Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7pLlaKra966E5WfqeNZX3HymOO0.roa
File: 7pLlaKra966E5WfqeNZX3HymOO0.roa (raw, json)
Hash identifier: G+MN9RXFIlbEyUcG+4Lc3I0fk4dp1jMTudMrdYXU5VM=
Subject key identifier: EE:92:E5:68:AA:DA:F7:AE:84:E5:67:EA:78:D6:57:DC:7C:A6:38:ED
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01943AF0AE07F8D028764C53BBCEA560EAE8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7pLlaKra966E5WfqeNZX3HymOO0.roa
Signing time: Mon 06 Jan 2025 09:27:19 +0000
ROA not before: Mon 06 Jan 2025 09:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.220.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 12:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3a:f0:ae:07:f8:d0:28:76:4c:53:bb:ce:a5:60:ea:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 6 09:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee92e568aadaf7ae84e567ea78d657dc7ca638ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:94:a8:c2:19:22:8b:58:51:41:b3:c3:c0:e2:
30:15:cd:75:82:ed:18:44:51:22:fc:f9:1e:c6:79:
7b:3f:4d:28:95:e0:44:8e:be:5e:7b:1f:dd:ee:0d:
fb:4a:55:36:43:8e:21:c7:be:89:f5:96:49:8e:be:
21:2b:f8:51:15:3a:7d:68:c5:ef:21:05:f9:7f:34:
b8:5b:83:02:8e:25:9f:aa:a1:f5:dd:86:85:bc:dd:
9b:54:e6:4a:68:b9:88:0e:70:1c:5c:80:5b:60:f1:
f2:c7:47:59:17:f9:7f:41:93:d3:c6:b5:9e:d1:b5:
5e:05:94:13:28:92:c4:12:a5:57:69:41:b9:e0:b2:
50:a8:c0:c5:5e:da:0b:ee:28:22:75:9a:16:94:0b:
b0:cd:70:4c:6d:35:49:5c:c5:c1:4f:09:c0:24:a3:
6f:8e:ab:71:03:9d:14:2c:19:07:d4:fa:69:79:0a:
71:dc:64:cc:4e:29:66:e2:9d:1f:32:48:2a:f5:b5:
46:f2:fb:59:4c:d6:64:fe:5b:63:aa:d1:e3:22:f6:
3e:6f:a6:85:bf:39:59:a2:f7:2b:9b:93:d8:56:a6:
87:2b:2d:f6:dd:ee:2d:84:93:ca:3a:a5:02:94:64:
fc:0d:7d:51:46:19:d8:6b:ad:0f:bf:4f:5d:ed:d6:
40:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:92:E5:68:AA:DA:F7:AE:84:E5:67:EA:78:D6:57:DC:7C:A6:38:ED
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7pLlaKra966E5WfqeNZX3HymOO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.220.0/24
89.213.6.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.172.0/22
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.210.0-213.218.212.255
213.218.215.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
92:f7:d1:79:2d:d4:95:8b:c8:85:20:cd:6f:02:76:d6:35:2b:
90:c6:7e:80:71:27:0a:c4:aa:01:c9:ff:0d:0e:19:42:14:b5:
e5:05:6d:5f:70:eb:79:ec:e5:4c:70:53:1f:f7:fb:f2:1e:25:
9f:54:5c:ba:f7:9f:52:f4:04:39:bf:ea:0b:c7:db:5f:97:16:
59:3c:ee:86:18:3f:dd:af:f1:7d:4a:de:b5:c0:a0:71:76:fc:
47:5a:b1:f8:c1:df:a7:d3:3b:df:aa:e5:b1:c3:9c:45:a5:70:
28:e1:5b:97:3c:12:f4:ad:8c:2f:7b:4b:b8:f9:71:68:2a:6a:
d7:c9:b3:78:17:fa:1f:57:8f:b1:86:4d:d6:75:a7:70:d0:24:
22:62:db:36:58:69:1e:ec:2e:11:8d:8c:2a:7f:97:be:d0:c6:
2e:9f:38:3d:d8:9d:de:ea:3b:4f:b4:94:ac:cb:7b:cb:28:33:
6a:d9:a2:90:24:65:28:0b:89:5f:d4:6f:7e:91:0d:23:7b:0b:
d4:11:79:72:37:3b:90:55:90:6d:f8:b9:a4:67:a0:45:48:55:
53:77:27:68:55:d3:72:38:f7:ba:be:39:92:4e:4b:0f:d8:bd:
2d:88:65:88:08:8e:10:80:d0:20:68:ed:16:92:55:79:88:54:
c4:4f:da:27
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQ68K4H+NAodkxTu86lYOroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTA2MDkyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkyZTU2OGFhZGFmN2FlODRlNTY3ZWE3OGQ2NTdkYzdjYTYzOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JSowhkii1hRQbPDwOIwFc11gu0Y
RFEi/Pkexnl7P00oleBEjr5eex/d7g37SlU2Q44hx76J9ZZJjr4hK/hRFTp9aMXv
IQX5fzS4W4MCjiWfqqH13YaFvN2bVOZKaLmIDnAcXIBbYPHyx0dZF/l/QZPTxrWe
0bVeBZQTKJLEEqVXaUG54LJQqMDFXtoL7igidZoWlAuwzXBMbTVJXMXBTwnAJKNv
jqtxA50ULBkH1PppeQpx3GTMTilm4p0fMkgq9bVG8vtZTNZk/ltjqtHjIvY+b6aF
vzlZovcrm5PYVqaHKy323e4thJPKOqUClGT8DX1RRhnYa60Pv09d7dZA0wIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFO6S5Wiq2veuhOVn6njWV9x8pjjtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN3BMbGFLcmE5NjZFNVdmcWVOWlgzSHltT08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAFKYCAMEAVKYsAMEAlKZiAMEAFKZ3AMEAFnVBgMEAVnVLAMEAVnVMgMEAlnV
OAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQD
BAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akDBAJZ1awDBABZ1bUDBABZ1b8w
DAMEAlnVxAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQBbbDyAwQB
uTF+AwQEwmlQAwQA1CZPAwQB1CZYAwQA1ZgrAwQC1dI0MAwDBAHV2tIDBADV2tQD
BADV2tcwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAkvfR
eS3UlYvIhSDNbwJ21jUrkMZ+gHEnCsSqAcn/DQ4ZQhS15QVtX3DreezlTHBTH/f7
8h4ln1RcuvefUvQEOb/qC8fbX5cWWTzuhhg/3a/xfUretcCgcXb8R1qx+MHfp9M7
36rlscOcRaVwKOFblzwS9K2ML3tLuPlxaCpq18mzeBf6H1ePsYZN1nWncNAkImLb
NlhpHuwuEY2MKn+XvtDGLp84Pdid3uo7T7SUrMt7yygzatmikCRlKAuJX9RvfpEN
I3sL1BF5cjc7kFWQbfi5pGegRUhVU3cnaFXTcjj3ur45kk5LD9i9LYhliAiOEIDQ
IGjtFpJVeYhUxE/aJw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:36 2025 by rpki-client