Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa
File: ArvUbbP2jYLJcVtftusc8fpQoeU.roa (raw, json)
Hash identifier: lDqI6VQp1zLdHD0VJOaupLt8LH7qGc3t6D5WV8f3Yr4=
Subject key identifier: 02:BB:D4:6D:B3:F6:8D:82:C9:71:5B:5F:B6:EB:1C:F1:FA:50:A1:E5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D8CF8C0FFB957B66246A16376861B8CAF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa
Signing time: Fri 09 Feb 2024 08:25:29 +0000
ROA not before: Fri 09 Feb 2024 08:25:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.165.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 09:59:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:f8:c0:ff:b9:57:b6:62:46:a1:63:76:86:1b:8c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 9 08:25:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02bbd46db3f68d82c9715b5fb6eb1cf1fa50a1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:81:ae:5c:cc:b2:7b:16:55:85:d1:90:80:
71:af:41:d6:bb:41:ae:5a:07:c9:d6:2a:b1:0c:8e:
91:2c:ee:58:79:9a:52:8a:23:bf:ba:a9:e5:66:0d:
11:75:45:7a:85:bf:0f:50:b3:d1:0a:ae:9c:4b:64:
37:a6:a6:8b:45:a7:48:d1:c1:2a:36:16:64:c0:90:
8b:a0:6f:11:94:b1:a5:47:0d:90:e3:d6:ab:4d:99:
53:73:ab:bb:a0:41:25:b6:00:30:d0:7a:12:dd:35:
3f:ae:68:e1:1a:32:80:f4:91:24:8e:8b:87:c3:ed:
5e:ab:c1:ef:cf:06:99:67:e5:f8:82:84:6e:69:6d:
99:13:c6:6c:31:2e:43:32:4d:e6:e7:fa:79:80:69:
05:1e:ff:2d:b3:19:57:8c:54:cc:fd:c0:52:d4:af:
1c:08:07:3b:51:8c:c8:b7:f6:c2:43:16:25:85:92:
cb:e0:8d:7f:d1:a7:5e:b2:9c:17:9c:4f:c9:cc:28:
67:39:f2:57:14:2d:7e:8c:47:e7:96:05:5c:6b:2f:
04:0e:1d:fd:55:cd:95:c9:74:9a:f6:2f:79:19:c8:
fc:a8:8c:99:d7:78:14:da:67:ac:07:14:96:2b:0d:
27:df:d6:9c:62:3c:5d:77:67:04:d9:76:f4:25:a8:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BB:D4:6D:B3:F6:8D:82:C9:71:5B:5F:B6:EB:1C:F1:FA:50:A1:E5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ArvUbbP2jYLJcVtftusc8fpQoeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.136.0/22
82.153.245.0/24
89.213.148.0-89.213.159.255
89.213.165.0/24
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
99:5e:57:1b:9c:5a:24:de:96:bf:c0:89:37:c3:88:da:c9:80:
52:29:28:b7:64:57:63:df:1e:fe:a9:03:15:97:cb:72:b1:a3:
f9:96:ee:e5:81:06:cb:9b:6e:cc:26:bb:ac:ec:ed:2b:d1:4e:
45:6b:42:84:2c:04:02:e0:58:7d:b2:5f:9e:b3:04:5b:e0:0f:
4b:5a:c3:f4:05:82:19:33:89:87:50:d4:56:d0:78:b8:fd:6d:
61:8b:ec:e0:d7:80:e4:16:eb:56:0c:5e:6a:07:b7:58:63:98:
4e:1f:79:22:03:6f:fb:87:7f:38:b1:c4:a4:d3:bd:b6:68:89:
92:52:84:63:f4:7b:a6:07:1e:19:eb:ef:99:cb:8a:b8:80:5a:
06:8f:ed:82:a9:e3:b9:de:8c:c7:06:e9:46:58:20:c2:2c:be:
45:c0:96:bf:0b:43:2c:74:9c:94:f8:ba:cd:d0:46:e1:14:32:
87:c1:fb:05:30:f0:aa:13:ae:cd:15:d8:fd:56:43:d8:1b:8a:
b7:65:6a:36:4f:a6:a8:7c:bc:5b:40:4f:ba:da:e8:f0:9b:0a:
62:73:f1:03:d1:20:f6:eb:7f:1e:46:19:39:6f:88:2a:a0:e4:
34:1c:d3:1c:15:29:da:e5:db:b8:c3:03:b4:e8:ee:93:4b:20:
75:66:d9:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2M+MD/uVe2YkahY3aGG4yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjA5MDgyNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJiZDQ2ZGIzZjY4ZDgyYzk3MTViNWZiNmViMWNmMWZhNTBhMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBaBrlzMsnsWVYXRkIBxr0HWu0Gu
WgfJ1iqxDI6RLO5YeZpSiiO/uqnlZg0RdUV6hb8PULPRCq6cS2Q3pqaLRadI0cEq
NhZkwJCLoG8RlLGlRw2Q49arTZlTc6u7oEEltgAw0HoS3TU/rmjhGjKA9JEkjouH
w+1eq8HvzwaZZ+X4goRuaW2ZE8ZsMS5DMk3m5/p5gGkFHv8tsxlXjFTM/cBS1K8c
CAc7UYzIt/bCQxYlhZLL4I1/0adespwXnE/JzChnOfJXFC1+jEfnlgVcay8EDh39
Vc2VyXSa9i95Gcj8qIyZ13gU2mesBxSWKw0n39acYjxdd2cE2Xb0JajCwwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAK71G2z9o2CyXFbX7brHPH6UKHlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXJ2VWJiUDJqWUxKY1Z0ZnR1c2M4ZnBRb2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCUpmIAwQA
Upn1MAwDBAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAJleVxucWiTelr/AiTfDiNrJgFIpKLdkV2PfHv6p
AxWXy3Kxo/mW7uWBBsubbswmu6zs7SvRTkVrQoQsBALgWH2yX56zBFvgD0taw/QF
ghkziYdQ1FbQeLj9bWGL7ODXgOQW61YMXmoHt1hjmE4feSIDb/uHfzixxKTTvbZo
iZJShGP0e6YHHhnr75nLiriAWgaP7YKp47nejMcG6UZYIMIsvkXAlr8LQyx0nJT4
us3QRuEUMofB+wUw8KoTrs0V2P1WQ9gbirdlajZPpqh8vFtAT7ra6PCbCmJz8QPR
IPbrfx5GGTlviCqg5DQc0xwVKdrl27jDA7To7pNLIHVm2RU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:39 2025 by rpki-client