Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3tEhvz2_Se2v_IJ6mYjXyopqstc.roa
File: 3tEhvz2_Se2v_IJ6mYjXyopqstc.roa (raw, json)
Hash identifier: BPayebUL8+6l4vWYiEtD/oGwwH0tE5HI2JzaUfQIA3Y=
Subject key identifier: DE:D1:21:BF:3D:BF:49:ED:AF:FC:82:7A:99:88:D7:CA:8A:6A:B2:D7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B44FF15F67D21CCC729F781B1415E02
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3tEhvz2_Se2v_IJ6mYjXyopqstc.roa
Signing time: Fri 06 Dec 2024 09:20:10 +0000
ROA not before: Fri 06 Dec 2024 09:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 77.93.150.0/23 maxlen: 24
82.153.32.0/24 maxlen: 24
89.213.124.0/23 maxlen: 23
89.213.224.0/23 maxlen: 23
109.176.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:44:ff:15:f6:7d:21:cc:c7:29:f7:81:b1:41:5e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ded121bf3dbf49edaffc827a9988d7ca8a6ab2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2f:2e:cb:47:ca:2f:15:08:a8:65:26:ac:10:
f9:9a:c0:91:8c:b2:da:c2:ab:39:42:aa:b8:50:8b:
3f:27:94:c3:16:2b:84:91:b6:98:94:6d:67:7e:2c:
ca:29:55:7d:47:0d:a0:9e:1d:35:ce:07:b0:ec:9f:
01:c9:93:08:ad:2d:cb:e8:0c:4e:8f:64:34:4e:57:
b4:39:21:fb:ab:93:0d:0c:6f:e9:65:30:cc:98:a9:
08:0b:56:79:4c:7e:1f:be:47:78:be:ab:53:99:8a:
6c:e0:95:93:a1:8f:6b:28:d1:5f:34:c8:e5:ab:90:
41:a1:67:67:7e:70:fa:f3:8f:5b:d3:0c:b1:42:ad:
c1:5d:12:c3:83:e3:de:02:2a:a5:63:06:6a:98:e5:
07:8c:68:bd:6d:b5:4b:0a:b4:12:33:b8:dc:86:96:
58:6c:fd:4a:2e:2f:9e:de:e4:b4:46:8c:3c:65:1f:
fa:3d:f7:cc:4f:80:b7:e7:55:e8:a7:52:d8:0b:f8:
04:38:c4:1f:20:c1:7c:91:cf:92:9f:cb:b1:6a:e1:
c3:7c:6a:3c:a6:c5:9a:61:18:7c:61:fc:ee:84:e9:
33:13:25:07:14:47:c8:89:28:b4:cf:7a:86:40:a9:
67:2e:af:7a:3e:f7:64:a5:52:2b:2f:f4:10:31:fd:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D1:21:BF:3D:BF:49:ED:AF:FC:82:7A:99:88:D7:CA:8A:6A:B2:D7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3tEhvz2_Se2v_IJ6mYjXyopqstc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.150.0/23
82.153.32.0/24
89.213.124.0/23
89.213.224.0/23
109.176.204.0/23
Signature Algorithm: sha256WithRSAEncryption
61:04:ff:5d:d9:5c:88:6a:2b:39:24:fa:5c:68:57:cb:a9:75:
f7:c7:e8:65:79:ff:28:c3:cd:8c:47:0a:3c:6f:1b:e8:a6:48:
e8:e3:ae:fe:0a:49:94:db:39:c7:a4:5c:dc:bb:06:93:60:2c:
0d:d3:66:52:91:e4:d1:9d:66:d1:57:a1:22:7b:2b:ed:66:0b:
3f:da:84:31:1c:49:46:bc:83:71:09:e9:9e:a8:57:17:de:f4:
d4:a3:8c:e3:ff:af:06:18:cd:c4:8d:99:a3:2a:5e:62:8a:fe:
ab:63:b8:f9:fe:20:f7:25:62:f6:08:25:64:cc:06:4b:51:01:
12:8f:fb:41:2b:59:d5:f4:b7:5a:15:ce:15:05:ff:0b:3e:0b:
cb:53:f0:30:74:5f:ed:7d:eb:85:de:c4:3e:84:7d:1a:21:c9:
4f:89:c6:10:4d:43:7b:8b:81:20:56:6c:b9:bf:86:a6:94:4e:
af:30:6c:55:a4:dd:71:ca:62:fc:36:95:ea:2b:0b:92:42:c6:
b6:d5:83:4e:a9:51:6a:74:4c:03:0a:48:1c:2f:db:1f:21:e9:
0c:bf:61:f0:19:37:bc:7f:8a:24:9e:4a:1a:91:da:66:19:c8:
57:81:47:ed:e1:26:b2:49:97:6a:13:5d:a3:45:19:08:13:1d:
41:52:3c:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZObRP8V9n0hzMcp94GxQV4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQxMjFiZjNkYmY0OWVkYWZmYzgyN2E5OTg4ZDdjYThhNmFiMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC8uy0fKLxUIqGUmrBD5msCRjLLa
wqs5Qqq4UIs/J5TDFiuEkbaYlG1nfizKKVV9Rw2gnh01zgew7J8ByZMIrS3L6AxO
j2Q0Tle0OSH7q5MNDG/pZTDMmKkIC1Z5TH4fvkd4vqtTmYps4JWToY9rKNFfNMjl
q5BBoWdnfnD6849b0wyxQq3BXRLDg+PeAiqlYwZqmOUHjGi9bbVLCrQSM7jchpZY
bP1KLi+e3uS0Row8ZR/6PffMT4C351Xop1LYC/gEOMQfIMF8kc+Sn8uxauHDfGo8
psWaYRh8YfzuhOkzEyUHFEfIiSi0z3qGQKlnLq96PvdkpVIrL/QQMf3BSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN7RIb89v0ntr/yCepmI18qKarLXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM3RFaHZ6Ml9TZTJ2X0lKNm1Zalh5b3Bxc3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTV2WAwQA
UpkgAwQBWdV8AwQBWdXgAwQBbbDMMA0GCSqGSIb3DQEBCwUAA4IBAQBhBP9d2VyI
ais5JPpcaFfLqXX3x+hlef8ow82MRwo8bxvopkjo467+CkmU2znHpFzcuwaTYCwN
02ZSkeTRnWbRV6EieyvtZgs/2oQxHElGvINxCemeqFcX3vTUo4zj/68GGM3EjZmj
Kl5iiv6rY7j5/iD3JWL2CCVkzAZLUQESj/tBK1nV9LdaFc4VBf8LPgvLU/AwdF/t
feuF3sQ+hH0aIclPicYQTUN7i4EgVmy5v4amlE6vMGxVpN1xymL8NpXqKwuSQsa2
1YNOqVFqdEwDCkgcL9sfIekMv2HwGTe8f4oknkoakdpmGchXgUft4SaySZdqE12j
RRkIEx1BUjy4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:52 2025 by rpki-client