Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4Y6eKPwp6jz2f50FHyHRtvOXSOI.roa
File: 4Y6eKPwp6jz2f50FHyHRtvOXSOI.roa (raw, json)
Hash identifier: ANQCxsWkL+ZSb+kNYBz1GlkpRffPeG8f/zHH9XNGwUY=
Subject key identifier: E1:8E:9E:28:FC:29:EA:3C:F6:7F:9D:05:1F:21:D1:B6:F3:97:48:E2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196900CA89B3AE6B1034F6D68ADA879037A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4Y6eKPwp6jz2f50FHyHRtvOXSOI.roa
Signing time: Fri 02 May 2025 08:11:10 +0000
ROA not before: Fri 02 May 2025 08:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 09:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:0c:a8:9b:3a:e6:b1:03:4f:6d:68:ad:a8:79:03:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 2 08:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18e9e28fc29ea3cf67f9d051f21d1b6f39748e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:76:9b:bc:7c:7b:d4:2f:8b:ca:f3:dd:03:
fe:42:3e:46:31:2c:cd:b0:69:ae:f0:54:d8:7c:22:
f6:7a:e9:51:c9:82:7b:88:f3:d2:75:c8:37:56:4b:
eb:9f:4e:31:ec:25:98:c7:68:1a:20:ec:86:81:d7:
cc:f2:ff:1e:1a:c0:d9:6e:2b:11:e5:0e:14:d5:0c:
51:1b:07:1e:df:8e:0e:b8:75:94:0d:17:29:50:fd:
89:11:1a:33:ce:a5:8b:16:6e:2e:6d:02:a2:16:10:
f1:39:1f:59:59:cb:5f:03:83:c3:e5:50:a7:d7:4a:
cf:93:ab:20:5d:09:ac:d7:d7:a3:cd:a9:19:4b:4d:
c5:88:1d:28:ff:2e:85:ab:e2:a0:fa:d0:87:e8:b8:
74:c1:78:eb:a6:3a:24:08:ca:38:71:18:3a:7d:f4:
f2:9f:51:f2:c3:90:a7:58:e3:c9:0f:55:46:ef:1f:
8f:83:93:d6:e8:bc:59:ed:6f:8f:b8:d3:33:2b:c9:
f3:f1:50:fb:5a:3d:12:03:46:a0:10:d2:a9:da:8a:
40:00:0d:e6:fc:61:35:1c:de:2b:67:cf:b7:6a:6f:
61:87:48:26:a8:af:4a:62:63:d9:19:e3:03:50:4d:
cd:fd:19:bc:c6:a4:f3:11:35:bb:08:b8:89:96:be:
b8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8E:9E:28:FC:29:EA:3C:F6:7F:9D:05:1F:21:D1:B6:F3:97:48:E2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4Y6eKPwp6jz2f50FHyHRtvOXSOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.54.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:96:a6:6c:c7:82:19:cd:37:88:48:5e:33:e0:7c:02:20:1a:
27:52:00:d4:65:cd:ae:d5:d9:96:c4:33:6e:9a:f4:7a:1a:76:
e3:94:67:b9:22:de:49:06:e7:fb:8d:b8:ab:7f:02:1f:b7:29:
77:82:5d:be:b2:dc:db:71:a5:46:38:0e:0d:02:41:99:e9:a3:
6c:bb:c4:c7:83:8a:88:c2:c7:19:10:be:c7:c8:98:31:e5:20:
ae:d2:be:ed:f2:04:0e:ba:6c:5e:ae:9a:92:80:a2:5d:7c:12:
2e:90:32:b6:37:a5:3f:2a:9a:07:41:fc:b4:5f:7f:eb:3c:bf:
95:38:b3:c7:d5:1c:fc:d1:71:4f:97:b7:a7:fe:e7:72:9c:cb:
08:9a:4f:f4:a4:c5:5a:13:23:39:c0:57:c8:cb:eb:f2:d8:1e:
f2:01:6f:24:f4:53:8f:c4:67:a3:5e:c7:7b:d0:52:ef:8c:d9:
26:ac:b4:69:db:08:eb:b9:2a:da:cf:49:b1:a5:8b:5f:6e:b4:
c9:e0:ff:a9:1a:ba:30:6f:c8:bb:ed:91:66:49:b4:ca:b4:ba:
9a:30:4e:5d:a5:f5:45:2d:46:7c:bb:64:59:95:70:57:cf:8e:
e5:05:fe:e5:9e:78:d7:5e:ff:83:1e:28:28:a8:cd:1c:ab:aa:
88:75:8a:68
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZaQDKibOuaxA09taK2oeQN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTAyMDgxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThlOWUyOGZjMjllYTNjZjY3ZjlkMDUxZjIxZDFiNmYzOTc0OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrt2m7x8e9Qvi8rz3QP+Qj5GMSzN
sGmu8FTYfCL2eulRyYJ7iPPSdcg3Vkvrn04x7CWYx2gaIOyGgdfM8v8eGsDZbisR
5Q4U1QxRGwce344OuHWUDRcpUP2JERozzqWLFm4ubQKiFhDxOR9ZWctfA4PD5VCn
10rPk6sgXQms19ejzakZS03FiB0o/y6Fq+Kg+tCH6Lh0wXjrpjokCMo4cRg6ffTy
n1Hyw5CnWOPJD1VG7x+Pg5PW6LxZ7W+PuNMzK8nz8VD7Wj0SA0agENKp2opAAA3m
/GE1HN4rZ8+3am9hh0gmqK9KYmPZGeMDUE3N/Rm8xqTzETW7CLiJlr64iwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFOGOnij8Keo89n+dBR8h0bbzl0jiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNFk2ZUtQd3A2anoyZjUwRkh5SFJ0dk9YU09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVKwMEAFnVNgME
AFnVYgMEAFnVoTAMAwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDJAwQAbbDr
AwQA1YKCAwQA1YKVAwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQBelqZs
x4IZzTeISF4z4HwCIBonUgDUZc2u1dmWxDNumvR6GnbjlGe5It5JBuf7jbirfwIf
tyl3gl2+stzbcaVGOA4NAkGZ6aNsu8THg4qIwscZEL7HyJgx5SCu0r7t8gQOumxe
rpqSgKJdfBIukDK2N6U/KpoHQfy0X3/rPL+VOLPH1Rz80XFPl7en/udynMsImk/0
pMVaEyM5wFfIy+vy2B7yAW8k9FOPxGejXsd70FLvjNkmrLRp2wjruSraz0mxpYtf
brTJ4P+pGrowb8i77ZFmSbTKtLqaME5dpfVFLUZ8u2RZlXBXz47lBf7lnnjXXv+D
HigoqM0cq6qIdYpo
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:58:36 2025 by rpki-client