Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4JMRbNfiuqX3vUPEyXWfhWBh9Zw.roa
File: 4JMRbNfiuqX3vUPEyXWfhWBh9Zw.roa (raw, json)
Hash identifier: Ttyp8zRO/PvjxLurzXagODPSybCTzq1qZ9SEbHnBRYY=
Subject key identifier: E0:93:11:6C:D7:E2:BA:A5:F7:BD:43:C4:C9:75:9F:85:60:61:F5:9C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143D697DAF65788C446A8A499DEA554
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4JMRbNfiuqX3vUPEyXWfhWBh9Zw.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d6:97:da:f6:57:88:c4:46:a8:a4:99:de:a5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e093116cd7e2baa5f7bd43c4c9759f856061f59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:20:eb:29:cf:66:72:16:af:db:92:9b:d8:
b6:b0:15:7d:11:49:f7:d0:d4:2c:d6:2a:3b:3a:a4:
8b:3f:5e:23:a3:86:44:a3:de:dd:6a:23:5f:2f:de:
a4:7e:2b:51:7e:71:a7:63:43:d1:d4:1b:b2:b5:cb:
59:43:0a:2e:3a:13:d8:e0:35:ab:80:7c:a6:84:74:
7e:4e:52:97:1b:f3:f7:d1:e5:f6:b4:69:33:f6:b6:
2e:28:7b:e9:8d:45:9c:d4:32:ca:90:15:4e:fb:f6:
0a:85:8b:f4:0f:91:2d:16:03:6a:e8:c2:62:f0:3b:
a3:69:1b:9e:08:60:49:e8:43:00:79:23:64:7b:70:
d2:34:ad:9a:49:3a:dd:22:54:ee:1b:ef:78:bb:a1:
31:83:04:dd:cb:df:50:3a:cd:4b:60:69:3d:62:2a:
b7:67:f7:57:f6:b9:93:22:44:47:7c:76:8c:9e:ab:
b3:50:c7:d2:0b:2f:c7:54:13:16:fa:68:f0:e6:b4:
d1:18:d9:12:cb:17:50:90:e6:c9:9f:c1:52:18:97:
55:7d:48:cb:a6:f9:80:33:d1:ed:5e:53:3c:20:94:
d3:23:3f:3c:6b:dd:d4:dc:46:1d:b6:95:17:f0:0a:
ee:62:7e:3d:83:49:50:96:98:f1:e6:84:5f:75:95:
85:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:93:11:6C:D7:E2:BA:A5:F7:BD:43:C4:C9:75:9F:85:60:61:F5:9C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4JMRbNfiuqX3vUPEyXWfhWBh9Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.122.0/24
82.152.131.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:0c:b9:39:0a:de:96:08:67:fd:10:db:29:34:3c:f3:1a:e3:
5c:6a:59:78:52:42:10:89:93:75:27:14:db:9b:dc:3b:c5:02:
25:f0:85:e8:a8:59:c6:4a:94:04:41:50:21:01:57:ef:0b:fe:
b9:94:71:2d:59:b1:7f:dc:59:a9:0a:8b:4d:5e:94:9a:86:07:
f2:74:06:4d:c7:4d:6f:9d:50:04:c1:71:16:02:c3:62:f8:73:
01:57:0a:f1:85:22:45:d8:6e:de:4b:4e:ba:39:a6:a2:f7:c8:
da:3e:4f:3a:5a:5d:67:d7:51:ad:fd:43:5c:c3:a9:88:3b:fc:
b1:c8:1e:3c:fd:01:39:f2:58:16:4c:8e:6d:15:22:74:f8:b5:
5e:5f:5c:d6:91:23:4d:80:be:e4:cf:9e:b9:34:cf:10:40:9a:
32:88:c6:6a:aa:68:5c:41:41:09:ae:c9:44:fc:c5:af:cb:25:
42:75:e2:e5:10:df:bd:b1:e5:1c:ce:ae:75:b7:67:6e:3e:3f:
a3:4f:3a:2e:9c:dc:2c:2c:bc:d0:69:88:8e:1a:1e:6c:d4:24:
db:ab:a3:5b:46:8f:a2:dd:dd:e5:fa:f2:e3:da:e1:06:4e:d0:
ce:f1:4b:14:d7:b1:4a:59:03:f4:20:5f:38:16:39:25:55:eb:
4c:bf:91:a5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhQ9aX2vZXiMRGqKSZ3qVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDkzMTE2Y2Q3ZTJiYWE1ZjdiZDQzYzRjOTc1OWY4NTYwNjFmNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDAg6ynPZnIWr9uSm9i2sBV9EUn3
0NQs1io7OqSLP14jo4ZEo97daiNfL96kfitRfnGnY0PR1BuytctZQwouOhPY4DWr
gHymhHR+TlKXG/P30eX2tGkz9rYuKHvpjUWc1DLKkBVO+/YKhYv0D5EtFgNq6MJi
8DujaRueCGBJ6EMAeSNke3DSNK2aSTrdIlTuG+94u6ExgwTdy99QOs1LYGk9Yiq3
Z/dX9rmTIkRHfHaMnquzUMfSCy/HVBMW+mjw5rTRGNkSyxdQkObJn8FSGJdVfUjL
pvmAM9HtXlM8IJTTIz88a93U3EYdtpUX8AruYn49g0lQlpjx5oRfdZWFTwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOCTEWzX4rql971DxMl1n4VgYfWcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNEpNUmJOZml1cVgzdlVQRXlYV2ZoV0JoOVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
Uah6AwQAUpiDAwQAWdWYAwQAWdWwAwQAWdW3AwQAbbDmMA0GCSqGSIb3DQEBCwUA
A4IBAQCODLk5Ct6WCGf9ENspNDzzGuNcall4UkIQiZN1JxTbm9w7xQIl8IXoqFnG
SpQEQVAhAVfvC/65lHEtWbF/3FmpCotNXpSahgfydAZNx01vnVAEwXEWAsNi+HMB
VwrxhSJF2G7eS066Oaai98jaPk86Wl1n11Gt/UNcw6mIO/yxyB48/QE58lgWTI5t
FSJ0+LVeX1zWkSNNgL7kz565NM8QQJoyiMZqqmhcQUEJrslE/MWvyyVCdeLlEN+9
seUczq51t2duPj+jTzounNwsLLzQaYiOGh5s1CTbq6NbRo+i3d3l+vLj2uEGTtDO
8UsU17FKWQP0IF84FjklVetMv5Gl
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:11 2025 by rpki-client