Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-b0TTpKYTKXSmvY3sN-a0T0vdFU.roa
File: 1-b0TTpKYTKXSmvY3sN-a0T0vdFU.roa (raw, json)
Hash identifier: cVUnNJonVTaspD76VOztIv5u0NiLYzryoV9D0pHq1QM=
Subject key identifier: F9:BD:13:4E:92:98:4C:A5:D2:9A:F6:37:B0:DF:9A:D1:3D:2F:74:55
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192FD4B45CBA0B76ECB660BF34D071B57D7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-b0TTpKYTKXSmvY3sN-a0T0vdFU.roa
Signing time: Tue 05 Nov 2024 17:07:01 +0000
ROA not before: Tue 05 Nov 2024 17:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 09:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:4b:45:cb:a0:b7:6e:cb:66:0b:f3:4d:07:1b:57:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 5 17:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9bd134e92984ca5d29af637b0df9ad13d2f7455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:f3:80:bd:66:a2:4e:35:4a:d5:11:8f:66:
90:21:fd:95:ab:7d:b6:cf:2e:56:a8:c4:3f:38:08:
38:46:01:b9:72:d7:be:83:50:90:c7:de:29:a9:a2:
20:c5:05:79:e4:6e:9c:43:21:c4:47:ed:dd:d0:e5:
31:37:2d:e7:16:a4:a9:35:71:f1:33:ca:81:1c:d4:
40:9b:d8:31:49:ee:9a:92:13:55:96:83:8a:f9:a9:
5a:14:2c:a0:a3:1d:3a:c7:32:50:31:ec:79:ed:99:
41:d9:47:c0:1c:31:88:7e:96:00:6b:25:07:7a:6c:
39:5c:b5:79:b9:fa:4e:09:bf:7a:33:63:ab:f6:b1:
33:8e:06:b7:a1:51:c9:ee:c9:af:8e:d7:1b:85:c3:
27:4e:12:8a:86:72:8b:8f:ec:2f:c2:53:52:a4:8b:
02:ba:29:f8:b5:10:26:8f:70:93:c2:5e:75:d6:60:
1e:6b:c0:e6:92:d7:d4:e7:2b:d2:8b:5e:ad:b9:4a:
3d:54:2a:31:be:b9:c3:79:fd:98:df:46:e5:ba:df:
16:b7:da:05:04:95:87:37:e7:5b:1a:b8:b8:8f:42:
78:c2:74:dc:27:52:f2:ec:c3:e0:c8:98:2c:6b:09:
c2:03:ef:6e:e2:74:6f:a6:72:fc:c4:e2:1c:27:52:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BD:13:4E:92:98:4C:A5:D2:9A:F6:37:B0:DF:9A:D1:3D:2F:74:55
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-b0TTpKYTKXSmvY3sN-a0T0vdFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
81.168.122.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.249.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:9d:e6:c7:f8:51:83:12:0d:df:bf:e6:4d:d9:f3:96:f1:2f:
d6:f6:ab:d7:29:b2:0f:f5:c3:3e:e4:c1:da:a9:4d:86:2d:b0:
aa:56:ea:2e:0c:29:e2:6d:55:34:d9:94:eb:80:e6:d6:5f:04:
00:7c:89:27:32:41:f2:f0:05:0c:c6:cb:a6:bf:ad:ba:90:98:
a8:ca:3f:8b:2e:96:33:8c:94:c5:8b:ee:b6:50:4d:32:52:76:
49:20:db:5c:84:e5:16:32:2c:34:3d:9c:57:aa:84:28:f5:fa:
da:31:b3:8b:30:a6:2e:3e:44:22:15:a8:94:c3:dc:fc:b3:95:
e6:44:17:53:ed:1c:27:02:99:05:ca:d2:53:54:93:39:34:5e:
b7:4a:b2:69:c6:0c:4e:18:97:3b:f5:b4:27:26:21:9d:90:d6:
67:08:22:32:41:b7:8b:36:b0:de:01:b1:c9:db:ed:dc:40:18:
bb:e6:9f:a8:ec:72:64:e4:5d:5e:b6:d4:34:7d:f5:b3:ec:77:
f7:81:02:17:8a:16:31:00:13:a9:a3:1c:60:f7:da:51:47:20:
4e:c0:ab:42:77:ae:70:16:d3:8e:5c:f6:0d:29:8f:22:15:35:
b0:cc:53:61:d1:00:3a:c2:85:a9:4a:ca:e9:67:ad:a0:a3:4e:
22:04:29:5b
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZL9S0XLoLduy2YL800HG1fXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA1MTcwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJkMTM0ZTkyOTg0Y2E1ZDI5YWY2MzdiMGRmOWFkMTNkMmY3NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoDzgL1mok41StURj2aQIf2Vq322
zy5WqMQ/OAg4RgG5cte+g1CQx94pqaIgxQV55G6cQyHER+3d0OUxNy3nFqSpNXHx
M8qBHNRAm9gxSe6akhNVloOK+alaFCygox06xzJQMex57ZlB2UfAHDGIfpYAayUH
emw5XLV5ufpOCb96M2Or9rEzjga3oVHJ7smvjtcbhcMnThKKhnKLj+wvwlNSpIsC
uin4tRAmj3CTwl511mAea8DmktfU5yvSi16tuUo9VCoxvrnDef2Y30blut8Wt9oF
BJWHN+dbGri4j0J4wnTcJ1Ly7MPgyJgsawnCA+9u4nRvpnL8xOIcJ1I80wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFPm9E06SmEyl0pr2N7DfmtE9L3RVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1iMFRUcEtZVEtYU212WTNzTi1hMFQwdmRGVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRsMGowaAQCAAEwYgMEA1DwWAME
AFGoegMEAFKYgwMEAVKYrgMEAlKZ0AMEA1KjGAMEAFnVOgMEAVnVPAMEAFnVjwME
AFnVkwMEAFnVtTAMAwQBWdXGAwQBWdXMAwQAWdXkAwQAWdX5AwQAbbDmMA0GCSqG
SIb3DQEBCwUAA4IBAQCinebH+FGDEg3fv+ZN2fOW8S/W9qvXKbIP9cM+5MHaqU2G
LbCqVuouDCnibVU02ZTrgObWXwQAfIknMkHy8AUMxsumv626kJioyj+LLpYzjJTF
i+62UE0yUnZJINtchOUWMiw0PZxXqoQo9fraMbOLMKYuPkQiFaiUw9z8s5XmRBdT
7RwnApkFytJTVJM5NF63SrJpxgxOGJc79bQnJiGdkNZnCCIyQbeLNrDeAbHJ2+3c
QBi75p+o7HJk5F1ettQ0ffWz7Hf3gQIXihYxABOpoxxg99pRRyBOwKtCd65wFtOO
XPYNKY8iFTWwzFNh0QA6woWpSsrpZ62go04iBClb
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:33 2025 by rpki-client