Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-h2CgYcfycMY6dZalW82TT6PRFo.roa
File: 1-h2CgYcfycMY6dZalW82TT6PRFo.roa (raw, json)
Hash identifier: vMyHWAyzbQIOtnRfbaA0g4IMkOkTxr3NU3zPuAhDuKc=
Subject key identifier: FA:1D:82:81:87:1F:C9:C3:18:E9:D6:5A:95:6F:36:4D:3E:8F:44:5A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192E844E61A2C1ADD7FE7B1D389F1CC7197
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-h2CgYcfycMY6dZalW82TT6PRFo.roa
Signing time: Fri 01 Nov 2024 15:08:02 +0000
ROA not before: Fri 01 Nov 2024 15:08:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 13:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e8:44:e6:1a:2c:1a:dd:7f:e7:b1:d3:89:f1:cc:71:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 1 15:08:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa1d8281871fc9c318e9d65a956f364d3e8f445a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:ed:08:6e:d1:f5:92:98:54:da:6b:af:70:
42:88:dc:ee:29:ba:10:e6:40:c9:e2:70:c1:24:c0:
c7:89:c7:87:b7:e5:50:ae:1b:44:26:18:69:9a:91:
26:d0:41:e9:3f:35:40:4d:67:8d:d3:99:76:08:fb:
be:d6:65:18:ca:2c:c1:db:30:36:bc:93:52:ec:4f:
f9:af:59:36:fe:46:87:a4:5b:76:58:f8:5c:78:36:
54:fb:2f:09:ff:39:f7:01:b7:da:72:9c:cb:80:8a:
49:21:ac:21:1f:e4:15:1a:23:d5:8c:07:81:4b:0e:
76:77:ec:55:a4:e5:eb:bc:bd:73:26:ac:7f:c3:72:
be:c8:98:73:07:4c:cd:fc:92:39:c7:d2:32:17:0a:
4e:ec:01:e7:b5:99:01:70:35:e8:39:7f:ad:c8:6a:
0f:fd:3c:d2:8d:15:02:50:f1:45:0c:15:d3:8c:cf:
bf:b4:ee:c8:70:73:c0:d5:41:5f:01:df:4b:0d:b1:
82:87:c9:79:18:c0:66:42:be:8f:36:94:58:d6:ba:
49:2c:4b:10:4c:6f:6f:e2:98:81:87:10:3b:5f:55:
45:a4:6f:5d:64:da:df:b4:6a:e0:e5:4f:76:43:0e:
ff:0d:a8:93:7b:35:5a:3d:75:5a:f4:6a:77:e0:ab:
a6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1D:82:81:87:1F:C9:C3:18:E9:D6:5A:95:6F:36:4D:3E:8F:44:5A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-h2CgYcfycMY6dZalW82TT6PRFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.122.0/24
82.152.131.0/24
82.152.176.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e4:c3:42:61:92:14:4e:d9:b2:df:3d:d4:de:5e:19:df:f3:
b1:83:62:95:4c:de:88:aa:37:04:21:3c:3d:2d:96:dc:62:01:
1c:ab:b6:2c:6f:d6:41:11:3c:cf:e9:7f:6e:a7:31:93:82:6f:
20:1f:28:3d:65:3c:f2:fa:ac:76:62:10:3a:99:98:63:7e:38:
e2:0d:2e:cf:b5:a2:ac:44:25:06:bb:74:0f:26:08:5c:3c:4b:
4f:8b:54:20:cb:a1:52:49:97:3a:25:33:b1:62:dc:3c:e8:ed:
97:50:97:29:c1:db:ab:b2:df:03:18:66:00:7a:22:9b:16:28:
5d:c8:ff:8f:20:88:17:29:e5:08:2d:80:02:40:8e:08:47:fd:
47:4e:87:40:e3:ce:38:ce:fd:bf:97:70:37:5d:a8:ac:9a:d7:
ec:70:fc:d5:f8:95:61:da:52:a3:3a:d5:93:66:cd:91:b9:62:
19:e8:6f:da:64:20:61:79:53:83:05:72:d1:52:73:f6:fc:e5:
60:08:0e:4c:7b:14:4d:a3:85:ea:62:1a:34:d2:8f:0a:01:19:
fa:54:b7:7f:e5:5e:78:0d:51:c8:2f:f5:1b:5d:ac:17:a3:ea:
c8:44:a0:a0:a9:1b:ef:9e:89:25:7a:3c:2a:10:21:e4:b1:09:
b3:ff:47:32
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZLoROYaLBrdf+ex04nxzHGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTAxMTUwODAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFkODI4MTg3MWZjOWMzMThlOWQ2NWE5NTZmMzY0ZDNlOGY0NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE/tCG7R9ZKYVNprr3BCiNzuKboQ
5kDJ4nDBJMDHiceHt+VQrhtEJhhpmpEm0EHpPzVATWeN05l2CPu+1mUYyizB2zA2
vJNS7E/5r1k2/kaHpFt2WPhceDZU+y8J/zn3AbfacpzLgIpJIawhH+QVGiPVjAeB
Sw52d+xVpOXrvL1zJqx/w3K+yJhzB0zN/JI5x9IyFwpO7AHntZkBcDXoOX+tyGoP
/TzSjRUCUPFFDBXTjM+/tO7IcHPA1UFfAd9LDbGCh8l5GMBmQr6PNpRY1rpJLEsQ
TG9v4piBhxA7X1VFpG9dZNrftGrg5U92Qw7/DaiTezVaPXVa9Gp34KumtQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPodgoGHH8nDGOnWWpVvNk0+j0RaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1oMkNnWWNmeWNNWTZkWmFsVzgyVFQ2UFJGby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAFEFvQME
AFGoegMEAFKYgwMEAFKYsAMEAFnVmAMEAFnVsAMEAFnVtwMEAFnV1AMEAG2w5jAN
BgkqhkiG9w0BAQsFAAOCAQEAHeTDQmGSFE7Zst891N5eGd/zsYNilUzeiKo3BCE8
PS2W3GIBHKu2LG/WQRE8z+l/bqcxk4JvIB8oPWU88vqsdmIQOpmYY3444g0uz7Wi
rEQlBrt0DyYIXDxLT4tUIMuhUkmXOiUzsWLcPOjtl1CXKcHbq7LfAxhmAHoimxYo
Xcj/jyCIFynlCC2AAkCOCEf9R06HQOPOOM79v5dwN12orJrX7HD81fiVYdpSozrV
k2bNkbliGehv2mQgYXlTgwVy0VJz9vzlYAgOTHsUTaOF6mIaNNKPCgEZ+lS3f+Ve
eA1RyC/1G12sF6PqyESgoKkb756JJXo8KhAh5LEJs/9HMg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:16 2025 by rpki-client