Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2C7XumS-Uo2eS9kWccH3bJd7qH8.roa
File: 2C7XumS-Uo2eS9kWccH3bJd7qH8.roa (raw, json)
Hash identifier: yWYWhU9HlannEU36McUcN1VjOBcfJgqVXfdlbnvXGl0=
Subject key identifier: D8:2E:D7:BA:64:BE:52:8D:9E:4B:D9:16:71:C1:F7:6C:97:7B:A8:7F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F94DC6CB1699F70BA147CB56682567E53
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2C7XumS-Uo2eS9kWccH3bJd7qH8.roa
Signing time: Mon 20 May 2024 07:17:04 +0000
ROA not before: Mon 20 May 2024 07:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 82.152.7.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
109.176.239.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 May 2024 07:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:dc:6c:b1:69:9f:70:ba:14:7c:b5:66:82:56:7e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 20 07:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d82ed7ba64be528d9e4bd91671c1f76c977ba87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:81:f5:86:eb:fa:86:14:28:71:95:ad:fb:19:
34:51:ef:f5:e8:5e:aa:62:7a:ea:6e:50:c3:8f:5d:
af:64:d4:cf:4b:c4:b9:60:92:49:2e:bf:93:e4:30:
fe:66:7d:21:1c:59:75:ad:0b:ed:1b:a2:8c:78:82:
26:36:a2:6f:e0:4a:9b:fa:a1:bb:bc:cf:79:9e:c9:
2a:80:57:f2:35:77:54:77:52:2b:8b:82:90:06:12:
77:5c:a8:f8:23:75:cf:65:ac:45:76:f0:be:19:51:
f8:c2:af:a5:91:9f:5a:72:b2:68:59:9b:2a:90:a9:
7e:67:b1:3e:8c:af:37:1d:d4:b7:6b:f9:98:84:14:
02:5e:6d:6b:1e:60:61:79:5f:1b:0e:0a:49:9e:e3:
cf:d8:f3:07:f9:f2:a4:7a:d5:39:8b:7b:b1:47:b1:
d7:23:cd:c9:39:02:3f:73:91:ca:78:d1:29:7a:42:
6d:2c:65:9d:6e:e0:dc:c6:79:49:d3:31:eb:24:91:
ab:b1:06:28:e3:87:69:67:4f:5f:55:5f:5b:fb:0f:
57:f9:bf:04:27:75:5c:0f:6d:c2:cc:88:87:0c:d9:
8c:2c:f8:ad:f7:7c:ec:77:09:b6:63:7d:09:f0:c0:
c3:cc:e2:f6:42:ed:b5:07:17:9a:95:26:e9:13:b7:
59:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2E:D7:BA:64:BE:52:8D:9E:4B:D9:16:71:C1:F7:6C:97:7B:A8:7F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2C7XumS-Uo2eS9kWccH3bJd7qH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.7.0/24
82.153.225.0/24
89.213.43.0/24
89.213.99.0/24
89.213.131.0/24
89.213.145.0-89.213.146.255
109.176.200.0/24
109.176.239.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c0:51:1c:6c:5d:27:46:ba:de:9a:84:be:19:46:d4:c4:9b:
a9:90:f8:3f:4a:84:56:80:5a:0d:1a:c2:78:02:26:03:97:00:
f5:a8:04:d9:05:4c:ec:e0:3f:ff:41:06:7c:82:06:25:3d:79:
8c:bc:ec:c2:92:e1:34:bc:81:d8:e0:63:99:75:7d:95:15:70:
f1:2d:12:b6:d4:85:cc:69:ef:0f:b1:67:a8:aa:17:34:76:a3:
52:90:2b:9e:b9:fa:4b:4f:12:51:35:88:5d:f9:60:ef:27:56:
d9:03:df:71:2a:d9:51:63:5d:19:2e:f0:71:5c:a5:c2:f6:a4:
d2:ed:6a:e1:84:5d:8c:56:0e:9e:ab:53:3d:2c:21:92:96:5a:
53:04:0a:18:74:17:88:b1:be:5c:cd:35:c4:1c:ee:81:cf:d6:
24:67:df:0a:ae:b9:86:79:ce:c4:b2:3d:ac:1d:19:8b:0c:a2:
cc:12:fd:c9:00:35:c2:87:f9:93:fb:9c:cb:b7:9b:59:d5:6e:
a4:7b:c0:69:92:6c:01:f6:e9:4c:3c:74:36:e5:03:b6:fa:08:
1b:b0:21:e0:a2:b4:87:11:a1:e0:8d:11:4e:9b:ef:94:67:b1:
e1:a4:0d:c5:b3:74:20:be:4a:18:5b:3a:26:0d:9c:5e:06:75:
f5:96:9c:7a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY+U3GyxaZ9wuhR8tWaCVn5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIwMDcxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJlZDdiYTY0YmU1MjhkOWU0YmQ5MTY3MWMxZjc2Yzk3N2JhODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroH1huv6hhQocZWt+xk0Ue/16F6q
YnrqblDDj12vZNTPS8S5YJJJLr+T5DD+Zn0hHFl1rQvtG6KMeIImNqJv4Eqb+qG7
vM95nskqgFfyNXdUd1Iri4KQBhJ3XKj4I3XPZaxFdvC+GVH4wq+lkZ9acrJoWZsq
kKl+Z7E+jK83HdS3a/mYhBQCXm1rHmBheV8bDgpJnuPP2PMH+fKketU5i3uxR7HX
I83JOQI/c5HKeNEpekJtLGWdbuDcxnlJ0zHrJJGrsQYo44dpZ09fVV9b+w9X+b8E
J3VcD23CzIiHDNmMLPit93zsdwm2Y30J8MDDzOL2Qu21BxealSbpE7dZrwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNgu17pkvlKNnkvZFnHB92yXe6h/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkM3WHVtUy1VbzJlUzlrV2NjSDNiSmQ3cUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUpgHAwQA
UpnhAwQAWdUrAwQAWdVjAwQAWdWDMAwDBABZ1ZEDBABZ1ZIDBABtsMgDBABtsO8D
BADVgpsDBADV2tUDBADV2uEDBADV2uMwDQYJKoZIhvcNAQELBQADggEBAJzAURxs
XSdGut6ahL4ZRtTEm6mQ+D9KhFaAWg0awngCJgOXAPWoBNkFTOzgP/9BBnyCBiU9
eYy87MKS4TS8gdjgY5l1fZUVcPEtErbUhcxp7w+xZ6iqFzR2o1KQK565+ktPElE1
iF35YO8nVtkD33Eq2VFjXRku8HFcpcL2pNLtauGEXYxWDp6rUz0sIZKWWlMEChh0
F4ixvlzNNcQc7oHP1iRn3wquuYZ5zsSyPawdGYsMoswS/ckANcKH+ZP7nMu3m1nV
bqR7wGmSbAH26Uw8dDblA7b6CBuwIeCitIcRoeCNEU6b75RnseGkDcWzdCC+Shhb
OiYNnF4GdfWWnHo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org