Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3X6NYxqPdv-p35XFaqck-aBqjD4.roa
File: 3X6NYxqPdv-p35XFaqck-aBqjD4.roa (raw, json)
Hash identifier: frjz5QFVpu61nWjdLeXkOxdl9geDxy+HlDn1nBJeqSs=
Subject key identifier: DD:7E:8D:63:1A:8F:76:FF:A9:DF:95:C5:6A:A7:24:F9:A0:6A:8C:3E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192D250B40FE01A3248F4881D43D03544F0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3X6NYxqPdv-p35XFaqck-aBqjD4.roa
Signing time: Mon 28 Oct 2024 08:49:17 +0000
ROA not before: Mon 28 Oct 2024 08:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.81.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 12:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:50:b4:0f:e0:1a:32:48:f4:88:1d:43:d0:35:44:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 28 08:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd7e8d631a8f76ffa9df95c56aa724f9a06a8c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:dd:df:5c:a8:d0:f8:1b:cb:f4:3a:c7:0f:
8f:df:80:81:46:52:ad:9f:9e:f3:ee:d1:ab:4c:0d:
5e:83:35:c4:ea:ec:ee:a8:0a:d7:85:51:50:5b:80:
08:78:ab:ab:f7:e1:d6:ae:bd:b5:57:17:35:98:5a:
65:0c:4b:43:1c:a2:43:3b:5c:02:d7:b0:64:47:df:
69:79:b3:5e:ca:51:29:9d:8b:cd:78:e9:90:8d:6e:
bd:9d:4a:81:a8:5c:b2:98:1f:e0:a7:a7:2d:07:67:
e3:a7:72:41:81:d8:6a:66:5e:b8:08:31:20:49:b8:
55:06:3c:81:34:c0:41:af:2c:62:a3:04:40:39:d2:
32:05:47:2a:fa:9a:78:97:3b:05:75:88:d5:1a:05:
db:ea:16:e3:3d:1a:68:d9:4b:a8:5d:1a:c6:ad:4b:
2e:f8:3f:74:bb:17:4f:79:e7:24:e8:61:88:b8:18:
84:51:9f:14:a5:4d:54:21:7e:78:e6:e0:c2:93:a5:
45:1e:53:ee:6b:d1:3e:6b:5b:00:5b:30:ce:56:4a:
bf:96:7a:cc:42:c1:b6:85:ca:c2:b1:97:47:b0:82:
bc:6b:48:d8:cf:88:b1:90:11:c2:47:16:f2:77:95:
ea:14:34:71:66:d1:2c:63:b1:9e:17:09:49:a8:d9:
60:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7E:8D:63:1A:8F:76:FF:A9:DF:95:C5:6A:A7:24:F9:A0:6A:8C:3E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3X6NYxqPdv-p35XFaqck-aBqjD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.81.0/24
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
97:21:4a:38:82:6a:cd:fb:f3:8c:e2:7b:05:cb:b1:a4:f4:9a:
b3:72:e0:4e:2b:9c:b0:d1:1f:3b:5e:45:de:e5:25:ec:e1:df:
a1:7c:9c:94:6d:3c:be:2f:41:46:41:72:96:b5:54:8c:bf:08:
9c:23:64:5d:bc:38:3a:bb:83:2c:cc:e0:77:3c:71:43:2c:ae:
54:a3:6f:26:5e:65:07:ad:80:18:5e:86:6b:61:30:a1:87:fb:
5f:76:18:54:14:8c:2a:b0:f4:35:60:c5:6b:af:f5:c9:ae:86:
60:85:27:0f:02:1d:d7:4d:4d:68:4a:42:49:fa:64:1f:ae:8d:
d5:36:f9:15:d0:60:d2:71:37:92:ac:d6:d4:66:86:33:54:48:
56:6b:64:65:5b:42:4e:87:53:69:f8:85:6e:78:16:22:08:47:
4a:00:ac:77:94:27:93:14:d8:c4:28:ef:16:cf:3f:a8:59:6e:
1a:48:0b:a3:ca:89:db:26:7c:b5:0e:66:df:db:8c:d3:41:a2:
8f:74:22:66:61:9e:4a:c9:e0:71:53:2a:bc:49:8c:f6:b9:b0:
eb:08:3d:a3:5b:cc:9a:3b:40:df:c1:77:1c:84:6f:2a:1f:35:
3e:4d:1f:37:b6:12:c2:8b:ae:f0:8b:db:88:96:41:60:2a:35:
69:43:07:bd
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZLSULQP4BoySPSIHUPQNUTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDI4MDg0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdlOGQ2MzFhOGY3NmZmYTlkZjk1YzU2YWE3MjRmOWEwNmE4YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3nd31yo0Pgby/Q6xw+P34CBRlKt
n57z7tGrTA1egzXE6uzuqArXhVFQW4AIeKur9+HWrr21Vxc1mFplDEtDHKJDO1wC
17BkR99pebNeylEpnYvNeOmQjW69nUqBqFyymB/gp6ctB2fjp3JBgdhqZl64CDEg
SbhVBjyBNMBBryxiowRAOdIyBUcq+pp4lzsFdYjVGgXb6hbjPRpo2UuoXRrGrUsu
+D90uxdPeeck6GGIuBiEUZ8UpU1UIX545uDCk6VFHlPua9E+a1sAWzDOVkq/lnrM
QsG2hcrCsZdHsIK8a0jYz4ixkBHCRxbyd5XqFDRxZtEsY7GeFwlJqNlgmQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFN1+jWMaj3b/qd+VxWqnJPmgaow+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM1g2Tll4cVBkdi1wMzVYRmFxY2stYUJxakQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAFS
mLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YswDAMEAFnVkQME
AFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAME
AlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmUQME
AdQmWAMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IB
AQCXIUo4gmrN+/OM4nsFy7Gk9JqzcuBOK5yw0R87XkXe5SXs4d+hfJyUbTy+L0FG
QXKWtVSMvwicI2RdvDg6u4MszOB3PHFDLK5Uo28mXmUHrYAYXoZrYTChh/tfdhhU
FIwqsPQ1YMVrr/XJroZghScPAh3XTU1oSkJJ+mQfro3VNvkV0GDScTeSrNbUZoYz
VEhWa2RlW0JOh1Np+IVueBYiCEdKAKx3lCeTFNjEKO8Wzz+oWW4aSAujyonbJny1
Dmbf24zTQaKPdCJmYZ5KyeBxUyq8SYz2ubDrCD2jW8yaO0DfwXcchG8qHzU+TR83
thLCi67wi9uIlkFgKjVpQwe9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:50 2025 by rpki-client