Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWrKSlJWV9ms0vjgPHwZnqjmKxY.roa
File: AWrKSlJWV9ms0vjgPHwZnqjmKxY.roa (raw, json)
Hash identifier: QZtuvzuJVsv9qf1KPYJajzZfMqzCNU3otpazBmPymYw=
Subject key identifier: 01:6A:CA:4A:52:56:57:D9:AC:D2:F8:E0:3C:7C:19:9E:A8:E6:2B:16
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194D7012F85E3AD8787CC09EB94F7CADD85
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWrKSlJWV9ms0vjgPHwZnqjmKxY.roa
Signing time: Wed 05 Feb 2025 16:46:06 +0000
ROA not before: Wed 05 Feb 2025 16:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 14:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:01:2f:85:e3:ad:87:87:cc:09:eb:94:f7:ca:dd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 5 16:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=016aca4a525657d9acd2f8e03c7c199ea8e62b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:44:21:59:37:ee:11:74:e9:88:91:a5:fd:19:
7f:21:56:09:ee:03:45:6f:47:0d:fa:7b:02:75:17:
ac:79:4c:92:8c:b7:a3:4d:f5:c4:8b:c3:8a:18:f3:
4e:53:c4:70:a8:a8:a0:3b:9f:84:99:e8:a6:e5:56:
8c:b7:04:fb:e8:0a:28:4d:96:94:f9:9c:6a:ed:f3:
69:aa:4c:41:38:64:4b:76:b2:f3:a2:c6:36:76:34:
be:59:ad:a5:5a:80:f1:8e:7a:f6:32:c1:8c:a0:71:
ef:4c:c0:24:f2:e5:ad:47:90:75:06:75:bd:78:9c:
76:ef:ba:b6:88:ae:b7:5e:eb:51:eb:81:3a:8a:8b:
1b:9a:12:5c:97:b7:74:db:5a:e2:9e:75:a1:69:02:
77:71:45:9d:e4:ea:f6:3e:df:c9:a9:15:41:7e:97:
eb:2d:f3:dd:a6:3c:20:64:47:39:54:2c:47:97:94:
4b:d0:a0:a1:99:96:14:c6:5d:a3:73:fa:6c:dd:30:
dc:77:e0:7b:3b:96:74:2b:c6:0c:61:48:64:98:67:
fe:b3:a2:90:e0:c3:45:2c:ad:ae:71:48:c3:39:5f:
91:5a:bd:8e:89:79:f1:e3:47:ad:85:d9:0f:9f:1a:
c4:2a:43:9e:29:50:29:03:1e:4d:61:41:57:12:a4:
49:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6A:CA:4A:52:56:57:D9:AC:D2:F8:E0:3C:7C:19:9E:A8:E6:2B:16
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWrKSlJWV9ms0vjgPHwZnqjmKxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.72.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.215.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
97:4a:47:f9:40:31:d2:66:8d:d5:a3:f2:aa:1b:ea:4d:83:02:
31:a6:8a:b3:d0:32:a0:83:2b:f9:5e:ea:a2:04:13:d6:72:6a:
fd:c6:ec:b7:d3:b2:e9:1a:3b:b5:15:a6:7f:90:35:e9:e9:58:
bf:b8:e6:cc:8c:d9:55:1b:7a:3d:aa:99:b4:cc:29:46:be:07:
f3:59:9a:ae:ee:93:90:bb:39:6e:6d:a9:67:53:43:74:7b:25:
aa:f3:de:89:16:d2:dc:7e:25:bd:52:98:ae:96:7b:82:8e:f1:
dd:13:fc:f0:51:cb:4c:4f:03:b2:cb:b9:8f:33:5a:6a:6f:80:
7f:81:ec:0e:b8:e6:86:0e:a1:f1:74:96:75:f5:d9:00:e7:f0:
e8:5e:64:bd:ba:46:e1:c8:14:81:c0:bc:e7:bf:0b:04:92:d3:
b2:12:5a:c5:1d:f7:b6:f3:57:46:0a:4c:de:31:02:09:90:85:
af:5e:47:14:9a:81:1f:17:29:e0:32:4c:0f:fe:17:7c:46:c8:
a0:dd:63:fc:f2:f9:88:3f:e6:7e:cb:33:67:25:ed:67:26:76:
02:01:4b:53:4b:57:f4:e4:ef:06:33:55:4b:fd:11:4e:1f:c8:
e3:db:37:5f:77:d2:4f:26:aa:ce:c8:4c:a3:f5:07:3b:57:93:
9d:ad:15:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZTXAS+F462Hh8wJ65T3yt2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA1MTY0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZhY2E0YTUyNTY1N2Q5YWNkMmY4ZTAzYzdjMTk5ZWE4ZTYyYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0QhWTfuEXTpiJGl/Rl/IVYJ7gNF
b0cN+nsCdReseUySjLejTfXEi8OKGPNOU8RwqKigO5+Emeim5VaMtwT76AooTZaU
+Zxq7fNpqkxBOGRLdrLzosY2djS+Wa2lWoDxjnr2MsGMoHHvTMAk8uWtR5B1BnW9
eJx277q2iK63XutR64E6iosbmhJcl7d021rinnWhaQJ3cUWd5Or2Pt/JqRVBfpfr
LfPdpjwgZEc5VCxHl5RL0KChmZYUxl2jc/ps3TDcd+B7O5Z0K8YMYUhkmGf+s6KQ
4MNFLK2ucUjDOV+RWr2OiXnx40ethdkPnxrEKkOeKVApAx5NYUFXEqRJNQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFAFqykpSVlfZrNL44Dx8GZ6o5isWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVdyS1NsSldWOW1zMHZqZ1BId1pucWptS3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAUah4AwQA
Upj4AwQAUpj7AwQAUpj+AwQAUpkiAwQAUpklAwQAUplIAwQAUpmEAwQAUpngAwQA
WdUEAwQAWdUHAwQAWdWCAwQAWdW+AwQAWdXXAwQAbbD3AwQAbbD7AwQAuTF8MA0G
CSqGSIb3DQEBCwUAA4IBAQCXSkf5QDHSZo3Vo/KqG+pNgwIxpoqz0DKggyv5Xuqi
BBPWcmr9xuy307LpGju1FaZ/kDXp6Vi/uObMjNlVG3o9qpm0zClGvgfzWZqu7pOQ
uzlubalnU0N0eyWq896JFtLcfiW9UpiulnuCjvHdE/zwUctMTwOyy7mPM1pqb4B/
gewOuOaGDqHxdJZ19dkA5/DoXmS9ukbhyBSBwLznvwsEktOyElrFHfe281dGCkze
MQIJkIWvXkcUmoEfFyngMkwP/hd8Rsig3WP88vmIP+Z+yzNnJe1nJnYCAUtTS1f0
5O8GM1VL/RFOH8jj2zdfd9JPJqrOyEyj9Qc7V5OdrRVr
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:28 2025 by rpki-client