Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa
File: 1-JYnDzECULWSuF8Srh5xAdLGxYY.roa (raw, json)
Hash identifier: HXuAeezgGhDJuGRx6ovNfeF1NP8AjSZo2rgH4/D5kLs=
Subject key identifier: F8:96:27:0F:31:02:50:B5:92:B8:5F:12:AE:1E:71:01:D2:C6:C5:86
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018DBCCFA7D31C3FA5FB8E634ABD873155F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa
Signing time: Sun 18 Feb 2024 15:22:21 +0000
ROA not before: Sun 18 Feb 2024 15:22:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.165.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 16:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bc:cf:a7:d3:1c:3f:a5:fb:8e:63:4a:bd:87:31:55:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 18 15:22:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f896270f310250b592b85f12ae1e7101d2c6c586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:72:b8:52:4d:d2:f3:1e:dd:9e:ae:2a:9d:83:
7f:e1:51:55:c7:7c:2b:2c:0c:0e:56:45:2b:93:48:
f2:3c:0e:53:b5:b5:40:41:b9:0a:09:5a:ad:86:75:
07:d2:66:eb:37:98:9f:74:ad:95:10:c6:8c:57:95:
d1:1f:26:c2:5c:29:97:5d:87:04:17:34:70:10:64:
7e:ad:2a:51:3c:ed:76:fc:5c:2c:a1:8b:64:d0:bf:
2c:2a:07:b8:c5:b7:37:cd:bd:a8:24:89:cf:fa:8b:
38:e6:a0:64:ac:94:20:79:b2:58:e0:62:56:50:7d:
9e:22:07:76:45:93:59:8b:ca:08:4a:39:29:32:e9:
34:e0:11:6a:c3:9a:41:7f:14:f7:90:cc:a2:71:44:
54:b8:04:8a:b1:20:06:4b:29:64:6b:d9:bd:1c:48:
bb:a0:9f:af:72:97:6e:89:f2:36:74:69:0f:7c:2b:
0f:37:4e:c2:6b:0b:02:4d:7c:4a:23:aa:e7:fd:d9:
02:c3:c4:87:9f:0a:f6:6a:0d:3d:11:c2:82:c6:6d:
38:82:91:cb:c2:59:c2:8d:17:97:c6:72:af:26:34:
0e:f9:fe:1b:27:05:d9:c6:b7:dc:8d:5a:e8:a9:f3:
9a:fa:1a:97:41:10:0d:8b:50:e2:7c:4d:9a:45:6e:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:96:27:0F:31:02:50:B5:92:B8:5F:12:AE:1E:71:01:D2:C6:C5:86
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-JYnDzECULWSuF8Srh5xAdLGxYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.165.0/24
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a5:93:5e:1b:8a:e2:17:5f:95:be:28:79:9c:f6:e6:52:4a:
39:57:df:05:4d:6d:c7:9b:0a:ed:1e:cd:69:c7:fc:02:f2:0e:
03:ff:cb:13:79:25:53:16:03:65:75:18:bd:b6:bd:3d:ec:5e:
57:17:fc:4b:ef:da:13:de:b4:44:95:1a:a7:e5:04:f9:01:cc:
ab:cb:0e:b9:90:6f:fd:8f:63:80:a3:5b:e6:7a:65:52:88:40:
70:35:ac:08:15:5c:a7:54:d2:63:9b:cc:c4:d6:ed:68:47:5f:
c9:b8:50:46:65:84:f9:24:23:67:8e:a4:dc:97:65:26:3d:80:
09:fa:fc:1d:c2:8f:73:dc:37:6d:50:ba:ad:44:73:47:54:6f:
a5:2b:30:f1:39:60:20:c0:53:4e:04:90:f8:f0:64:9e:82:ce:
c5:b3:72:53:8a:7e:13:63:c7:fd:d7:15:ce:81:9c:38:08:fe:
48:59:22:1c:b4:dc:f3:f2:05:b3:41:4a:ec:49:a5:1b:ac:50:
b5:d6:c0:90:38:b3:a9:ad:d9:94:ba:24:44:b6:de:8f:ca:e0:
5b:7e:ce:52:21:a8:d9:47:0e:a4:6b:88:32:0e:04:72:65:98:
b6:9d:a0:fb:f4:d4:5c:40:4c:98:f6:92:30:c7:0b:9a:80:70:
5e:2d:71:c9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY28z6fTHD+l+45jSr2HMVXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjE4MTUyMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk2MjcwZjMxMDI1MGI1OTJiODVmMTJhZTFlNzEwMWQyYzZjNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3K4Uk3S8x7dnq4qnYN/4VFVx3wr
LAwOVkUrk0jyPA5TtbVAQbkKCVqthnUH0mbrN5ifdK2VEMaMV5XRHybCXCmXXYcE
FzRwEGR+rSpRPO12/FwsoYtk0L8sKge4xbc3zb2oJInP+os45qBkrJQgebJY4GJW
UH2eIgd2RZNZi8oISjkpMuk04BFqw5pBfxT3kMyicURUuASKsSAGSylka9m9HEi7
oJ+vcpduifI2dGkPfCsPN07CawsCTXxKI6rn/dkCw8SHnwr2ag09EcKCxm04gpHL
wlnCjReXxnKvJjQO+f4bJwXZxrfcjVroqfOa+hqXQRANi1DifE2aRW4ZXwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPiWJw8xAlC1krhfEq4ecQHSxsWGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1KWW5EekVDVUxXU3VGOFNyaDV4QWRMR3hZWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAlKZiDAM
AwQCWdWUAwQFWdWAAwQAWdWlAwQCWdWsAwQAWdW0AwQBuTF+AwQA1ZgqMA0GCSqG
SIb3DQEBCwUAA4IBAQAYpZNeG4riF1+Vvih5nPbmUko5V98FTW3HmwrtHs1px/wC
8g4D/8sTeSVTFgNldRi9tr097F5XF/xL79oT3rRElRqn5QT5Acyryw65kG/9j2OA
o1vmemVSiEBwNawIFVynVNJjm8zE1u1oR1/JuFBGZYT5JCNnjqTcl2UmPYAJ+vwd
wo9z3DdtULqtRHNHVG+lKzDxOWAgwFNOBJD48GSegs7Fs3JTin4TY8f91xXOgZw4
CP5IWSIctNzz8gWzQUrsSaUbrFC11sCQOLOprdmUuiREtt6PyuBbfs5SIajZRw6k
a4gyDgRyZZi2naD79NRcQEyY9pIwxwuagHBeLXHJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:26 2025 by rpki-client