Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/67ZD0mT6oRFNxpWXZV2xN5mQhWE.roa
File: 67ZD0mT6oRFNxpWXZV2xN5mQhWE.roa (raw, json)
Hash identifier: lsrz0FAjp2lP7B9j6zl2HkKE1lEADcgXj64hKuuXw74=
Subject key identifier: EB:B6:43:D2:64:FA:A1:11:4D:C6:95:97:65:5D:B1:37:99:90:85:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190CAE7AE268AFB42735AE10C1E0B6E0070
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/67ZD0mT6oRFNxpWXZV2xN5mQhWE.roa
Signing time: Fri 19 Jul 2024 12:11:39 +0000
ROA not before: Fri 19 Jul 2024 12:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.239.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 12:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ca:e7:ae:26:8a:fb:42:73:5a:e1:0c:1e:0b:6e:00:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 19 12:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebb643d264faa1114dc69597655db13799908561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0d:e3:a3:ef:09:b4:e8:31:a7:50:b8:14:cd:
b9:75:bb:75:f2:5a:cb:cc:d8:25:36:23:f3:d7:7c:
eb:a4:a6:58:df:ae:52:11:10:50:2e:46:d2:42:58:
0c:3c:a8:b2:a1:83:0c:26:67:2b:16:95:f3:26:02:
6c:35:a0:dd:dc:ef:31:0c:a9:cc:43:c5:67:b8:57:
33:7f:84:b0:41:cf:10:43:65:12:88:1d:8b:47:5b:
9c:12:e9:b8:db:42:68:d6:ae:5d:9f:88:1e:98:39:
cb:35:07:ec:d8:f2:21:6d:dd:18:a1:a6:eb:61:b4:
1e:03:22:7b:d6:c5:b3:a6:d2:d3:d9:f5:20:44:9f:
72:3c:10:49:76:38:b4:a0:1d:df:90:eb:47:96:8c:
7b:56:9d:5a:84:e5:56:af:a2:59:44:5c:a5:61:d9:
a3:80:64:c3:d6:07:cd:d7:0d:73:82:d2:fd:3e:86:
66:ae:d1:4c:0f:fd:96:ea:89:86:21:e3:cf:8c:bb:
4a:04:4c:04:67:31:5b:89:79:53:50:3c:f9:34:be:
3f:79:c3:b4:6d:af:78:27:1e:44:2d:fb:61:fb:ec:
bb:9f:52:cb:7f:9c:4f:fd:33:fe:ca:b1:b6:b1:1e:
71:1f:eb:39:b2:d0:48:c4:5f:6b:ef:6c:0f:56:6a:
56:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B6:43:D2:64:FA:A1:11:4D:C6:95:97:65:5D:B1:37:99:90:85:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/67ZD0mT6oRFNxpWXZV2xN5mQhWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
109.176.239.0/24
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
15:5b:9e:75:26:38:8e:71:22:95:1b:ce:4f:d5:84:2b:cd:67:
74:c1:48:d6:88:6e:61:fd:f2:19:7b:df:03:41:68:81:67:d0:
5f:92:f9:fe:d0:4d:ac:54:db:86:4a:3c:7b:3f:68:f2:80:56:
91:88:83:8d:ac:e7:a2:55:f6:b1:21:24:bf:1f:16:95:49:b9:
5b:9e:17:85:1d:8f:62:a6:1a:2a:b3:4b:c8:93:bb:14:f2:d2:
a7:d4:7b:3d:56:fc:54:e6:3a:50:be:a7:46:dd:b1:4b:89:96:
b5:b3:a3:ea:64:c9:4f:dc:4f:9b:7e:ca:ff:02:bd:9b:9c:6f:
7f:4b:53:0e:b9:42:bd:09:6b:f7:55:c0:6f:c5:50:a3:ea:09:
af:f5:60:63:55:ad:44:d9:90:e9:8a:b6:ed:74:71:dd:9d:6d:
77:1c:5b:7d:17:1e:b8:d1:7c:74:3a:5a:10:7b:45:c5:3a:40:
07:33:0e:9b:5a:5b:13:51:b6:53:bb:25:f0:38:4e:a1:5c:44:
db:d2:43:79:1c:c0:58:51:40:2a:9e:9c:02:c8:8f:28:9c:49:
5d:17:eb:8d:65:fe:5f:0d:0b:27:76:13:b5:78:3f:93:ef:2f:
d1:1f:23:3e:a6:3a:0d:ca:f3:f8:f9:f4:42:df:0f:e0:2f:ee:
7c:61:b0:18
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZDK564mivtCc1rhDB4LbgBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzE5MTIxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI2NDNkMjY0ZmFhMTExNGRjNjk1OTc2NTVkYjEzNzk5OTA4NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w3jo+8JtOgxp1C4FM25dbt18lrL
zNglNiPz13zrpKZY365SERBQLkbSQlgMPKiyoYMMJmcrFpXzJgJsNaDd3O8xDKnM
Q8VnuFczf4SwQc8QQ2USiB2LR1ucEum420Jo1q5dn4gemDnLNQfs2PIhbd0Yoabr
YbQeAyJ71sWzptLT2fUgRJ9yPBBJdji0oB3fkOtHlox7Vp1ahOVWr6JZRFylYdmj
gGTD1gfN1w1zgtL9PoZmrtFMD/2W6omGIePPjLtKBEwEZzFbiXlTUDz5NL4/ecO0
ba94Jx5ELfth++y7n1LLf5xP/TP+yrG2sR5xH+s5stBIxF9r72wPVmpWwwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFOu2Q9Jk+qERTcaVl2VdsTeZkIVhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjdaRDBtVDZvUkZOeHBXWFpWMnhONW1RaFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAVKY
sAMEAlKZiAMEAVnVMgMEAlnVODAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwD
BAJZ1cQDBARZ1cADBANZ1egDBANtsBADBAJtsMwDBABtsO8DBAG5MX4DBATCaVAD
BAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQELBQADggEBABVbnnUm
OI5xIpUbzk/VhCvNZ3TBSNaIbmH98hl73wNBaIFn0F+S+f7QTaxU24ZKPHs/aPKA
VpGIg42s56JV9rEhJL8fFpVJuVueF4Udj2KmGiqzS8iTuxTy0qfUez1W/FTmOlC+
p0bdsUuJlrWzo+pkyU/cT5t+yv8CvZucb39LUw65Qr0Ja/dVwG/FUKPqCa/1YGNV
rUTZkOmKtu10cd2dbXccW30XHrjRfHQ6WhB7RcU6QAczDptaWxNRtlO7JfA4TqFc
RNvSQ3kcwFhRQCqenALIjyicSV0X641l/l8NCyd2E7V4P5PvL9EfIz6mOg3K8/j5
9ELfD+Av7nxhsBg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:54 2025 by rpki-client