Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa
File: 9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa (raw, json)
Hash identifier: jrL3SrLq8Bjxyw7okxJ/9G1ryTh4PjtyrIb/p0jVgp8=
Subject key identifier: F4:0C:05:AD:13:C6:37:9C:25:19:7A:B5:6A:3E:8E:7B:A4:E1:8C:D3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EA815D0037CA6776477E851168EF51967
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa
Signing time: Thu 04 Apr 2024 07:49:45 +0000
ROA not before: Thu 04 Apr 2024 07:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 08:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:15:d0:03:7c:a6:77:64:77:e8:51:16:8e:f5:19:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 4 07:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f40c05ad13c6379c25197ab56a3e8e7ba4e18cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:0d:41:f5:a3:ef:29:a6:b7:9a:ae:c1:d1:
24:53:f0:28:1b:79:e3:80:e4:2a:f9:9e:9f:ae:9f:
b7:03:3a:5b:fd:13:87:ec:fb:f9:b1:33:22:ef:8f:
69:e3:a8:e5:5c:df:e9:83:83:01:3a:4d:40:38:65:
b1:7c:a8:7a:82:e5:22:86:36:71:b2:d0:6d:be:d7:
3a:57:e1:c5:96:20:96:ad:d0:2b:48:70:97:99:36:
ce:82:ba:2e:72:b0:2c:57:bd:3c:26:df:8c:d5:d7:
a4:18:68:78:21:2d:09:fb:5c:21:85:05:82:4a:ff:
9d:36:e5:37:ce:92:eb:5e:51:32:fd:0d:b1:47:b2:
1e:50:26:58:82:60:f0:1a:4f:ec:3e:c4:52:fd:4a:
91:7f:41:c3:be:0c:27:6f:fb:d4:10:7d:28:de:d7:
7d:bb:97:c5:17:87:08:16:23:c9:d1:0c:e9:bf:01:
20:3a:fb:0f:1f:5a:af:86:41:42:a5:8c:4a:00:e3:
06:57:0b:f8:7c:86:d5:26:85:55:88:2f:3b:8d:72:
7a:e9:e7:6f:be:eb:17:b5:8a:c6:9e:af:98:ee:a0:
7a:2c:a6:74:7e:11:3e:74:cf:29:0b:be:cb:53:5f:
ff:23:c7:91:f9:05:73:eb:cf:9a:13:1e:32:4c:81:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0C:05:AD:13:C6:37:9C:25:19:7A:B5:6A:3E:8E:7B:A4:E1:8C:D3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9AwFrRPGN5wlGXq1aj6Oe6ThjNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.49.0/24
82.153.65.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
213.130.138.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ef:ef:d6:6a:93:03:34:b8:57:5e:fb:d4:49:43:d7:19:17:
35:40:1a:47:10:f6:39:5c:0b:fd:24:1d:25:25:af:19:c9:a2:
27:90:5a:fd:96:46:a2:02:ea:eb:4e:aa:e9:7a:87:fa:3c:f1:
9f:2c:f0:29:ed:f2:20:1c:70:6c:0c:20:14:87:1e:42:92:17:
cc:56:cb:42:a6:13:51:fa:81:66:0a:db:ee:e3:32:ed:62:b2:
dd:f2:51:83:9c:82:fb:d6:2c:2c:b1:7c:71:f2:fd:d0:fc:96:
3f:51:f1:c0:75:cb:28:c6:9b:cc:dd:7d:82:4a:3c:6f:79:33:
40:f4:f5:1d:93:2b:e5:c3:38:72:e8:86:72:54:59:36:69:31:
45:a5:f4:7e:0e:fe:be:97:bd:b7:c4:45:a9:e9:1b:2b:73:0b:
d2:80:01:d6:ac:15:55:b0:8b:00:27:8c:e4:10:fa:e1:da:e6:
ab:32:19:19:25:f5:34:03:8b:38:8e:d8:b6:c7:86:67:e4:49:
97:7a:cb:92:fd:1c:01:08:a7:76:5d:a4:8d:3f:53:b0:d8:42:
19:3e:90:3b:01:53:69:de:d9:b9:78:1a:b9:d8:e4:75:39:2a:
57:54:e4:bd:ce:d3:eb:e9:df:0f:07:7d:17:30:41:df:eb:47:
7a:8d:24:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6oFdADfKZ3ZHfoURaO9RlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA0MDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBjMDVhZDEzYzYzNzljMjUxOTdhYjU2YTNlOGU3YmE0ZTE4Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh4NQfWj7ymmt5quwdEkU/AoG3nj
gOQq+Z6frp+3Azpb/ROH7Pv5sTMi749p46jlXN/pg4MBOk1AOGWxfKh6guUihjZx
stBtvtc6V+HFliCWrdArSHCXmTbOgroucrAsV708Jt+M1dekGGh4IS0J+1whhQWC
Sv+dNuU3zpLrXlEy/Q2xR7IeUCZYgmDwGk/sPsRS/UqRf0HDvgwnb/vUEH0o3td9
u5fFF4cIFiPJ0QzpvwEgOvsPH1qvhkFCpYxKAOMGVwv4fIbVJoVViC87jXJ66edv
vusXtYrGnq+Y7qB6LKZ0fhE+dM8pC77LU1//I8eR+QVz68+aEx4yTIHbnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPQMBa0TxjecJRl6tWo+jnuk4YzTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOUF3RnJSUEdONXdsR1hxMWFqNk9lNlRoak5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3AwQA1YKKMA0GCSqGSIb3DQEBCwUA
A4IBAQCH7+/WapMDNLhXXvvUSUPXGRc1QBpHEPY5XAv9JB0lJa8ZyaInkFr9lkai
AurrTqrpeof6PPGfLPAp7fIgHHBsDCAUhx5CkhfMVstCphNR+oFmCtvu4zLtYrLd
8lGDnIL71iwssXxx8v3Q/JY/UfHAdcsoxpvM3X2CSjxveTNA9PUdkyvlwzhy6IZy
VFk2aTFFpfR+Dv6+l723xEWp6RsrcwvSgAHWrBVVsIsAJ4zkEPrh2uarMhkZJfU0
A4s4jti2x4Zn5EmXesuS/RwBCKd2XaSNP1Ow2EIZPpA7AVNp3tm5eBq52OR1OSpX
VOS9ztPr6d8PB30XMEHf60d6jSQS
-----END CERTIFICATE-----
Generated at Sun Mar 23 20:45:36 2025 by rpki-client