Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5QMwxhnmLV5vIL-pdtHWNsOwGAo.roa
File: 5QMwxhnmLV5vIL-pdtHWNsOwGAo.roa (raw, json)
Hash identifier: OYFUQLSw0gtNdvVQ7gnLAcr98fGnpFusc2PrEjgoxUY=
Subject key identifier: E5:03:30:C6:19:E6:2D:5E:6F:20:BF:A9:76:D1:D6:36:C3:B0:18:0A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191ADDACC0D9969206A68EFD503A99F9E60
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5QMwxhnmLV5vIL-pdtHWNsOwGAo.roa
Signing time: Sun 01 Sep 2024 13:51:22 +0000
ROA not before: Sun 01 Sep 2024 13:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 14:36:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ad:da:cc:0d:99:69:20:6a:68:ef:d5:03:a9:9f:9e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 1 13:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e50330c619e62d5e6f20bfa976d1d636c3b0180a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:69:65:22:dd:6c:f3:7e:a6:db:22:bb:7b:4a:
f6:f9:db:c2:2b:f7:1d:c1:17:7c:ba:15:6d:68:43:
70:ee:c0:d3:f0:b8:6c:78:32:60:19:8c:75:20:7a:
10:29:07:b6:54:a7:95:32:35:a5:91:37:7c:08:81:
30:5c:f1:dd:fb:f7:20:ce:c1:ad:4a:6f:27:a8:b9:
6e:be:49:f2:d5:75:52:fc:96:9b:6c:17:55:b1:e7:
72:47:ea:97:a1:5b:53:7a:bb:6f:7b:e7:61:29:47:
bc:81:b2:cc:cf:11:1d:bb:6c:6c:5b:3d:29:6a:7d:
94:5d:20:00:ee:83:f1:34:64:67:d4:83:19:c0:63:
05:e0:68:19:d6:8a:6c:91:74:00:39:d3:0b:87:32:
e0:28:ee:23:56:ee:e4:b5:74:c1:1e:1f:61:03:6e:
30:58:5a:ec:41:7c:7b:03:57:ea:dd:d5:9a:9d:20:
90:ac:c3:21:c5:58:84:b2:a3:ee:c1:a5:f3:c2:68:
e4:de:1b:60:cb:cd:f5:88:00:a4:71:2f:0c:b0:75:
e7:c9:88:ad:00:2f:b2:02:38:b0:4a:2a:d0:92:88:
3f:b2:a3:5f:0a:a7:5b:87:76:6f:c0:cc:24:04:0b:
ef:a9:e9:c1:1d:8c:9e:37:97:5f:8a:a6:9b:6a:47:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:03:30:C6:19:E6:2D:5E:6F:20:BF:A9:76:D1:D6:36:C3:B0:18:0A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5QMwxhnmLV5vIL-pdtHWNsOwGAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.32.0/19
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
94:94:92:67:d1:69:cd:1f:2d:19:56:eb:1b:e9:35:6c:5b:81:
02:e6:f9:29:c3:24:33:2b:5d:a9:9e:10:c3:5e:2b:57:c5:e0:
3b:25:7c:b8:af:85:7a:b2:b8:7b:bf:af:c6:0c:ed:5f:7b:c9:
79:4a:d4:2d:8c:cb:14:65:3a:74:21:4f:86:37:d1:7e:6e:b1:
4f:ce:53:6c:66:9a:c3:a2:20:06:18:9b:3a:9f:dc:00:fc:9f:
81:45:a5:96:88:a7:d4:7d:28:1e:17:c1:a7:33:9f:ca:61:89:
d4:86:79:04:04:4f:c5:bf:3e:a6:17:6c:d2:af:a8:b1:3e:09:
d6:26:86:1e:b4:1a:5c:1a:04:ea:ca:1a:0d:ba:c7:2c:f0:3d:
45:c6:e7:7a:98:55:85:33:b6:47:03:c3:04:a5:8f:59:43:08:
52:f3:a2:9a:54:a5:5b:ad:c4:77:4f:dd:be:c5:ab:f1:57:b6:
f1:27:82:82:6d:00:2c:6d:63:18:94:03:16:7c:29:f4:6f:60:
d3:5a:df:93:5a:4b:76:91:35:b9:05:3f:44:2b:84:7b:dc:7a:
9b:f7:ed:28:8c:93:83:de:76:e5:e8:e0:c7:ab:f0:51:3e:07:
8b:28:87:eb:61:c7:15:49:dc:93:bc:20:b1:84:25:ba:e1:c4:
de:02:a3:a9
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZGt2swNmWkgamjv1QOpn55gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAxMTM1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTAzMzBjNjE5ZTYyZDVlNmYyMGJmYTk3NmQxZDYzNmMzYjAxODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WllIt1s836m2yK7e0r2+dvCK/cd
wRd8uhVtaENw7sDT8LhseDJgGYx1IHoQKQe2VKeVMjWlkTd8CIEwXPHd+/cgzsGt
Sm8nqLluvkny1XVS/JabbBdVsedyR+qXoVtTertve+dhKUe8gbLMzxEdu2xsWz0p
an2UXSAA7oPxNGRn1IMZwGMF4GgZ1opskXQAOdMLhzLgKO4jVu7ktXTBHh9hA24w
WFrsQXx7A1fq3dWanSCQrMMhxViEsqPuwaXzwmjk3htgy831iACkcS8MsHXnyYit
AC+yAjiwSirQkog/sqNfCqdbh3ZvwMwkBAvvqenBHYyeN5dfiqabakcBwQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFOUDMMYZ5i1ebyC/qXbR1jbDsBgKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNVFNd3hobm1MVjV2SUwtcGR0SFdOc093R0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcowDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVKwMEAFnVYgME
AFnVoTAMAwQDWdXoAwQBWdXsAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKVAwQA1drW
AwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQCUlJJn0WnNHy0ZVusb6TVsW4EC5vkp
wyQzK12pnhDDXitXxeA7JXy4r4V6srh7v6/GDO1fe8l5StQtjMsUZTp0IU+GN9F+
brFPzlNsZprDoiAGGJs6n9wA/J+BRaWWiKfUfSgeF8GnM5/KYYnUhnkEBE/Fvz6m
F2zSr6ixPgnWJoYetBpcGgTqyhoNuscs8D1Fxud6mFWFM7ZHA8MEpY9ZQwhS86Ka
VKVbrcR3T92+xavxV7bxJ4KCbQAsbWMYlAMWfCn0b2DTWt+TWkt2kTW5BT9EK4R7
3Hqb9+0ojJOD3nbl6ODHq/BRPgeLKIfrYccVSdyTvCCxhCW64cTeAqOp
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:13 2025 by rpki-client