Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3YiT5BlgVhGqAGqdHLVv64H72vg.roa
File: 3YiT5BlgVhGqAGqdHLVv64H72vg.roa (raw, json)
Hash identifier: sl96KHwmisO+TSqydX9qe/OjVF39uOeA9IJFFO+GqBA=
Subject key identifier: DD:88:93:E4:19:60:56:11:AA:00:6A:9D:1C:B5:6F:EB:81:FB:DA:F8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01938CEEA5FE7F974A110BBB4BACAD7065C4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3YiT5BlgVhGqAGqdHLVv64H72vg.roa
Signing time: Tue 03 Dec 2024 14:31:10 +0000
ROA not before: Tue 03 Dec 2024 14:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 09:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:ee:a5:fe:7f:97:4a:11:0b:bb:4b:ac:ad:70:65:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 3 14:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd8893e419605611aa006a9d1cb56feb81fbdaf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5d:1d:fd:7f:47:4f:e9:f8:7c:e1:c8:ad:ee:
cd:d9:99:f8:0c:24:a4:cf:dd:21:6f:18:95:bd:19:
08:e7:bf:96:3b:36:50:22:32:a6:90:e0:7a:d8:3d:
53:df:ba:fc:01:74:c8:59:1e:df:54:3d:86:f8:cb:
6a:11:a1:af:91:72:02:66:ab:8d:86:13:55:63:41:
e3:e7:f6:e7:a0:09:3a:17:02:59:a2:1b:fb:2d:39:
11:d4:07:ad:74:6c:d2:65:e1:c7:0f:7d:6e:36:ef:
22:60:24:06:d6:11:83:5f:81:67:83:1b:71:5f:81:
3c:e5:53:88:64:76:98:22:ba:8c:76:59:4a:43:50:
fb:0c:65:f4:96:59:34:1a:cf:29:18:ef:a5:37:c9:
d2:04:44:10:a3:eb:4e:93:dd:62:50:f5:c5:8a:01:
89:e5:d9:95:a3:af:54:af:b6:17:74:ea:3d:47:93:
c8:28:ef:34:f9:0c:3c:41:29:2e:11:d2:66:05:c8:
14:5c:a4:81:05:c9:cb:ae:4c:e7:ac:77:4d:b8:41:
6d:6c:db:c3:b1:6d:70:e9:3e:7e:1f:fc:8f:13:14:
fc:73:0b:34:64:58:b3:9c:0d:07:ae:c1:4c:26:34:
da:3f:8e:59:b3:de:fd:54:79:a9:41:fc:c0:03:07:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:88:93:E4:19:60:56:11:AA:00:6A:9D:1C:B5:6F:EB:81:FB:DA:F8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3YiT5BlgVhGqAGqdHLVv64H72vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.210.0/23
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:46:1a:59:98:34:3f:68:6b:74:02:aa:cc:69:6d:7f:86:61:
d8:9b:4f:bc:c7:f1:aa:3f:7c:ec:ca:85:84:08:bf:1c:f2:b0:
ed:7c:01:15:1d:ba:1b:7c:61:08:f0:49:7e:c5:89:e0:ce:24:
9f:5d:11:2d:fb:5c:2e:c2:5d:d9:21:22:3b:bf:e8:df:39:6d:
38:c6:a7:61:ea:bc:c9:8c:ba:df:6a:9d:ae:de:1b:3d:17:0e:
0e:ca:31:57:c4:a5:c0:d0:9d:af:37:a7:21:f9:9e:a7:54:ff:
41:c4:1c:89:94:31:34:5c:ae:fa:36:04:42:9a:72:8e:5b:f0:
c0:a7:17:d9:56:83:fe:9e:6f:b0:af:37:af:a7:46:ce:b5:f5:
6e:8e:50:6f:da:fc:e8:10:99:aa:f9:5c:74:09:2e:b7:d5:ed:
9e:1d:e3:06:7b:4c:09:57:b6:da:fd:34:a1:55:54:44:57:8e:
4d:41:74:0a:74:ea:19:2b:12:71:16:ee:5e:49:1b:d1:61:07:
80:71:bb:f7:15:66:df:95:e0:5c:c5:5d:cf:88:ab:26:23:06:
92:52:e8:a3:1f:e6:23:b5:92:01:6f:69:60:dc:73:a7:e5:7d:
2c:1d:be:26:59:65:ba:a8:51:ad:9f:1e:6a:20:b9:a8:c7:a3:
9f:74:7c:24
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZOM7qX+f5dKEQu7S6ytcGXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAzMTQzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg4OTNlNDE5NjA1NjExYWEwMDZhOWQxY2I1NmZlYjgxZmJkYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA510d/X9HT+n4fOHIre7N2Zn4DCSk
z90hbxiVvRkI57+WOzZQIjKmkOB62D1T37r8AXTIWR7fVD2G+MtqEaGvkXICZquN
hhNVY0Hj5/bnoAk6FwJZohv7LTkR1AetdGzSZeHHD31uNu8iYCQG1hGDX4Fngxtx
X4E85VOIZHaYIrqMdllKQ1D7DGX0llk0Gs8pGO+lN8nSBEQQo+tOk91iUPXFigGJ
5dmVo69Ur7YXdOo9R5PIKO80+Qw8QSkuEdJmBcgUXKSBBcnLrkznrHdNuEFtbNvD
sW1w6T5+H/yPExT8cws0ZFiznA0HrsFMJjTaP45Zs979VHmpQfzAAwd8FwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFN2Ik+QZYFYRqgBqnRy1b+uB+9r4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM1lpVDVCbGdWaEdxQUdxZEhMVnY2NEg3MnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBABR
qH4DBABSmAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAME
Am2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAMEAdXa0jAMAwQA2ZFB
AwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQA8RhpZmDQ/aGt0AqrMaW1/
hmHYm0+8x/GqP3zsyoWECL8c8rDtfAEVHbobfGEI8El+xYngziSfXREt+1wuwl3Z
ISI7v+jfOW04xqdh6rzJjLrfap2u3hs9Fw4OyjFXxKXA0J2vN6ch+Z6nVP9BxByJ
lDE0XK76NgRCmnKOW/DApxfZVoP+nm+wrzevp0bOtfVujlBv2vzoEJmq+Vx0CS63
1e2eHeMGe0wJV7ba/TShVVREV45NQXQKdOoZKxJxFu5eSRvRYQeAcbv3FWbfleBc
xV3PiKsmIwaSUuijH+YjtZIBb2lg3HOn5X0sHb4mWWW6qFGtnx5qILmox6OfdHwk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:30 2025 by rpki-client