Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1z664nWcNz3dprqgDI97VXfALH8.roa
File: 1z664nWcNz3dprqgDI97VXfALH8.roa (raw, json)
Hash identifier: Re1LnOIDzKe52LVVwT7qiPwIbcgwQiokH5eko2gpvEI=
Subject key identifier: D7:3E:BA:E2:75:9C:37:3D:DD:A6:BA:A0:0C:8F:7B:55:77:C0:2C:7F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019329D0CD5258E25BB6B4ADA9A54F6827AD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1z664nWcNz3dprqgDI97VXfALH8.roa
Signing time: Thu 14 Nov 2024 08:36:10 +0000
ROA not before: Thu 14 Nov 2024 08:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.23.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 17:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:d0:cd:52:58:e2:5b:b6:b4:ad:a9:a5:4f:68:27:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 14 08:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d73ebae2759c373ddda6baa00c8f7b5577c02c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:92:62:33:d7:6f:47:5b:54:b4:26:19:04:1f:
ce:bd:58:18:c2:ca:cb:bd:81:61:19:11:16:81:39:
ff:9c:da:17:5a:5c:4d:f9:4a:94:b1:a0:9c:ed:76:
57:8d:a7:d1:bb:ab:52:38:37:52:37:a0:95:84:b3:
34:ac:d1:ac:c7:8e:d4:c0:5c:a5:e3:ed:22:46:b3:
21:53:64:46:b0:c2:22:9d:f5:9b:7e:93:bf:11:b0:
5e:cd:ee:9a:49:a2:35:7b:7c:fe:97:c6:67:d0:f0:
af:64:7e:dd:fb:dc:2f:8b:44:7c:65:e7:6e:df:85:
33:54:83:9a:3b:dd:59:5f:59:a6:c9:bf:f8:ae:61:
56:66:f1:31:da:2f:be:bb:8d:d2:17:3e:3f:b2:29:
0b:ca:c0:2e:b5:fd:49:32:8e:08:63:67:6d:4b:2c:
d3:fa:8c:3c:94:d1:cf:e1:87:65:22:c1:03:e6:d3:
e5:c2:53:c6:02:08:ea:84:e8:ea:53:69:09:b4:c0:
c2:c0:d6:78:c5:47:bf:53:d7:ff:74:75:12:5b:a0:
5e:45:82:ed:fa:66:19:90:dc:e5:a8:08:71:5d:c6:
f1:d4:41:79:d3:9a:b9:db:0a:b2:2a:41:1f:49:76:
e1:78:0b:8d:86:10:19:cf:7c:25:ef:f2:eb:88:8c:
bf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3E:BA:E2:75:9C:37:3D:DD:A6:BA:A0:0C:8F:7B:55:77:C0:2C:7F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1z664nWcNz3dprqgDI97VXfALH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
17:36:3f:ea:07:be:9c:9c:f5:5b:7c:00:19:32:20:7e:90:cd:
40:ec:bb:ec:3c:e7:d8:6d:8e:de:20:77:cb:1f:32:b9:d9:b4:
cc:83:49:4f:97:1e:20:6f:95:83:9e:ee:c8:d9:e2:ca:4d:81:
b7:d5:aa:82:74:3b:cf:5f:8e:20:a3:e7:30:d0:02:ef:dd:da:
d1:5e:70:3a:d9:92:d4:cb:b7:85:25:64:e7:9e:0f:7b:da:ee:
b6:c3:1c:eb:2b:da:9d:3a:5f:cf:86:2c:ff:49:ad:7e:48:f0:
29:7c:e5:79:22:f2:43:94:92:70:e4:22:b0:72:10:71:72:26:
de:39:7e:79:ca:96:37:a2:fb:55:b2:43:b8:6b:58:fb:93:57:
9a:6a:64:34:d9:5e:55:90:7d:1b:74:8b:29:d6:36:c4:d4:a4:
41:58:11:c5:05:b5:78:80:82:83:56:52:c5:f7:87:b7:a5:9d:
39:b2:4f:6a:da:7f:d8:8b:1d:b1:8a:87:12:2f:55:28:b0:1d:
36:b7:d1:a9:21:fb:0e:11:e2:7e:a4:e1:f7:b5:40:cb:d0:8a:
7d:51:80:fb:cb:bb:1f:8a:ff:1a:77:f9:aa:ca:62:52:df:72:
f9:53:a0:8d:aa:b9:bf:ce:f2:c0:fd:31:78:e3:c6:c6:95:1a:
2f:f3:95:99
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZMp0M1SWOJbtrStqaVPaCetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE0MDgzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNlYmFlMjc1OWMzNzNkZGRhNmJhYTAwYzhmN2I1NTc3YzAyYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpJiM9dvR1tUtCYZBB/OvVgYwsrL
vYFhGREWgTn/nNoXWlxN+UqUsaCc7XZXjafRu6tSODdSN6CVhLM0rNGsx47UwFyl
4+0iRrMhU2RGsMIinfWbfpO/EbBeze6aSaI1e3z+l8Zn0PCvZH7d+9wvi0R8Zedu
34UzVIOaO91ZX1mmyb/4rmFWZvEx2i++u43SFz4/sikLysAutf1JMo4IY2dtSyzT
+ow8lNHP4YdlIsED5tPlwlPGAgjqhOjqU2kJtMDCwNZ4xUe/U9f/dHUSW6BeRYLt
+mYZkNzlqAhxXcbx1EF505q52wqyKkEfSXbheAuNhhAZz3wl7/LriIy/pwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFNc+uuJ1nDc93aa6oAyPe1V3wCx/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMXo2NjRuV2NOejNkcHJxZ0RJOTdWWGZBTEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAFS
mLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ1YswDAME
AFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ
1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAME
AdQmWAMEAtXSNAMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEB
CwUAA4IBAQAXNj/qB76cnPVbfAAZMiB+kM1A7LvsPOfYbY7eIHfLHzK52bTMg0lP
lx4gb5WDnu7I2eLKTYG31aqCdDvPX44go+cw0ALv3drRXnA62ZLUy7eFJWTnng97
2u62wxzrK9qdOl/Phiz/Sa1+SPApfOV5IvJDlJJw5CKwchBxcibeOX55ypY3ovtV
skO4a1j7k1eaamQ02V5VkH0bdIsp1jbE1KRBWBHFBbV4gIKDVlLF94e3pZ05sk9q
2n/Yix2xiocSL1UosB02t9GpIfsOEeJ+pOH3tUDL0Ip9UYD7y7sfiv8ad/mqymJS
33L5U6CNqrm/zvLA/TF448bGlRov85WZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:34 2025 by rpki-client