Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AIF1wHisR1eWAZE9tMz0zBNrPvw.roa
File: AIF1wHisR1eWAZE9tMz0zBNrPvw.roa (raw, json)
Hash identifier: AAl+ZaukaBAi4cN1iGDIAPQMNAYijZrE/zB+J9BfFm8=
Subject key identifier: 00:81:75:C0:78:AC:47:57:96:01:91:3D:B4:CC:F4:CC:13:6B:3E:FC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019008138389ECFA6BACEA62D37CC329E2BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AIF1wHisR1eWAZE9tMz0zBNrPvw.roa
Signing time: Tue 11 Jun 2024 16:13:34 +0000
ROA not before: Tue 11 Jun 2024 16:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 82.152.90.0/23 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.163.16.0/24 maxlen: 24
89.213.40.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
194.105.81.0/24 maxlen: 24
213.218.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jun 2024 13:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:13:83:89:ec:fa:6b:ac:ea:62:d3:7c:c3:29:e2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 11 16:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008175c078ac47579601913db4ccf4cc136b3efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:41:bf:2e:97:dc:17:d9:be:10:45:ac:82:dd:
e4:f3:28:f7:1d:95:da:a1:e0:16:12:df:d8:42:b9:
0c:ba:df:2f:ec:c6:c3:51:b9:b1:a6:da:bc:36:ac:
17:f9:cb:20:ff:16:df:33:3a:3c:c8:4b:33:e8:c4:
bf:67:8d:6b:30:24:1a:0f:5b:66:7b:cc:62:a1:57:
d8:ca:97:3c:3d:93:ec:78:d1:a1:b2:d9:f0:55:2e:
f6:e7:6f:ca:78:97:55:11:c2:3c:7c:ea:91:66:ff:
f2:9c:73:de:7b:1c:42:8b:f5:fa:86:8e:ac:22:c0:
d3:73:c2:27:24:9c:76:29:52:f9:ea:2d:94:44:60:
9a:20:ab:9f:c4:33:cb:34:bd:8d:fa:e1:e7:c0:1b:
44:88:05:01:a9:1d:14:01:b7:6c:85:58:29:d0:13:
25:70:e0:df:6c:af:48:2f:34:ee:e1:44:93:50:c9:
37:a1:99:90:5e:d8:96:6c:ac:d3:5c:20:ad:dc:a7:
29:61:57:10:a6:df:d2:08:79:e6:51:ac:f2:a0:ab:
05:d0:5e:0b:b4:62:41:af:35:06:bd:89:92:7d:c0:
c0:46:cd:d4:fc:66:8b:1f:c3:9a:c5:ea:02:0f:11:
35:51:9a:9c:18:35:ad:87:4a:c2:d2:2b:2a:c7:3c:
74:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:81:75:C0:78:AC:47:57:96:01:91:3D:B4:CC:F4:CC:13:6B:3E:FC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AIF1wHisR1eWAZE9tMz0zBNrPvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.90.0/23
82.153.65.0/24
82.153.135.0/24
82.163.16.0/24
89.213.40.0/24
89.213.164.0/24
89.213.184.0/24
194.105.81.0/24
213.218.254.0/24
Signature Algorithm: sha256WithRSAEncryption
38:33:0e:5b:3b:2c:93:8d:a6:33:c8:58:ca:a0:fb:32:c9:49:
4e:6a:df:1d:f8:5e:ce:4a:9e:30:ee:1f:c6:dd:e5:bd:36:1f:
e0:92:e2:9d:48:1c:01:77:f6:64:7f:5f:96:4e:b5:3f:6e:8a:
ce:63:f6:ca:0b:09:56:b1:d7:ec:79:0e:73:d0:7d:3b:03:c7:
0b:dd:9d:69:81:7c:71:3f:c5:4d:bb:f3:12:d5:10:4b:3c:59:
c0:fb:83:87:4b:a3:19:b6:0f:4e:59:93:41:47:b4:18:a0:20:
be:68:1b:69:3b:14:04:d1:56:d6:17:d9:b5:a5:e8:b1:f5:58:
69:63:94:07:83:6c:78:74:14:56:a8:ec:cb:4f:ad:37:c3:42:
26:f9:c4:cb:36:6d:c2:5d:b0:eb:3b:7d:d7:84:85:08:63:e1:
6d:ac:03:c5:ad:86:fb:2e:4b:3c:2e:3e:cc:f3:6a:e7:3f:ce:
43:5f:05:19:d5:e4:69:db:c8:5d:e9:f8:d7:51:a3:05:29:11:
57:61:d0:37:c9:05:42:16:68:fc:58:52:6a:35:0c:9e:dc:7d:
55:c9:c8:19:80:1a:b6:33:d3:6d:25:b9:2b:6b:3e:59:1a:9e:
00:d0:f0:6c:77:47:83:82:84:fb:6c:e0:be:3e:81:2a:e7:47:
d9:0a:19:64
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZAIE4OJ7PprrOpi03zDKeK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjExMTYxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDgxNzVjMDc4YWM0NzU3OTYwMTkxM2RiNGNjZjRjYzEzNmIzZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUG/LpfcF9m+EEWsgt3k8yj3HZXa
oeAWEt/YQrkMut8v7MbDUbmxptq8NqwX+csg/xbfMzo8yEsz6MS/Z41rMCQaD1tm
e8xioVfYypc8PZPseNGhstnwVS7252/KeJdVEcI8fOqRZv/ynHPeexxCi/X6ho6s
IsDTc8InJJx2KVL56i2URGCaIKufxDPLNL2N+uHnwBtEiAUBqR0UAbdshVgp0BMl
cODfbK9ILzTu4USTUMk3oZmQXtiWbKzTXCCt3KcpYVcQpt/SCHnmUazyoKsF0F4L
tGJBrzUGvYmSfcDARs3U/GaLH8OaxeoCDxE1UZqcGDWth0rC0isqxzx06QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFACBdcB4rEdXlgGRPbTM9MwTaz78MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQUlGMXdIaXNSMWVXQVpFOXRNejB6Qk5yUHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBUphaAwQA
UplBAwQAUpmHAwQAUqMQAwQAWdUoAwQAWdWkAwQAWdW4AwQAwmlRAwQA1dr+MA0G
CSqGSIb3DQEBCwUAA4IBAQA4Mw5bOyyTjaYzyFjKoPsyyUlOat8d+F7OSp4w7h/G
3eW9Nh/gkuKdSBwBd/Zkf1+WTrU/borOY/bKCwlWsdfseQ5z0H07A8cL3Z1pgXxx
P8VNu/MS1RBLPFnA+4OHS6MZtg9OWZNBR7QYoCC+aBtpOxQE0VbWF9m1peix9Vhp
Y5QHg2x4dBRWqOzLT603w0Im+cTLNm3CXbDrO33XhIUIY+FtrAPFrYb7Lks8Lj7M
82rnP85DXwUZ1eRp28hd6fjXUaMFKRFXYdA3yQVCFmj8WFJqNQye3H1VycgZgBq2
M9NtJbkraz5ZGp4A0PBsd0eDgoT7bOC+PoEq50fZChlk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:53 2025 by rpki-client