpAqcXIHaeVTPjFgSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMFBlRVEzQWsydXFrQ3B4Y2dkcDVWTS1NV0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAFS
mLADBAJSmYgDBABSmdwDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAMEBVnVgAME
AFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJt
sMwDBAG5MX4DBATCaVADBAHUJlgDBADV0icDBADV2tMDBADZkUIDBAPZkUgwDQYJ
KoZIhvcNAQELBQADggEBACuJRZvsoA/5B/50YryFuVb7uwdbpS/vUhfPRLrCsZlW
xXbtlyeL0HPiUCBGgWrm6bRCQf77dOZoHROVpJk0YwdRAMWbR4eyfLsqiE0j2p2Z
ax/TiUelZid922cG7Y/OTz9BlRsi9X4200Nsyvkm6LKIV/jXSYdv6a5/19WDVX7h
m275cLxGAgg7Iyk46r/2A2ZWjty3PLIW5u+gOpuzTjDT65M/99HYKu9f87ad+l5z
0Ci5VkfF3kEF67MM92sh8u/vvMD03BkE4+fwmY9hXfckUkZE5lUPqjzmM7xp25jm
XTOIPpHyBeOtUevJsU6TPmOmtkozICKSl0GG6S11dGo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:14 2025 by rpki-client