Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2yNVHXTMX99wtsFLMEZOyCks4wM.roa
File: 2yNVHXTMX99wtsFLMEZOyCks4wM.roa (raw, json)
Hash identifier: PdaI7b+7x0hYcPXbm5r9jXaKv1Gz3zUx0mU5fJYivas=
Subject key identifier: DB:23:55:1D:74:CC:5F:DF:70:B6:C1:4B:30:46:4E:C8:29:2C:E3:03
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F8AB53FCCC7D1FAC21D5C28156EA54211
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2yNVHXTMX99wtsFLMEZOyCks4wM.roa
Signing time: Sat 18 May 2024 07:58:05 +0000
ROA not before: Sat 18 May 2024 07:58:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.97.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 07:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:b5:3f:cc:c7:d1:fa:c2:1d:5c:28:15:6e:a5:42:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 18 07:58:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db23551d74cc5fdf70b6c14b30464ec8292ce303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:47:20:c2:e9:a1:33:2d:78:5b:99:31:0b:3a:
e0:b2:a6:c7:ee:f8:59:58:d7:31:56:41:9b:99:93:
a5:55:b9:15:c9:4f:60:d3:67:55:08:0f:ba:f6:41:
9d:c2:73:72:fb:2a:d7:99:d4:5a:d3:a0:51:30:0b:
29:2a:47:56:84:cf:81:c8:2a:ad:07:7e:d0:9d:d2:
63:26:1b:41:a0:2c:a2:fb:c8:d4:d3:33:89:b2:f8:
10:f8:7f:70:6a:78:4d:39:e5:f3:28:0c:17:42:b5:
c4:92:b3:46:5f:de:eb:2c:01:47:81:c5:a2:6b:26:
72:82:1b:e3:82:26:c8:5f:9c:29:37:30:ab:6a:1c:
ad:66:64:66:7a:2b:d4:72:06:8f:37:80:4b:22:93:
ea:4c:00:5a:4a:3e:a3:a9:b0:82:fa:dd:81:17:bc:
92:8d:8c:a7:11:05:b0:16:10:85:a2:e1:5b:c0:57:
8a:81:ce:d1:cf:a0:ee:44:20:8c:c1:52:ce:2b:13:
47:4e:0c:b8:f8:59:af:68:77:c1:20:57:4d:e5:c3:
dd:27:99:f4:36:b8:08:11:00:66:c9:50:4b:32:17:
2e:bb:b2:bd:03:63:49:14:61:b2:bf:08:01:8c:56:
b3:f3:2e:fd:e4:18:4e:6e:8e:85:f2:7c:fc:d4:f8:
ca:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:23:55:1D:74:CC:5F:DF:70:B6:C1:4B:30:46:4E:C8:29:2C:E3:03
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2yNVHXTMX99wtsFLMEZOyCks4wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
89.213.97.0-89.213.98.255
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.210.59.0/24
213.218.210.0/23
213.218.213.0/24
213.218.231.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
48:2d:0f:1b:86:b3:ad:9c:02:7e:88:9e:e7:eb:8c:29:6c:14:
c4:35:5e:48:2c:ce:9e:63:5b:ee:92:30:55:46:0c:16:95:e8:
32:bb:d5:ee:cc:b0:e8:ea:d0:6d:02:27:f2:d6:7a:58:0c:4d:
9a:0a:4c:e2:8a:63:28:f1:01:0e:b0:1b:9d:73:2e:de:9c:f1:
ee:e1:35:2e:6e:9b:d2:cc:6f:b9:30:04:67:5d:13:5e:b2:a9:
4c:5d:7e:b7:31:03:50:a9:6e:64:03:46:cb:3c:32:a4:e4:c5:
99:66:79:6d:f9:55:44:cb:36:67:a5:f1:3f:38:98:72:20:6b:
66:7e:58:51:ee:af:e6:45:ac:73:a3:95:b4:2c:ae:aa:f2:54:
9f:16:95:10:4b:42:95:06:e5:a4:c5:f8:87:9d:19:d6:aa:a1:
ff:11:96:33:c8:d5:4f:2a:fd:43:84:2c:0f:2c:14:cf:11:31:
dd:96:2c:ae:33:83:cb:0a:6e:d4:2e:17:a9:f5:d8:3e:8e:0b:
45:72:0c:35:df:b0:35:cf:c7:54:4e:4b:21:90:ba:c7:ee:3f:
17:d5:e9:89:d4:b4:e4:6e:9c:4f:3b:4b:0a:99:66:ec:74:81:
40:5e:73:8e:21:e4:1c:f7:63:e0:7a:9e:ca:f8:1b:f6:b6:a9:
fa:23:31:7a
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY+KtT/Mx9H6wh1cKBVupUIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE4MDc1ODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjIzNTUxZDc0Y2M1ZmRmNzBiNmMxNGIzMDQ2NGVjODI5MmNlMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEcgwumhMy14W5kxCzrgsqbH7vhZ
WNcxVkGbmZOlVbkVyU9g02dVCA+69kGdwnNy+yrXmdRa06BRMAspKkdWhM+ByCqt
B37QndJjJhtBoCyi+8jU0zOJsvgQ+H9wanhNOeXzKAwXQrXEkrNGX97rLAFHgcWi
ayZyghvjgibIX5wpNzCrahytZmRmeivUcgaPN4BLIpPqTABaSj6jqbCC+t2BF7yS
jYynEQWwFhCFouFbwFeKgc7Rz6DuRCCMwVLOKxNHTgy4+FmvaHfBIFdN5cPdJ5n0
NrgIEQBmyVBLMhcuu7K9A2NJFGGyvwgBjFaz8y795BhObo6F8nz81PjKVQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFNsjVR10zF/fcLbBSzBGTsgpLOMDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMnlOVkhYVE1YOTl3dHNGTE1FWk95Q2tzNHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFSmLAD
BABSmTIDBAJSmYgwDAMEAFnVYQMEAFnVYgMEAFnVhjAMAwQCWdWUAwQFWdWAAwQC
WdWsAwQDbbAQAwQBuTF+AwQEwmlQAwQA1YKCAwQA1YKVAwQA1dI7AwQB1drSAwQA
1drVAwQA1drnAwQA1dr5MA0GCSqGSIb3DQEBCwUAA4IBAQBILQ8bhrOtnAJ+iJ7n
64wpbBTENV5ILM6eY1vukjBVRgwWlegyu9XuzLDo6tBtAify1npYDE2aCkziimMo
8QEOsBudcy7enPHu4TUubpvSzG+5MARnXRNesqlMXX63MQNQqW5kA0bLPDKk5MWZ
Znlt+VVEyzZnpfE/OJhyIGtmflhR7q/mRaxzo5W0LK6q8lSfFpUQS0KVBuWkxfiH
nRnWqqH/EZYzyNVPKv1DhCwPLBTPETHdliyuM4PLCm7ULhep9dg+jgtFcgw137A1
z8dUTkshkLrH7j8X1emJ1LTkbpxPO0sKmWbsdIFAXnOOIeQc92Pgep7K+Bv2tqn6
IzF6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:51 2025 by rpki-client