Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9nbYUdYu7Taxq79NXakL1gAm_4A.roa
File: 9nbYUdYu7Taxq79NXakL1gAm_4A.roa (raw, json)
Hash identifier: EcoWGFp13+49P0HdqvSiVXofaO8qjae748qmY+HoJqs=
Subject key identifier: F6:76:D8:51:D6:2E:ED:36:B1:AB:BF:4D:5D:A9:0B:D6:00:26:FF:80
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195EB22A0C45AE4324EDC4EFD6BB46AE477
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9nbYUdYu7Taxq79NXakL1gAm_4A.roa
Signing time: Mon 31 Mar 2025 07:37:49 +0000
ROA not before: Mon 31 Mar 2025 07:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 80.240.87.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 07:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:22:a0:c4:5a:e4:32:4e:dc:4e:fd:6b:b4:6a:e4:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 31 07:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f676d851d62eed36b1abbf4d5da90bd60026ff80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:df:e0:c3:60:20:ec:32:79:e7:a1:e6:bb:
d9:3e:f8:f1:6b:de:23:7e:d8:78:57:4c:d5:bf:02:
b6:12:c8:97:62:08:85:b7:6f:35:ab:93:cb:77:b5:
a6:d2:99:29:3a:37:31:af:06:5d:19:c9:31:c8:3f:
d5:56:19:96:8e:8d:40:9c:ed:fc:25:8c:de:8e:87:
89:4b:59:92:a3:89:be:7a:4a:ef:6d:21:fe:b0:30:
60:01:1e:3a:c9:8f:14:34:1b:b1:77:1e:97:8f:f9:
43:37:51:d5:18:99:79:bf:cd:cf:c9:3b:be:e4:aa:
b1:d5:d0:87:a4:7d:73:f8:26:f0:fc:40:31:f8:15:
83:af:49:cb:81:91:4c:f4:27:25:e4:7e:d3:64:75:
09:ac:48:9a:91:14:93:d0:cb:c3:45:5d:18:e6:56:
2f:02:9c:58:29:e8:3f:04:50:a5:a3:a9:33:95:04:
4e:41:43:b2:2b:88:b2:34:c0:6e:50:3f:1f:fb:c6:
ef:8d:11:80:d9:a7:2f:f8:0e:fb:2e:44:2f:49:66:
6a:6f:09:18:88:b6:03:d7:d4:4b:de:84:32:2e:dd:
ef:14:f1:2a:a4:0c:57:b7:70:87:87:e7:e4:f1:67:
27:70:5f:57:69:60:c1:4f:44:44:d1:cf:d2:ec:27:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:76:D8:51:D6:2E:ED:36:B1:AB:BF:4D:5D:A9:0B:D6:00:26:FF:80
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9nbYUdYu7Taxq79NXakL1gAm_4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.87.0/24
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.210.62.0/24
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:74:23:b6:be:ca:95:77:7b:ee:15:14:87:b9:d6:c3:00:78:
33:00:ec:03:a1:5d:e4:f7:17:ca:0a:49:6c:c6:23:e4:4e:4e:
8c:36:5c:7e:cf:da:96:1d:0a:b1:73:65:83:77:31:9e:35:10:
56:f1:d1:86:55:92:d1:a1:61:2e:fe:d1:9d:1e:54:64:cd:e0:
dc:a6:e7:6f:18:63:26:20:98:22:c1:53:2f:cd:11:57:da:a2:
bb:a0:1f:7f:be:5b:39:d7:99:48:79:7f:0e:b3:b4:de:67:78:
67:18:f7:59:a3:45:19:69:d1:17:f6:ed:a8:b7:17:cd:1e:d0:
6a:39:98:ad:56:62:26:5b:6a:12:5c:82:6d:97:11:6d:e4:02:
54:03:11:49:0f:e6:71:c2:ab:32:0f:be:fb:4a:f5:f7:70:ed:
aa:e0:d5:33:45:cf:80:f0:45:d0:5a:6f:2f:92:f6:1f:4a:80:
a9:17:13:ca:e4:79:92:c1:85:a0:22:e5:92:e4:72:8e:c3:5e:
68:94:cf:b9:8a:1d:33:2e:05:52:a7:95:6b:bb:66:5f:ec:b6:
4d:b7:9e:63:9d:3a:ef:23:dd:6d:7c:80:60:bf:0c:75:c7:45:
f2:b3:2e:b2:e0:56:1c:b0:59:16:de:cd:4b:88:43:d4:24:e2:
5d:ba:01:34
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAZXrIqDEWuQyTtxO/Wu0auR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzMxMDczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjc2ZDg1MWQ2MmVlZDM2YjFhYmJmNGQ1ZGE5MGJkNjAwMjZmZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno7f4MNgIOwyeeeh5rvZPvjxa94j
fth4V0zVvwK2EsiXYgiFt281q5PLd7Wm0pkpOjcxrwZdGckxyD/VVhmWjo1AnO38
JYzejoeJS1mSo4m+ekrvbSH+sDBgAR46yY8UNBuxdx6Xj/lDN1HVGJl5v83PyTu+
5Kqx1dCHpH1z+Cbw/EAx+BWDr0nLgZFM9Ccl5H7TZHUJrEiakRST0MvDRV0Y5lYv
ApxYKeg/BFClo6kzlQROQUOyK4iyNMBuUD8f+8bvjRGA2acv+A77LkQvSWZqbwkY
iLYD19RL3oQyLt3vFPEqpAxXt3CHh+fk8WcncF9XaWDBT0RE0c/S7CckJwIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFPZ22FHWLu02sau/TV2pC9YAJv+AMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOW5iWVVkWXU3VGF4cTc5Tlhha0wxZ0FtXzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCCAVAEAgABMIIB
SAMEAFDwVwMEAFKYCAMEAFKYgwMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLDAMAwQB
WdUyAwQCWdU4AwQAWdV/AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwDBABZ1ZED
BABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnVqTAMAwQA
WdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV
5AMEBFnV4AMEA22wEAMEAG2wwQMEAm2wzAMEAW2w8gMEAG2w/AMEAbkxfgMEALll
LwMEBMJpUAMEANQmTwMEAdQmWAMEAtWChAMEANWYKwMEAtXSNAMEANXSPgMEANXa
0wMEANXa4jAMAwQC1dr0AwQA1dr4MAwDBADZkUEDBADZkUIDBAPZkUgwDQYJKoZI
hvcNAQELBQADggEBAA90I7a+ypV3e+4VFIe51sMAeDMA7AOhXeT3F8oKSWzGI+RO
Tow2XH7P2pYdCrFzZYN3MZ41EFbx0YZVktGhYS7+0Z0eVGTN4Nym528YYyYgmCLB
Uy/NEVfaorugH3++WznXmUh5fw6ztN5neGcY91mjRRlp0Rf27ai3F80e0Go5mK1W
YiZbahJcgm2XEW3kAlQDEUkP5nHCqzIPvvtK9fdw7arg1TNFz4DwRdBaby+S9h9K
gKkXE8rkeZLBhaAi5ZLkco7DXmiUz7mKHTMuBVKnlWu7Zl/stk23nmOdOu8j3W18
gGC/DHXHRfKzLrLgVhywWRbezUuIQ9Qk4l26ATQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:28 2025 by rpki-client