Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6gDoCD5tBRaJvwoCwao8ceUnLo0.roa
File: 6gDoCD5tBRaJvwoCwao8ceUnLo0.roa (raw, json)
Hash identifier: D+J2lxovHQHbyLJyCtPayw6w0j4YssSDZnywJ3ugm9c=
Subject key identifier: EA:00:E8:08:3E:6D:05:16:89:BF:0A:02:C1:AA:3C:71:E5:27:2E:8D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019427B6EDA32EC1462BCFCF4D59F0676F41
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6gDoCD5tBRaJvwoCwao8ceUnLo0.roa
Signing time: Thu 02 Jan 2025 15:51:27 +0000
ROA not before: Thu 02 Jan 2025 15:51:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 14:58:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:ed:a3:2e:c1:46:2b:cf:cf:4d:59:f0:67:6f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 15:51:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea00e8083e6d051689bf0a02c1aa3c71e5272e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f4:ab:d5:2f:55:6e:f5:95:89:f3:0f:7f:94:
6f:d2:0a:0f:3f:7d:39:97:98:58:cd:78:fe:de:c3:
7f:85:57:5b:7a:a6:ef:f6:d7:2d:1f:86:6c:a4:81:
27:4e:a1:c5:f4:bd:ce:e3:89:10:d0:c2:91:62:d5:
bb:84:cf:d6:f8:f2:1a:dc:2e:eb:e9:0c:43:74:ce:
f9:02:fc:df:12:ce:9f:15:94:fd:32:c3:21:85:90:
37:8c:d6:bd:a7:3b:a5:17:13:05:0c:01:3f:85:de:
5e:21:c0:46:db:f3:78:03:39:08:3c:af:48:04:28:
50:ac:9e:2e:da:56:ae:62:9e:2f:34:21:48:d4:a4:
51:1d:ca:ae:28:31:29:55:94:a6:40:fa:98:35:66:
12:10:c2:fe:7e:c2:8a:d7:7a:03:a9:49:a1:29:dd:
df:ba:98:1a:70:3a:cc:72:0f:c6:b8:e1:30:bd:fb:
db:b2:bd:53:fd:bd:ca:0c:21:fb:5f:45:96:fe:74:
6a:35:0c:d9:38:16:e2:83:21:32:c5:a7:af:bf:55:
d6:9e:ff:01:d1:84:3a:3e:21:6e:f9:0d:9b:f2:ed:
2b:ce:08:05:10:9c:66:68:ea:58:c6:5d:3c:d6:35:
33:04:9a:35:e1:ad:a0:a4:78:f8:81:cf:a3:4c:79:
1c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:00:E8:08:3E:6D:05:16:89:BF:0A:02:C1:AA:3C:71:E5:27:2E:8D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6gDoCD5tBRaJvwoCwao8ceUnLo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.172.0/22
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.40.0/23
213.210.52.0/22
213.218.210.0-213.218.212.255
213.218.215.0/24
213.218.226.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:98:0f:02:0e:d5:95:e5:9b:ed:6c:6d:8e:94:1d:95:0d:b8:
07:7f:c2:96:a1:a8:18:ba:11:5d:e1:5a:dc:a9:7d:5e:a2:df:
e5:2d:d0:6c:c1:70:44:94:67:2f:26:bc:4c:76:7f:42:a8:07:
d5:9e:e8:10:30:43:0d:e3:4d:e2:3c:28:7c:3a:51:fc:49:ce:
5a:75:70:50:c7:63:bf:a6:51:45:9e:a3:7e:a8:ab:77:f2:ef:
41:f9:74:e0:fb:1d:62:f1:8c:d6:27:e8:70:25:46:ab:c2:12:
c8:a5:5c:f7:df:0f:dc:67:38:78:d3:a9:6a:38:44:1b:76:f9:
df:a1:88:2b:d3:32:8a:b3:23:cc:27:e1:9e:7c:09:d2:9d:5e:
f8:75:33:af:3a:6c:3c:8c:57:9b:f9:f7:24:d1:7f:8b:2e:f0:
a3:98:5c:a1:95:89:d5:f5:c2:08:bf:dc:e7:99:bf:50:e5:ab:
15:9a:8c:01:ab:f7:03:f7:17:26:a7:db:3d:e2:89:b7:26:31:
38:d1:15:c3:af:69:45:75:a5:3f:93:21:da:bf:30:d6:02:3c:
57:ea:52:c2:46:0d:c4:e3:0e:29:72:8c:0c:79:a7:0d:02:90:
0a:99:2b:29:78:74:ee:e3:2c:de:61:47:ed:f1:78:d1:7b:2c:
28:53:4c:38
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQntu2jLsFGK8/PTVnwZ29BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTU1MTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAwZTgwODNlNmQwNTE2ODliZjBhMDJjMWFhM2M3MWU1MjcyZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Sr1S9VbvWVifMPf5Rv0goPP305
l5hYzXj+3sN/hVdbeqbv9tctH4ZspIEnTqHF9L3O44kQ0MKRYtW7hM/W+PIa3C7r
6QxDdM75AvzfEs6fFZT9MsMhhZA3jNa9pzulFxMFDAE/hd5eIcBG2/N4AzkIPK9I
BChQrJ4u2lauYp4vNCFI1KRRHcquKDEpVZSmQPqYNWYSEML+fsKK13oDqUmhKd3f
upgacDrMcg/GuOEwvfvbsr1T/b3KDCH7X0WW/nRqNQzZOBbigyEyxaevv1XWnv8B
0YQ6PiFu+Q2b8u0rzggFEJxmaOpYxl081jUzBJo14a2gpHj4gc+jTHkcCQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFOoA6Ag+bQUWib8KAsGqPHHlJy6NMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmdEb0NENXRCUmFKdndvQ3dhbzhjZVVuTG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAFKYCAMEAVKYsAMEAlKZiAMEAVnVLAMEAVnVMgMEAlnVOAMEAFnVgQMEAFnV
hAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aID
BABZ1aQDBABZ1acDBABZ1akDBAJZ1awDBABZ1bUDBABZ1b8wDAMEAlnVxAMEBFnV
wDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQBbbDyAwQBuTF+AwQEwmlQAwQA
1CZPAwQB1CZYAwQA1ZgrAwQB1dIoAwQC1dI0MAwDBAHV2tIDBADV2tQDBADV2tcD
BADV2uIwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAnJgP
Ag7VleWb7WxtjpQdlQ24B3/ClqGoGLoRXeFa3Kl9XqLf5S3QbMFwRJRnLya8THZ/
QqgH1Z7oEDBDDeNN4jwofDpR/EnOWnVwUMdjv6ZRRZ6jfqird/LvQfl04PsdYvGM
1ifocCVGq8ISyKVc998P3Gc4eNOpajhEG3b536GIK9MyirMjzCfhnnwJ0p1e+HUz
rzpsPIxXm/n3JNF/iy7wo5hcoZWJ1fXCCL/c55m/UOWrFZqMAav3A/cXJqfbPeKJ
tyYxONEVw69pRXWlP5Mh2r8w1gI8V+pSwkYNxOMOKXKMDHmnDQKQCpkrKXh07uMs
3mFH7fF40XssKFNMOA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:34 2025 by rpki-client