Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0csr2Fff5FUNIxzNS80jZIs-GQA.roa
File: 0csr2Fff5FUNIxzNS80jZIs-GQA.roa (raw, json)
Hash identifier: +GoeeaRZuhzq82HhqA8tKMLwp7p3DvRbeUZLg1x0WK8=
Subject key identifier: D1:CB:2B:D8:57:DF:E4:55:0D:23:1C:CD:4B:CD:23:64:8B:3E:19:00
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191DC23095BFA64608E03933112E9D190CE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0csr2Fff5FUNIxzNS80jZIs-GQA.roa
Signing time: Tue 10 Sep 2024 13:32:49 +0000
ROA not before: Tue 10 Sep 2024 13:32:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.98.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:23:09:5b:fa:64:60:8e:03:93:31:12:e9:d1:90:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 10 13:32:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1cb2bd857dfe4550d231ccd4bcd23648b3e1900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:51:c8:77:d2:a4:b3:cb:f8:2e:f1:b8:de:29:
90:25:5a:a3:3e:27:f9:11:19:74:67:d2:17:2a:0a:
3c:bb:4f:56:3e:eb:a1:a3:e9:ba:be:5a:80:da:c8:
78:45:13:a7:06:4b:78:83:ce:66:ce:01:7f:92:fe:
8e:48:d5:1d:f3:d7:b0:66:40:13:e9:00:ee:b3:a3:
25:42:1e:54:e0:d5:aa:c9:64:84:18:b7:e6:2d:e0:
78:80:25:e5:05:a8:99:a9:5e:d6:39:af:50:e1:5d:
1e:d0:d3:3e:92:6a:4c:a7:72:a7:a8:d4:7c:b0:72:
88:f0:c5:51:a7:a9:83:73:3a:ee:91:44:36:86:1a:
9a:fe:ad:8d:15:78:fa:e1:ad:72:d4:9c:0e:c2:ec:
d4:f4:77:4a:b5:8e:2f:d3:38:40:f2:fa:60:ba:84:
6a:a5:60:5f:a6:ea:86:24:3d:c3:3a:8e:1c:b2:23:
50:f1:94:f1:60:b1:6c:18:8b:8a:31:5a:8b:eb:3b:
0a:40:c3:ec:a8:b7:4f:d0:64:98:cf:50:5e:02:09:
ea:ff:57:a6:11:d2:ed:c4:50:0f:38:29:12:bc:6a:
8e:ab:9b:31:c5:6c:d1:6a:b7:ef:e5:ec:c2:94:d0:
83:f7:c6:5c:5e:83:af:46:68:dc:d5:7c:a5:7a:58:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CB:2B:D8:57:DF:E4:55:0D:23:1C:CD:4B:CD:23:64:8B:3E:19:00
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0csr2Fff5FUNIxzNS80jZIs-GQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.98.0/24
89.213.50.0/24
109.176.244.0/24
213.218.234.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
55:3f:a6:f2:ad:f8:95:d6:98:6d:bc:51:33:af:7e:9c:e9:84:
65:9b:67:da:d5:86:87:ef:9a:7a:17:6a:fd:83:e4:7d:94:88:
15:5c:3b:6d:45:23:07:4c:9e:ce:f3:4a:c2:0c:6f:c6:58:5e:
2b:95:d2:ae:2e:84:cd:bf:ae:c2:00:e3:fa:5c:d0:59:bb:6b:
4c:13:4b:5c:d7:32:ba:ce:0c:dc:be:40:53:fc:bf:20:6a:53:
08:dc:fc:fd:5b:52:83:5c:ab:c7:b1:44:7a:8a:47:00:06:cf:
c2:c4:4c:90:24:e3:7b:3d:ab:a4:8a:ed:df:de:4e:70:10:af:
ff:78:c6:37:98:cc:7b:0c:25:0e:26:4f:92:0b:08:f1:60:fc:
b9:f0:3d:4e:85:ed:08:c8:ba:74:c6:21:df:6c:f2:da:96:3c:
4b:82:ce:6b:21:0a:39:92:37:0c:5c:3d:c7:ba:41:e8:15:b6:
b1:9a:ce:ff:f1:d2:74:b8:26:66:8a:19:81:71:18:5d:81:68:
d5:37:70:01:38:52:42:f3:c9:c4:33:c4:0e:67:f4:81:4f:1d:
5e:64:ad:31:ba:20:b9:24:ef:d8:8d:cc:1d:e1:32:b1:4c:53:
c3:da:dc:b6:d5:d8:ef:4d:e8:0a:cc:ec:3e:d6:33:04:7d:9e:
84:51:35:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHcIwlb+mRgjgOTMRLp0ZDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTEwMTMzMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNiMmJkODU3ZGZlNDU1MGQyMzFjY2Q0YmNkMjM2NDhiM2UxOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVHId9Kks8v4LvG43imQJVqjPif5
ERl0Z9IXKgo8u09WPuuho+m6vlqA2sh4RROnBkt4g85mzgF/kv6OSNUd89ewZkAT
6QDus6MlQh5U4NWqyWSEGLfmLeB4gCXlBaiZqV7WOa9Q4V0e0NM+kmpMp3KnqNR8
sHKI8MVRp6mDczrukUQ2hhqa/q2NFXj64a1y1JwOwuzU9HdKtY4v0zhA8vpguoRq
pWBfpuqGJD3DOo4csiNQ8ZTxYLFsGIuKMVqL6zsKQMPsqLdP0GSYz1BeAgnq/1em
EdLtxFAPOCkSvGqOq5sxxWzRarfv5ezClNCD98ZcXoOvRmjc1Xylelh1EwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNHLK9hX3+RVDSMczUvNI2SLPhkAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMGNzcjJGZmY1RlVOSXh6TlM4MGpaSXMtR1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphiAwQA
WdUyAwQAbbD0AwQA1drqAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQBVP6byrfiV
1phtvFEzr36c6YRlm2fa1YaH75p6F2r9g+R9lIgVXDttRSMHTJ7O80rCDG/GWF4r
ldKuLoTNv67CAOP6XNBZu2tME0tc1zK6zgzcvkBT/L8galMI3Pz9W1KDXKvHsUR6
ikcABs/CxEyQJON7Paukiu3f3k5wEK//eMY3mMx7DCUOJk+SCwjxYPy58D1Ohe0I
yLp0xiHfbPLaljxLgs5rIQo5kjcMXD3HukHoFbaxms7/8dJ0uCZmihmBcRhdgWjV
N3ABOFJC88nEM8QOZ/SBTx1eZK0xuiC5JO/Yjcwd4TKxTFPD2ty21djvTegKzOw+
1jMEfZ6EUTVJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:36 2025 by rpki-client