Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8lDmSQRIoxZtbwOd12mw5G82Zbw.roa
File: 8lDmSQRIoxZtbwOd12mw5G82Zbw.roa (raw, json)
Hash identifier: ME31cxYnbqMJZ+z+OgGCnM54TgiAi4ZT8xY/p8Qdo9w=
Subject key identifier: F2:50:E6:49:04:48:A3:16:6D:6F:03:9D:D7:69:B0:E4:6F:36:65:BC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194DCD2C20EA7EE553EDE18F318D9E50F83
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8lDmSQRIoxZtbwOd12mw5G82Zbw.roa
Signing time: Thu 06 Feb 2025 19:53:07 +0000
ROA not before: Thu 06 Feb 2025 19:53:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
89.213.0.0/22 maxlen: 24
194.105.76.0/22 maxlen: 24
213.130.132.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 09 Mar 2025 14:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:d2:c2:0e:a7:ee:55:3e:de:18:f3:18:d9:e5:0f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 6 19:53:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f250e6490448a3166d6f039dd769b0e46f3665bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8b:21:b4:1e:03:27:f6:8b:99:3f:9e:14:b0:
fd:c4:24:d1:06:15:b2:06:84:ad:e1:b2:e5:e7:b9:
53:06:29:57:e3:b7:fc:af:8b:a5:73:2b:ee:d8:25:
f6:4c:81:37:00:c6:9e:e1:80:0c:83:17:9b:ac:8c:
b6:e4:49:ad:ae:80:dc:c6:b7:30:cc:75:b1:6b:89:
5a:92:03:c5:70:05:d0:6d:8b:33:1b:f5:e7:82:3f:
4d:f7:3c:6a:a2:45:dd:e2:37:9b:be:04:8b:c5:0b:
47:f5:a9:34:45:77:03:ed:44:69:b5:c6:ce:6b:01:
84:5d:59:1c:d7:a8:a6:07:a6:b7:f1:fb:f9:9e:94:
2a:63:87:0a:56:e9:49:d2:0a:b3:1f:b3:45:f6:cf:
bc:4a:93:7a:dd:d2:15:d9:8e:96:af:30:ea:a6:41:
5a:61:01:5b:2d:83:54:4b:7b:d5:09:70:24:c2:6f:
38:9a:5c:8f:8c:be:5d:ba:a3:e4:ff:74:d8:de:44:
a0:ac:17:18:92:ac:e5:02:4d:b8:3b:79:c8:33:9b:
7d:b2:54:2a:01:69:14:e4:bc:30:dc:5a:f4:0c:09:
88:71:d5:78:16:90:bb:8f:a5:e4:0d:87:58:8d:f7:
83:e6:57:a3:77:dd:de:dd:57:01:34:cf:9f:1d:d5:
d3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:50:E6:49:04:48:A3:16:6D:6F:03:9D:D7:69:B0:E4:6F:36:65:BC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8lDmSQRIoxZtbwOd12mw5G82Zbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
89.213.0.0/22
194.105.76.0/22
213.130.132.0/22
213.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
51:d2:be:bb:53:83:40:fc:e9:18:8c:98:4a:90:a6:2f:cf:ca:
e6:65:61:28:74:44:e0:a5:ef:d9:1a:f7:27:14:a5:0d:90:c9:
48:ba:c4:f0:3c:b9:4f:d7:22:a2:9b:c2:e5:e4:a8:bc:0b:f6:
97:1e:0a:d4:67:89:de:22:ac:14:1f:9a:00:e5:e9:9b:2c:ec:
ed:14:21:ae:d3:a6:fc:71:cf:8f:f1:a4:73:be:58:02:32:b0:
7f:95:c1:b3:98:a5:5d:e4:c2:61:80:8b:70:9b:9a:c7:7f:70:
c1:bc:c9:2b:70:a6:a5:34:f0:e0:74:98:09:50:e0:38:50:fe:
7a:66:8d:bf:53:b3:65:ec:09:00:ba:4a:b0:bc:b5:a6:fc:d5:
0e:c6:4d:ba:09:66:f5:3c:5c:a5:fb:25:ab:8a:0b:c5:6d:b0:
b5:28:0c:15:e8:da:d3:34:ef:27:0a:a5:b7:00:58:bd:56:95:
5d:7c:75:3e:1c:b2:fc:98:ec:5a:40:71:62:51:2c:53:c9:2e:
f9:d5:3e:6d:51:ea:07:5c:ec:4e:29:4b:33:9d:56:a5:b7:2d:
c9:5a:5d:21:27:77:43:9d:95:f2:51:fc:9d:46:80:bd:28:5b:
98:22:44:6a:3b:57:a8:c3:e9:8e:17:3c:db:f9:6e:15:d9:6a:
ad:95:56:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZTc0sIOp+5VPt4Y8xjZ5Q+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA2MTk1MzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUwZTY0OTA0NDhhMzE2NmQ2ZjAzOWRkNzY5YjBlNDZmMzY2NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYshtB4DJ/aLmT+eFLD9xCTRBhWy
BoSt4bLl57lTBilX47f8r4ulcyvu2CX2TIE3AMae4YAMgxebrIy25EmtroDcxrcw
zHWxa4lakgPFcAXQbYszG/Xngj9N9zxqokXd4jebvgSLxQtH9ak0RXcD7URptcbO
awGEXVkc16imB6a38fv5npQqY4cKVulJ0gqzH7NF9s+8SpN63dIV2Y6WrzDqpkFa
YQFbLYNUS3vVCXAkwm84mlyPjL5duqPk/3TY3kSgrBcYkqzlAk24O3nIM5t9slQq
AWkU5Lww3Fr0DAmIcdV4FpC7j6XkDYdYjfeD5lejd93e3VcBNM+fHdXTnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPJQ5kkESKMWbW8DnddpsORvNmW8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOGxEbVNRUklveFp0YndPZDEybXc1RzgyWmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUpnYAwQC
WdUAAwQCwmlMAwQC1YKEAwQC1dr0MA0GCSqGSIb3DQEBCwUAA4IBAQBR0r67U4NA
/OkYjJhKkKYvz8rmZWEodETgpe/ZGvcnFKUNkMlIusTwPLlP1yKim8Ll5Ki8C/aX
HgrUZ4neIqwUH5oA5embLOztFCGu06b8cc+P8aRzvlgCMrB/lcGzmKVd5MJhgItw
m5rHf3DBvMkrcKalNPDgdJgJUOA4UP56Zo2/U7Nl7AkAukqwvLWm/NUOxk26CWb1
PFyl+yWrigvFbbC1KAwV6NrTNO8nCqW3AFi9VpVdfHU+HLL8mOxaQHFiUSxTyS75
1T5tUeoHXOxOKUsznValty3JWl0hJ3dDnZXyUfydRoC9KFuYIkRqO1eow+mOFzzb
+W4V2WqtlVb7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:56 2025 by rpki-client