Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZQ1YdyfTGI-x0lwlVYvfQgMoC0.roa
File: AZQ1YdyfTGI-x0lwlVYvfQgMoC0.roa (raw, json)
Hash identifier: RNRMBMKZcbBg4kyVA53kcJMKfDVQQh6tW3HSIoFnk/Q=
Subject key identifier: 01:94:35:61:DC:9F:4C:62:3E:C7:49:70:95:56:2F:7D:08:0C:A0:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191B35CB88024393A6DF7A381C3BAEFE14C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZQ1YdyfTGI-x0lwlVYvfQgMoC0.roa
Signing time: Mon 02 Sep 2024 15:31:23 +0000
ROA not before: Mon 02 Sep 2024 15:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 82.153.159.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 23:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:5c:b8:80:24:39:3a:6d:f7:a3:81:c3:ba:ef:e1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 2 15:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01943561dc9f4c623ec7497095562f7d080ca02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:88:32:25:98:bf:d9:57:c2:d7:64:06:f3:
72:1c:67:e8:08:1f:9e:0a:17:a7:93:fc:9f:f7:22:
02:c5:04:3a:c4:c1:fc:86:80:89:cf:40:54:e5:38:
49:10:b5:57:9f:57:ab:e9:df:9a:f8:8a:aa:49:2f:
3d:4b:e1:43:0c:7b:3f:d0:25:dd:16:cc:ee:9f:65:
81:f7:7f:f7:9a:ff:b3:c0:67:00:09:1d:24:94:84:
51:4a:a1:4e:0f:35:92:06:19:b7:1e:19:6c:c7:73:
da:21:44:d8:1d:4c:25:73:3d:b4:fa:41:00:1e:82:
da:f4:b0:e8:a5:b3:c6:ae:aa:99:3a:01:3f:29:a7:
8a:eb:1a:6e:77:1a:64:50:05:82:77:b8:97:1a:7e:
48:5d:d2:f3:a5:bc:e8:35:71:0a:02:bc:6e:e0:c8:
69:6d:78:82:f3:b6:89:23:35:ca:25:35:36:ff:77:
ce:9c:e1:b6:a3:06:79:14:a2:3b:5d:5c:58:2d:b4:
a7:c8:ee:93:53:3f:c3:8f:f9:83:92:3a:73:20:12:
dd:f0:8c:f2:80:8d:21:a9:92:a0:0b:bf:1c:58:d6:
3a:9b:98:11:cb:d3:75:73:bb:c2:49:db:95:7f:ff:
fa:6d:b4:00:e8:f1:2a:a4:16:1b:fe:9f:e0:14:aa:
2d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:94:35:61:DC:9F:4C:62:3E:C7:49:70:95:56:2F:7D:08:0C:A0:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZQ1YdyfTGI-x0lwlVYvfQgMoC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.159.0/24
89.213.63.0/24
213.130.151.0/24
Signature Algorithm: sha256WithRSAEncryption
80:35:3e:5f:b3:27:27:4d:95:50:a0:fc:3d:49:24:9f:78:72:
7e:a2:51:ff:25:35:e0:1a:bb:91:a7:16:37:e2:49:6f:a6:65:
db:d9:d6:7c:35:77:4b:3c:9d:21:9f:ec:03:40:73:1e:7e:67:
ab:6d:a9:9c:89:c0:45:99:9f:ba:8e:3f:be:87:bb:24:32:79:
46:18:6a:4e:29:29:79:76:51:ad:e2:c6:ec:c7:45:b8:67:62:
90:0b:7b:1f:48:22:21:de:30:4d:ce:2d:20:b0:6e:63:dc:be:
92:6f:43:2a:f4:87:83:e3:f9:c7:7a:b6:3d:76:ec:12:8d:bd:
24:92:d7:26:1f:e4:1b:2b:f8:ad:38:5e:1a:60:28:71:76:24:
e9:cb:5b:8d:07:63:c5:b2:2e:f2:d3:ae:fb:9d:a4:af:37:26:
59:9f:ad:28:15:5a:c3:2b:fa:c4:dc:f2:cd:54:4d:c5:77:15:
e9:6b:2b:bf:1b:03:bf:6a:df:89:37:6e:cf:bf:22:37:d5:2f:
71:1e:92:9e:93:71:8b:fd:d8:07:6b:cd:0e:a1:b3:4f:c8:db:
a5:8f:4e:3a:79:06:55:de:6a:77:5b:3b:15:1e:9e:2f:39:50:
ee:41:9c:6a:85:24:57:9e:97:ac:b1:a7:ea:0f:98:20:96:dc:
7a:63:e2:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGzXLiAJDk6bfejgcO67+FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAyMTUzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk0MzU2MWRjOWY0YzYyM2VjNzQ5NzA5NTU2MmY3ZDA4MGNhMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI2IMiWYv9lXwtdkBvNyHGfoCB+e
Chenk/yf9yICxQQ6xMH8hoCJz0BU5ThJELVXn1er6d+a+IqqSS89S+FDDHs/0CXd
Fszun2WB93/3mv+zwGcACR0klIRRSqFODzWSBhm3Hhlsx3PaIUTYHUwlcz20+kEA
HoLa9LDopbPGrqqZOgE/KaeK6xpudxpkUAWCd7iXGn5IXdLzpbzoNXEKArxu4Mhp
bXiC87aJIzXKJTU2/3fOnOG2owZ5FKI7XVxYLbSnyO6TUz/Dj/mDkjpzIBLd8Izy
gI0hqZKgC78cWNY6m5gRy9N1c7vCSduVf//6bbQA6PEqpBYb/p/gFKotcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAGUNWHcn0xiPsdJcJVWL30IDKAtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVpRMVlkeWZUR0kteDBsd2xWWXZmUWdNb0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpmfAwQA
WdU/AwQA1YKXMA0GCSqGSIb3DQEBCwUAA4IBAQCANT5fsycnTZVQoPw9SSSfeHJ+
olH/JTXgGruRpxY34klvpmXb2dZ8NXdLPJ0hn+wDQHMefmerbamcicBFmZ+6jj++
h7skMnlGGGpOKSl5dlGt4sbsx0W4Z2KQC3sfSCIh3jBNzi0gsG5j3L6Sb0Mq9IeD
4/nHerY9duwSjb0kktcmH+QbK/itOF4aYChxdiTpy1uNB2PFsi7y0677naSvNyZZ
n60oFVrDK/rE3PLNVE3FdxXpayu/GwO/at+JN27PvyI31S9xHpKek3GL/dgHa80O
obNPyNulj046eQZV3mp3WzsVHp4vOVDuQZxqhSRXnpessafqD5ggltx6Y+IA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:06 2025 by rpki-client