Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8vUL5V8pPGWV-BhuQ90JIni3CMU.roa
File: 8vUL5V8pPGWV-BhuQ90JIni3CMU.roa (raw, json)
Hash identifier: upeXnCd7K+bXGDLSJA6Zdt8k6QkGZ7MgKp69CKsdTUc=
Subject key identifier: F2:F5:0B:E5:5F:29:3C:65:95:F8:18:6E:43:DD:09:22:78:B7:08:C5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01909142E60764CC8306987762207BD8BB8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8vUL5V8pPGWV-BhuQ90JIni3CMU.roa
Signing time: Mon 08 Jul 2024 07:33:18 +0000
ROA not before: Mon 08 Jul 2024 07:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 12:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:42:e6:07:64:cc:83:06:98:77:62:20:7b:d8:bb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 8 07:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2f50be55f293c6595f8186e43dd092278b708c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9b:85:15:a7:5a:fa:72:84:20:de:60:d3:3b:
e6:56:9f:35:25:9d:ff:4c:2c:c5:91:d6:8b:19:da:
ce:ed:d6:50:0b:9c:37:4e:f6:7d:60:35:96:ff:95:
f5:2b:00:ad:8c:6a:de:4e:46:9e:5a:37:2c:bf:0f:
49:88:25:c0:bd:6c:e2:32:e6:5a:6c:5f:19:3e:22:
24:e9:58:e1:51:6a:a9:47:f4:78:78:1a:d7:80:54:
9b:c5:dc:b9:53:9a:15:40:34:da:b4:df:6b:04:79:
7a:a7:94:63:c5:47:50:d9:45:59:66:17:f5:2f:b6:
18:03:6a:41:d2:9a:6c:b8:1d:86:a0:5e:7b:27:12:
3c:00:34:2b:79:bd:27:ea:64:62:76:64:e5:07:df:
a1:22:1e:99:b9:45:98:8c:47:b4:0b:45:38:b8:34:
42:6e:f3:d0:e4:9e:f7:1a:39:f0:f0:cc:df:f7:34:
7d:f5:19:ca:13:88:7d:7b:0f:44:00:da:b9:af:3e:
60:d1:26:6d:f7:66:16:59:ae:91:2e:e4:a6:e3:fc:
00:71:f1:db:ee:e7:21:48:ff:69:e0:ec:d6:5a:32:
96:c8:ae:9a:86:2d:15:b5:36:35:b6:c6:7e:d6:ec:
0f:7d:c8:35:17:2c:79:4c:0a:9a:3d:77:87:44:4e:
2d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F5:0B:E5:5F:29:3C:65:95:F8:18:6E:43:DD:09:22:78:B7:08:C5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8vUL5V8pPGWV-BhuQ90JIni3CMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0/23
82.152.131.0/24
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
82.163.0.0/24
89.213.197.0/24
109.176.193.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.63.0/24
213.218.211.0/24
213.218.224.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
05:69:e8:c5:ff:1e:8e:ea:d6:b5:a2:92:f6:e7:df:16:66:39:
c7:a5:a9:8b:e1:48:8f:1e:a5:f6:53:60:ff:13:f3:41:f8:9a:
ca:74:fb:3e:ad:63:97:50:6e:b0:d7:ad:57:ce:38:22:f0:5b:
f1:1f:ad:15:9e:04:ba:38:15:25:6d:49:9e:31:fd:1d:8d:c8:
f1:06:8a:98:34:8a:eb:90:62:f1:38:c1:9d:f5:f8:89:72:a8:
b1:10:b8:96:f0:92:b5:62:98:5b:12:05:56:ab:a3:e5:68:f6:
51:4f:b8:2b:a4:e3:a5:50:67:9e:d1:3d:b0:0b:7e:d7:82:74:
8a:de:47:58:6a:1e:8c:cb:b4:e8:e5:b0:71:f7:a2:ee:25:9c:
bd:f5:de:2d:f7:66:a5:57:85:76:5d:1c:73:7b:2e:f0:59:98:
eb:62:42:6f:80:4d:75:14:5d:2c:95:3f:61:f1:0f:35:79:e0:
b8:87:b0:c2:e1:d4:e0:51:86:f9:0d:5d:64:20:9b:0c:77:14:
a2:1d:ad:62:62:ff:fb:85:26:53:15:13:ad:8a:d9:04:31:bf:
cd:75:a3:83:19:33:73:ae:45:77:68:02:c8:42:7e:f1:e7:61:
84:e8:93:93:72:3a:9f:ed:ac:ca:eb:b5:c3:bc:03:ae:20:e3:
bf:bb:ea:d8
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZCRQuYHZMyDBph3YiB72LuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzA4MDczMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY1MGJlNTVmMjkzYzY1OTVmODE4NmU0M2RkMDkyMjc4YjcwOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15uFFada+nKEIN5g0zvmVp81JZ3/
TCzFkdaLGdrO7dZQC5w3TvZ9YDWW/5X1KwCtjGreTkaeWjcsvw9JiCXAvWziMuZa
bF8ZPiIk6VjhUWqpR/R4eBrXgFSbxdy5U5oVQDTatN9rBHl6p5RjxUdQ2UVZZhf1
L7YYA2pB0ppsuB2GoF57JxI8ADQreb0n6mRidmTlB9+hIh6ZuUWYjEe0C0U4uDRC
bvPQ5J73Gjnw8Mzf9zR99RnKE4h9ew9EANq5rz5g0SZt92YWWa6RLuSm4/wAcfHb
7uchSP9p4OzWWjKWyK6ahi0VtTY1tsZ+1uwPfcg1Fyx5TAqaPXeHRE4tEQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPL1C+VfKTxllfgYbkPdCSJ4twjFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOHZVTDVWOHBQR1dWLUJodVE5MEpJbmkzQ01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFGoegME
AVKYBAMEAFKYgwMEAFKZmQMEAFKZnAMEAFKZyAMEAFKjAAMEAFnVxQMEAG2wwTAM
AwQAbbDlAwQAbbDmAwQAbbD0AwQA1CZPAwQB1YKWAwQA1dI/AwQA1drTAwQA1drg
AwQA1drpMA0GCSqGSIb3DQEBCwUAA4IBAQAFaejF/x6O6ta1opL2598WZjnHpamL
4UiPHqX2U2D/E/NB+JrKdPs+rWOXUG6w161Xzjgi8FvxH60VngS6OBUlbUmeMf0d
jcjxBoqYNIrrkGLxOMGd9fiJcqixELiW8JK1YphbEgVWq6PlaPZRT7grpOOlUGee
0T2wC37XgnSK3kdYah6My7To5bBx96LuJZy99d4t92alV4V2XRxzey7wWZjrYkJv
gE11FF0slT9h8Q81eeC4h7DC4dTgUYb5DV1kIJsMdxSiHa1iYv/7hSZTFROtitkE
Mb/NdaODGTNzrkV3aALIQn7x52GE6JOTcjqf7azK67XDvAOuIOO/u+rY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:25 2025 by rpki-client