Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2NmTXOdWDQ7mgqGTg3OmsYpGoZc.roa
File: 2NmTXOdWDQ7mgqGTg3OmsYpGoZc.roa (raw, json)
Hash identifier: IrhqczvObOYZxHkZGv+0l6tfIR0nIHs2rUwLc0g86wk=
Subject key identifier: D8:D9:93:5C:E7:56:0D:0E:E6:82:A1:93:83:73:A6:B1:8A:46:A1:97
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195CA03EEC9FAB4476FE1903AA56EFD5159
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2NmTXOdWDQ7mgqGTg3OmsYpGoZc.roa
Signing time: Mon 24 Mar 2025 21:16:50 +0000
ROA not before: Mon 24 Mar 2025 21:16:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.168.116.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ca:03:ee:c9:fa:b4:47:6f:e1:90:3a:a5:6e:fd:51:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 24 21:16:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8d9935ce7560d0ee682a1938373a6b18a46a197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:05:06:e6:7e:8f:8c:29:d3:f8:5a:d1:d2:
0a:59:ee:b1:14:6c:fa:45:a5:dc:5d:25:19:1f:ef:
30:ce:9c:aa:1f:81:b6:f0:f5:90:95:30:4a:7f:b4:
ed:1a:f4:a6:66:ae:9b:a4:4c:b1:55:ca:16:c3:7d:
4b:ba:92:f7:a9:a7:8e:3d:15:17:53:2f:76:a8:0f:
cc:ec:73:6e:17:76:29:02:50:45:aa:49:01:85:07:
6a:dd:05:0a:36:73:ec:e2:e8:b1:d3:cd:81:ac:fc:
26:b2:34:0e:54:53:96:52:08:a1:c1:f4:e9:b4:94:
a4:9d:c1:a9:7a:2f:92:2e:e6:37:99:6c:c6:5d:60:
ec:5b:37:b4:a6:90:2e:5d:b2:11:ac:3e:46:77:5e:
97:53:19:dc:a2:fe:fc:3b:10:8c:8a:28:85:0b:57:
66:42:2b:c2:be:89:2b:17:36:2b:6a:1a:77:e6:e5:
bf:c2:cf:78:fd:d3:53:d4:6d:cf:65:2b:c5:71:69:
20:32:75:65:b3:df:76:a5:b1:d5:42:27:bd:89:34:
9a:e3:0c:1a:00:75:29:16:c6:cf:d2:7a:36:c3:ee:
5a:5c:ea:ed:00:60:6a:50:08:2f:66:2e:7d:02:f3:
98:f3:06:a8:4f:cd:a2:f3:5b:54:1e:49:ed:81:ef:
47:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D9:93:5C:E7:56:0D:0E:E6:82:A1:93:83:73:A6:B1:8A:46:A1:97
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2NmTXOdWDQ7mgqGTg3OmsYpGoZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
27:26:d0:32:4a:71:a8:a5:67:e2:8f:c5:08:36:0a:bc:30:17:
1c:cb:ae:f6:74:73:02:a6:a5:cf:22:1c:a7:31:95:2e:27:9d:
f1:ba:3e:b6:0f:d3:a6:74:2a:ad:bd:98:09:8a:8d:05:d3:6c:
b1:5b:04:a6:9e:d7:80:17:82:c5:68:5c:04:4a:82:9f:88:0c:
f5:d0:d9:a7:d1:88:dd:97:5e:3c:cc:c7:4f:7c:97:e3:76:1c:
4c:6b:44:3a:01:e6:94:88:8c:98:87:ad:3d:56:11:83:7a:48:
66:92:03:17:d0:06:5a:4d:db:c0:bc:a1:a4:d8:16:bd:16:f8:
2a:19:bd:cd:f0:92:25:d0:72:5b:f2:b9:14:66:f3:b7:8c:de:
74:c8:54:2e:9b:e7:de:18:9d:ce:3d:d2:6d:f8:db:e7:8a:9f:
dc:d0:df:c4:06:a5:09:89:ea:8c:1b:3c:4d:6f:5e:88:cf:17:
23:16:b3:ee:7e:59:4a:e4:89:96:27:f3:ca:84:c5:6e:55:28:
aa:02:28:ab:76:cb:0f:64:6e:0f:27:16:9d:29:1e:6e:dc:a4:
f9:f1:cf:a6:dc:0b:5c:ef:11:c4:00:85:33:52:ca:16:d3:74:
60:41:67:87:46:fa:d8:99:54:c7:b1:ab:79:23:6f:84:c1:75:
f6:c7:22:86
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZXKA+7J+rRHb+GQOqVu/VFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzI0MjExNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ5OTM1Y2U3NTYwZDBlZTY4MmExOTM4MzczYTZiMThhNDZhMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSUFBuZ+j4wp0/ha0dIKWe6xFGz6
RaXcXSUZH+8wzpyqH4G28PWQlTBKf7TtGvSmZq6bpEyxVcoWw31LupL3qaeOPRUX
Uy92qA/M7HNuF3YpAlBFqkkBhQdq3QUKNnPs4uix082BrPwmsjQOVFOWUgihwfTp
tJSkncGpei+SLuY3mWzGXWDsWze0ppAuXbIRrD5Gd16XUxncov78OxCMiiiFC1dm
QivCvokrFzYrahp35uW/ws94/dNT1G3PZSvFcWkgMnVls992pbHVQie9iTSa4wwa
AHUpFsbP0no2w+5aXOrtAGBqUAgvZi59AvOY8waoT82i81tUHkntge9HkQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFNjZk1znVg0O5oKhk4NzprGKRqGXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMk5tVFhPZFdEUTdtZ3FHVGczT21zWXBHb1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAFGodAMEAFKYCAMEAFKYgwMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVfwMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQA
WdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnV
qwMEAFnVsAMEAFnVtQMEAFnVtwMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQD
BARZ1eADBANtsBADBABtsMEDBAJtsMwDBAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8D
BATCaVADBADUJk8DBAHUJlgDBALVgoQDBADVmCsDBALV0jQDBADV2tMDBADV2uIw
DAMEAtXa9AMEANXa+DAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUA
A4IBAQAnJtAySnGopWfij8UINgq8MBccy672dHMCpqXPIhynMZUuJ53xuj62D9Om
dCqtvZgJio0F02yxWwSmnteAF4LFaFwESoKfiAz10Nmn0Yjdl148zMdPfJfjdhxM
a0Q6AeaUiIyYh609VhGDekhmkgMX0AZaTdvAvKGk2Ba9FvgqGb3N8JIl0HJb8rkU
ZvO3jN50yFQum+feGJ3OPdJt+Nvnip/c0N/EBqUJieqMGzxNb16IzxcjFrPufllK
5ImWJ/PKhMVuVSiqAiirdssPZG4PJxadKR5u3KT58c+m3Atc7xHEAIUzUsoW03Rg
QWeHRvrYmVTHsat5I2+EwXX2xyKG
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:31:57 2025 by rpki-client