Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-zPnQomX_fIXUZG0FrvZSGCnLfM.roa
File: 1-zPnQomX_fIXUZG0FrvZSGCnLfM.roa (raw, json)
Hash identifier: 9wmhPc+nwFcdRDmxzWCsnCUHBblZX1Yuo22N5R5UWS0=
Subject key identifier: FB:33:E7:42:89:97:FD:F2:17:51:91:B4:16:BB:D9:48:60:A7:2D:F3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FAB65BE765ADCB4ED1D09CF427E3718AB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-zPnQomX_fIXUZG0FrvZSGCnLfM.roa
Signing time: Fri 24 May 2024 16:18:42 +0000
ROA not before: Fri 24 May 2024 16:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.83.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.196.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 10:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:65:be:76:5a:dc:b4:ed:1d:09:cf:42:7e:37:18:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 24 16:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb33e7428997fdf2175191b416bbd94860a72df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:93:03:2c:c7:4b:c8:5b:dc:84:19:6a:8e:17:
32:11:57:22:ba:c2:bd:36:ec:cd:d6:20:90:43:ea:
3f:1b:13:84:21:69:7c:d7:94:5e:25:c8:04:e1:87:
99:13:df:e9:01:b8:e0:2c:a5:1d:ec:d0:ea:e2:6b:
b8:46:df:b3:21:79:88:f3:53:9e:ad:e4:c1:94:f5:
65:bd:3b:55:97:a2:36:c5:f6:82:a6:ae:e9:b0:0d:
3a:f3:63:75:e0:93:5b:dc:ee:d1:14:f9:a0:46:09:
bd:e8:bf:16:eb:95:9b:db:dc:a7:49:03:45:8d:00:
2a:63:dc:a6:72:65:4d:55:4d:2e:17:e1:ea:fd:4d:
25:99:35:8d:05:b5:5c:85:49:70:3d:3f:d2:f4:ee:
76:b1:8d:9a:1c:fd:a2:b7:7c:9e:19:e4:7d:11:50:
38:b5:78:f9:93:ed:3e:e6:a0:83:cb:ab:2f:59:b7:
50:e0:9f:73:94:15:2b:c3:b6:82:f1:93:1d:2e:34:
01:66:36:15:c6:4c:8c:af:a3:e3:92:60:69:25:7e:
b5:a9:3e:3d:7b:b0:4f:ab:32:fb:34:08:35:1e:85:
3d:26:cc:30:5d:3b:c4:6c:f3:6d:e5:e3:fb:b0:66:
bc:86:bf:7f:bc:3b:e7:11:dd:13:08:ed:43:80:ac:
40:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:33:E7:42:89:97:FD:F2:17:51:91:B4:16:BB:D9:48:60:A7:2D:F3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-zPnQomX_fIXUZG0FrvZSGCnLfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.83.0/24
81.168.120.0/24
82.152.8.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.190.0/24
89.213.196.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:0b:08:a2:19:dd:64:61:c2:78:25:aa:55:4c:e4:e1:db:6d:
cd:a1:8d:8f:e3:f8:1f:e7:90:9d:c4:91:52:48:02:1a:1c:8b:
d4:45:19:5d:f6:90:2f:ec:bb:1c:4b:06:37:86:35:8d:90:88:
40:46:c5:d3:3a:7b:7b:b8:ca:82:34:86:53:74:ce:a0:9a:f5:
21:a2:25:ff:03:55:a7:1c:85:c1:be:47:ad:54:fd:7e:d8:fd:
fd:8a:2f:be:7a:67:65:a8:a3:4d:ab:40:31:df:71:48:07:b5:
4b:60:06:ab:93:02:ae:47:aa:0a:44:35:e4:2e:40:fc:fb:d9:
5e:f9:1c:98:f3:56:3a:47:76:2b:34:cc:45:6c:01:2a:9b:1b:
e2:d3:17:72:ad:7c:7e:72:c8:a3:d5:1d:3d:ec:1f:91:b3:58:
09:44:29:fc:3d:be:80:63:4b:46:39:34:3f:23:6b:93:1e:30:
59:ec:df:59:db:0b:e8:50:2f:43:20:bc:12:2d:b4:d1:5c:ea:
e7:8a:94:a4:60:a5:44:21:ab:21:8e:17:09:8c:74:34:c8:ae:
30:31:30:3c:6e:4c:94:c3:01:86:89:ab:58:23:c1:31:ec:f5:
94:2b:26:ef:f4:54:7c:b5:58:c8:64:02:7a:a0:09:8c:62:3e:
e3:39:08:54
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY+rZb52Wty07R0Jz0J+NxirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI0MTYxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMzZTc0Mjg5OTdmZGYyMTc1MTkxYjQxNmJiZDk0ODYwYTcyZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JMDLMdLyFvchBlqjhcyEVciusK9
NuzN1iCQQ+o/GxOEIWl815ReJcgE4YeZE9/pAbjgLKUd7NDq4mu4Rt+zIXmI81Oe
reTBlPVlvTtVl6I2xfaCpq7psA0682N14JNb3O7RFPmgRgm96L8W65Wb29ynSQNF
jQAqY9ymcmVNVU0uF+Hq/U0lmTWNBbVchUlwPT/S9O52sY2aHP2it3yeGeR9EVA4
tXj5k+0+5qCDy6svWbdQ4J9zlBUrw7aC8ZMdLjQBZjYVxkyMr6PjkmBpJX61qT49
e7BPqzL7NAg1HoU9JswwXTvEbPNt5eP7sGa8hr9/vDvnEd0TCO1DgKxAoQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPsz50KJl/3yF1GRtBa72Uhgpy3zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS16UG5Rb21YX2ZJWFVaRzBGcnZaU0dDbkxmTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAFGo
UwMEAFGoeAMEAFKYCAMEAFKY+AMEAFKY+wMEAFKY/gMEAFKZJQMEAFKZRQMEAFKZ
SAMEAFKZTwMEAFKZhAMEAFKZ4AMEAFnVBAMEAVnVBgMEAFnVggMEAFnVvgMEAFnV
xAMEAG2w9wMEAG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEALQsIohndZGHC
eCWqVUzk4dttzaGNj+P4H+eQncSRUkgCGhyL1EUZXfaQL+y7HEsGN4Y1jZCIQEbF
0zp7e7jKgjSGU3TOoJr1IaIl/wNVpxyFwb5HrVT9ftj9/YovvnpnZaijTatAMd9x
SAe1S2AGq5MCrkeqCkQ15C5A/PvZXvkcmPNWOkd2KzTMRWwBKpsb4tMXcq18fnLI
o9UdPewfkbNYCUQp/D2+gGNLRjk0PyNrkx4wWezfWdsL6FAvQyC8Ei200Vzq54qU
pGClRCGrIY4XCYx0NMiuMDEwPG5MlMMBhomrWCPBMez1lCsm7/RUfLVYyGQCeqAJ
jGI+4zkIVA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:58 2025 by rpki-client