Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/66ZGZC24QOITJYH4my1KKryDLOk.roa
File: 66ZGZC24QOITJYH4my1KKryDLOk.roa (raw, json)
Hash identifier: fLwd9laoFaQo2Hitl88jDdz4G9bAYwkF0zlCvC6Y/XM=
Subject key identifier: EB:A6:46:64:2D:B8:40:E2:13:25:81:F8:9B:2D:4A:2A:BC:83:2C:E9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE216AD0C45BF5A73929A0402BBB72B79
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/66ZGZC24QOITJYH4my1KKryDLOk.roa
Signing time: Tue 04 Jun 2024 07:11:27 +0000
ROA not before: Tue 04 Jun 2024 07:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 82.152.110.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 07:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:16:ad:0c:45:bf:5a:73:92:9a:04:02:bb:b7:2b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 07:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eba646642db840e2132581f89b2d4a2abc832ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6b:46:fb:52:e2:2a:d4:0a:34:a8:32:de:43:
d2:60:37:60:10:9c:7b:be:ad:3c:09:77:b9:a2:39:
8c:32:85:a1:16:f4:08:3c:40:b2:fd:60:96:f7:3e:
d6:97:ce:a8:d4:e1:8e:02:25:34:ab:b3:35:af:2f:
7c:72:58:7d:70:a3:b1:28:fb:17:cf:dd:55:10:13:
25:02:65:7e:9e:c7:0d:88:aa:a3:cf:ee:cd:50:d5:
ad:5d:2e:aa:a2:ca:07:20:21:21:4e:dd:f1:cd:a0:
f8:cf:bf:d7:c8:f5:7d:3d:be:84:b7:70:33:b7:86:
70:08:64:6d:1f:4d:7b:09:15:65:0c:01:ed:a3:9c:
31:80:a6:6f:53:63:9b:32:86:3e:68:8f:42:b7:8d:
07:6c:7d:3f:ba:3e:03:75:79:8c:99:5d:f5:69:80:
8e:2f:50:73:39:0d:fc:41:38:c7:15:35:8d:e7:b5:
44:27:ff:61:bc:cb:e1:ba:2a:b2:9e:54:95:d3:24:
ca:6b:71:de:bd:c7:f4:af:34:9a:02:b3:e8:0a:82:
2e:9c:ba:59:f9:b4:25:e1:3c:fb:aa:65:10:72:50:
6b:60:1d:bc:4d:16:9a:f9:cb:9a:0d:ee:88:b4:48:
be:b4:0a:54:00:98:04:08:f4:ae:36:2e:87:71:57:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A6:46:64:2D:B8:40:E2:13:25:81:F8:9B:2D:4A:2A:BC:83:2C:E9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/66ZGZC24QOITJYH4my1KKryDLOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.110.0/24
82.153.66.0/24
213.218.213.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a5:56:4c:55:e7:39:38:57:f3:fe:70:72:d4:9a:42:67:27:
72:51:72:8c:93:bb:dc:62:7b:9f:9f:92:36:96:c6:12:15:f7:
d2:f1:0a:e2:3d:d9:53:62:f6:b8:e8:56:39:ae:73:bc:5b:3f:
96:55:02:3d:eb:80:2f:90:5d:b6:1e:04:97:c1:b0:32:6d:ab:
70:26:7c:d7:d1:9e:fa:a5:0f:68:e7:41:ca:ff:07:9a:b8:cd:
b4:18:58:7f:13:c9:fd:17:7f:53:de:c9:aa:77:10:3a:6a:70:
0a:3c:94:ff:0d:a3:02:e9:49:00:b2:eb:4f:db:ff:9a:b1:ba:
89:11:ad:d1:b0:90:db:73:7f:91:83:b6:f4:2e:c6:af:70:8d:
d6:a6:ce:00:74:36:5f:b3:b0:f2:63:b6:7d:b5:72:d2:17:dc:
3c:af:a2:d6:15:46:44:a1:04:fa:4c:6b:74:83:39:21:42:84:
95:bb:66:3d:e4:63:51:0f:db:79:89:40:9d:e1:bd:a9:15:8a:
44:ed:58:66:36:d0:aa:4f:d8:16:4b:13:2a:2b:3f:b1:89:45:
41:68:e2:f0:25:05:b7:b1:d6:fe:3d:44:bf:30:97:37:6f:43:
0e:f4:7c:99:63:cd:00:88:a0:30:e5:74:97:33:d2:51:68:84:
56:21:dc:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/iFq0MRb9ac5KaBAK7tyt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA0MDcxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE2NDY2NDJkYjg0MGUyMTMyNTgxZjg5YjJkNGEyYWJjODMyY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GtG+1LiKtQKNKgy3kPSYDdgEJx7
vq08CXe5ojmMMoWhFvQIPECy/WCW9z7Wl86o1OGOAiU0q7M1ry98clh9cKOxKPsX
z91VEBMlAmV+nscNiKqjz+7NUNWtXS6qosoHICEhTt3xzaD4z7/XyPV9Pb6Et3Az
t4ZwCGRtH017CRVlDAHto5wxgKZvU2ObMoY+aI9Ct40HbH0/uj4DdXmMmV31aYCO
L1BzOQ38QTjHFTWN57VEJ/9hvMvhuiqynlSV0yTKa3Hevcf0rzSaArPoCoIunLpZ
+bQl4Tz7qmUQclBrYB28TRaa+cuaDe6ItEi+tApUAJgECPSuNi6HcVcXJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOumRmQtuEDiEyWB+JstSiq8gyzpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjZaR1pDMjRRT0lUSllING15MUtLcnlETE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUphuAwQA
UplCAwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQBJpVZMVec5OFfz/nBy1JpCZydy
UXKMk7vcYnufn5I2lsYSFffS8QriPdlTYva46FY5rnO8Wz+WVQI964AvkF22HgSX
wbAybatwJnzX0Z76pQ9o50HK/weauM20GFh/E8n9F39T3smqdxA6anAKPJT/DaMC
6UkAsutP2/+asbqJEa3RsJDbc3+Rg7b0LsavcI3Wps4AdDZfs7DyY7Z9tXLSF9w8
r6LWFUZEoQT6TGt0gzkhQoSVu2Y95GNRD9t5iUCd4b2pFYpE7VhmNtCqT9gWSxMq
Kz+xiUVBaOLwJQW3sdb+PUS/MJc3b0MO9HyZY80AiKAw5XSXM9JRaIRWIdz9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:44 2025 by rpki-client