Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0lFu5Q-x2LndyjnBnLBnbSBdnHs.roa
File: 0lFu5Q-x2LndyjnBnLBnbSBdnHs.roa (raw, json)
Hash identifier: YtCpFGQlpVnPvkKLOHwRxUIubGkKJkVQqano8YngTZE=
Subject key identifier: D2:51:6E:E5:0F:B1:D8:B9:DD:CA:39:C1:9C:B0:67:6D:20:5D:9C:7B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE3371066E17131D87C28604C077D0CD6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0lFu5Q-x2LndyjnBnLBnbSBdnHs.roa
Signing time: Tue 04 Jun 2024 12:26:27 +0000
ROA not before: Tue 04 Jun 2024 12:26:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 82.153.32.0/24 maxlen: 24
89.213.124.0/23 maxlen: 23
89.213.224.0/23 maxlen: 23
109.176.204.0/23 maxlen: 23
194.105.90.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Sep 2024 15:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:37:10:66:e1:71:31:d8:7c:28:60:4c:07:7d:0c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 12:26:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2516ee50fb1d8b9ddca39c19cb0676d205d9c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4e:88:df:7c:9a:c7:d5:fc:56:cb:c2:b8:8b:
fd:6c:32:18:45:d5:93:13:32:af:0f:91:fb:38:30:
7c:c4:f1:0d:00:3e:55:b4:a3:02:46:25:80:8a:d3:
ea:3d:63:ee:22:3d:d8:31:5d:e1:75:f2:52:a9:70:
74:4f:cd:d7:0b:a0:d3:cd:46:8a:09:82:f6:68:42:
60:f6:57:2e:e4:dd:9a:76:5a:a8:46:25:f4:56:1d:
9c:20:f6:4e:7d:85:16:59:a9:37:f2:e2:bc:4f:93:
8e:f5:eb:b6:12:96:65:17:ee:1a:4c:13:a0:e0:85:
b4:66:56:32:66:1f:c8:0f:df:91:9b:fc:ca:88:aa:
4b:47:f8:3b:ae:24:4a:f3:53:be:59:6f:6b:d8:c7:
ce:f6:ec:89:df:08:bf:b1:ad:1b:e1:69:b4:46:19:
d4:3a:23:ff:8f:4f:e4:3a:9f:99:b4:5e:f4:79:48:
b2:c5:b6:18:29:c0:92:46:3b:e6:28:4b:82:9d:81:
6b:1d:81:c2:58:89:05:86:d9:7c:9c:1e:b8:fc:93:
3e:42:fd:5b:5b:7a:81:ad:9d:48:b0:c3:3a:87:ad:
24:6b:3c:60:7d:cc:d4:fb:23:b0:a0:be:76:0a:bb:
cf:bf:53:68:7b:e1:e2:ed:b5:76:35:22:99:9e:fb:
29:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:51:6E:E5:0F:B1:D8:B9:DD:CA:39:C1:9C:B0:67:6D:20:5D:9C:7B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0lFu5Q-x2LndyjnBnLBnbSBdnHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.32.0/24
89.213.124.0/23
89.213.224.0/23
109.176.204.0/23
194.105.90.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:c4:0d:17:2a:74:e6:14:80:ed:46:cf:23:e0:6d:0c:24:86:
ac:a5:21:2a:44:c0:06:95:c9:00:5d:64:71:17:23:f7:92:06:
2e:dd:63:95:d5:8f:b2:b1:94:31:f7:f1:cd:7e:94:78:a1:54:
20:4d:fa:90:90:92:a9:79:df:15:a4:41:47:89:33:82:ab:9a:
ab:26:76:db:13:a9:e4:fd:ef:f7:7b:72:1b:40:11:51:04:b9:
96:91:d2:12:9a:02:0d:4f:bc:ed:00:88:a0:0e:9d:1d:fa:d0:
f3:5f:4c:fd:e7:fb:6d:03:93:ac:1f:13:3a:8f:1d:cb:88:2c:
84:03:25:30:4f:a0:cf:f6:47:b6:fe:8d:b1:c9:b8:1b:b6:2e:
b9:bd:34:5e:15:b6:6e:da:90:53:f5:bc:4b:3b:42:04:7f:e4:
af:47:90:14:0b:2e:2a:f1:9b:b3:a1:c6:ad:a7:2b:5f:17:09:
b5:6e:c8:ca:a0:9d:0f:47:03:f8:18:ef:9f:53:fb:f9:95:5d:
57:5b:8c:32:2d:ba:05:e6:7c:e5:0d:2e:6b:18:bb:b5:cc:8d:
8c:d5:af:0a:68:e7:e4:e8:6c:d7:f2:4b:05:cd:a6:27:d0:44:
ec:e2:29:e8:93:9b:9c:9f:5e:1c:0a:89:4e:a7:79:05:a4:2b:
22:c1:66:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/jNxBm4XEx2HwoYEwHfQzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA0MTIyNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjUxNmVlNTBmYjFkOGI5ZGRjYTM5YzE5Y2IwNjc2ZDIwNWQ5YzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo06I33yax9X8VsvCuIv9bDIYRdWT
EzKvD5H7ODB8xPENAD5VtKMCRiWAitPqPWPuIj3YMV3hdfJSqXB0T83XC6DTzUaK
CYL2aEJg9lcu5N2adlqoRiX0Vh2cIPZOfYUWWak38uK8T5OO9eu2EpZlF+4aTBOg
4IW0ZlYyZh/ID9+Rm/zKiKpLR/g7riRK81O+WW9r2MfO9uyJ3wi/sa0b4Wm0RhnU
OiP/j0/kOp+ZtF70eUiyxbYYKcCSRjvmKEuCnYFrHYHCWIkFhtl8nB64/JM+Qv1b
W3qBrZ1IsMM6h60kazxgfczU+yOwoL52CrvPv1Noe+Hi7bV2NSKZnvspIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNJRbuUPsdi53co5wZywZ20gXZx7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMGxGdTVRLXgyTG5keWpuQm5MQm5iU0JkbkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpkgAwQB
WdV8AwQBWdXgAwQBbbDMAwQBwmlaMA0GCSqGSIb3DQEBCwUAA4IBAQBrxA0XKnTm
FIDtRs8j4G0MJIaspSEqRMAGlckAXWRxFyP3kgYu3WOV1Y+ysZQx9/HNfpR4oVQg
TfqQkJKped8VpEFHiTOCq5qrJnbbE6nk/e/3e3IbQBFRBLmWkdISmgINT7ztAIig
Dp0d+tDzX0z95/ttA5OsHxM6jx3LiCyEAyUwT6DP9ke2/o2xybgbti65vTReFbZu
2pBT9bxLO0IEf+SvR5AUCy4q8ZuzocatpytfFwm1bsjKoJ0PRwP4GO+fU/v5lV1X
W4wyLboF5nzlDS5rGLu1zI2M1a8KaOfk6GzX8ksFzaYn0ETs4inok5ucn14cColO
p3kFpCsiwWY3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:35 2025 by rpki-client