Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BMuZ0JgkAmOvJ265q_iW0pCWM7Y.roa
File: BMuZ0JgkAmOvJ265q_iW0pCWM7Y.roa (raw, json)
Hash identifier: 922W7SKJJTrLxzgqr40rHPYWI2fROeCEJrT/Nx/dURw=
Subject key identifier: 04:CB:99:D0:98:24:02:63:AF:27:6E:B9:AB:F8:96:D2:90:96:33:B6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01903B67294E90163CFE2F572CB9D7C8E1EE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BMuZ0JgkAmOvJ265q_iW0pCWM7Y.roa
Signing time: Fri 21 Jun 2024 15:25:34 +0000
ROA not before: Fri 21 Jun 2024 15:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
82.152.7.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.35.0/24 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.97.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.219.0/24 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.239.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jun 2024 13:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:67:29:4e:90:16:3c:fe:2f:57:2c:b9:d7:c8:e1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 21 15:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04cb99d098240263af276eb9abf896d2909633b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5e:63:53:d3:40:fc:9f:6b:73:43:a1:a1:b5:
90:e3:86:c5:4c:4e:f3:15:7a:c2:82:90:77:24:23:
40:cb:e1:03:c4:59:84:b6:0d:35:02:cb:00:0f:c2:
1d:7d:4b:70:30:1a:6d:76:7a:cd:da:a4:fc:80:d4:
71:67:8e:df:42:b6:4a:35:90:92:95:9a:d5:6d:fd:
1d:34:58:20:31:32:8b:a9:97:aa:d5:9c:04:05:03:
ae:56:4a:19:53:80:e4:81:6d:28:ee:b0:32:b8:64:
74:b8:7e:a6:97:71:6d:8b:07:6c:e5:e9:1b:9d:38:
a2:4e:77:41:b7:b2:fe:ed:7f:da:44:0f:ba:cb:cc:
c1:78:9a:6f:a2:87:83:3a:4b:70:cb:81:ae:b6:57:
2a:38:f9:99:0c:d7:89:37:64:06:0f:49:bc:a6:38:
db:e5:eb:e5:99:d0:d5:12:d0:98:d9:e8:d6:3e:25:
25:43:7d:be:26:59:59:6b:07:5c:7c:64:df:86:45:
a4:20:fd:29:2c:1f:9e:aa:66:9d:d9:3e:b2:d3:fc:
39:23:52:de:92:d6:ff:cd:c8:4d:90:23:31:5f:66:
96:13:9b:19:63:92:d9:73:70:aa:3d:04:91:a3:7c:
f4:19:15:d7:b7:8a:b5:49:19:7c:84:2c:3f:2a:dd:
e9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CB:99:D0:98:24:02:63:AF:27:6E:B9:AB:F8:96:D2:90:96:33:B6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BMuZ0JgkAmOvJ265q_iW0pCWM7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
81.168.50.0/24
82.152.7.0/24
82.152.176.0/23
82.153.35.0/24
82.153.55.0/24
82.153.136.0/22
89.213.97.0/24
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.219.0/24
89.213.232.0/21
109.176.16.0/21
109.176.202.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
28:60:6d:d5:43:7a:ec:3b:f4:0e:70:f5:e8:13:12:00:98:83:
ea:de:23:9e:aa:68:65:b8:19:05:94:13:f0:d3:da:7c:f5:36:
95:85:c1:db:33:4d:10:b5:e7:61:07:06:f6:a0:cd:4c:77:c0:
ea:2f:5e:a3:f2:28:22:0d:ec:7f:a3:01:1f:09:15:c7:c5:5b:
a6:c5:3c:9c:fd:af:a1:ee:85:1c:a1:2f:ab:0b:7c:b4:88:6c:
7b:a0:07:03:bb:75:5b:07:4b:d4:49:86:13:d7:ec:cb:a9:54:
25:8e:37:a8:5f:12:98:ff:90:f7:3d:55:86:d7:ae:00:49:d2:
cb:8a:e4:be:57:4d:b3:5f:05:30:6a:6d:b0:9d:57:56:46:ac:
b9:60:c0:a6:7a:b6:a9:a8:bb:30:7a:bd:fb:cb:79:ff:d8:48:
9d:93:02:2a:7e:ea:88:8b:c4:ad:e7:e5:56:d3:c2:9a:9b:3e:
51:c2:fb:c9:db:ee:e4:6b:ab:d2:16:b4:55:e0:07:83:9f:19:
7a:26:51:f4:27:77:39:47:db:39:8c:5f:72:96:25:b0:34:36:
99:9d:a1:3a:d1:e6:90:77:56:e0:2c:a0:54:79:b2:25:df:cf:
d3:91:ba:57:6f:77:d3:49:cd:93:ab:d5:93:11:c7:f0:86:b4:
0b:50:9a:44
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZA7ZylOkBY8/i9XLLnXyOHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIxMTUyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNiOTlkMDk4MjQwMjYzYWYyNzZlYjlhYmY4OTZkMjkwOTYzM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F5jU9NA/J9rc0OhobWQ44bFTE7z
FXrCgpB3JCNAy+EDxFmEtg01AssAD8IdfUtwMBptdnrN2qT8gNRxZ47fQrZKNZCS
lZrVbf0dNFggMTKLqZeq1ZwEBQOuVkoZU4DkgW0o7rAyuGR0uH6ml3Ftiwds5ekb
nTiiTndBt7L+7X/aRA+6y8zBeJpvooeDOktwy4GutlcqOPmZDNeJN2QGD0m8pjjb
5evlmdDVEtCY2ejWPiUlQ32+JllZawdcfGTfhkWkIP0pLB+eqmad2T6y0/w5I1Le
ktb/zchNkCMxX2aWE5sZY5LZc3CqPQSRo3z0GRXXt4q1SRl8hCw/Kt3pyQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFATLmdCYJAJjryduuav4ltKQljO2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQk11WjBKZ2tBbU92SjI2NXFfaVcwcENXTTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAl
/BsDBABRqDIDBABSmAcDBAFSmLADBABSmSMDBABSmTcDBAJSmYgDBABZ1WEDBABZ
1YYwDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQEWdXAAwQAWdXbAwQDWdXo
AwQDbbAQAwQAbbDKAwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQB1drSAwQA1dr5
MA0GCSqGSIb3DQEBCwUAA4IBAQAoYG3VQ3rsO/QOcPXoExIAmIPq3iOeqmhluBkF
lBPw09p89TaVhcHbM00QtedhBwb2oM1Md8DqL16j8igiDex/owEfCRXHxVumxTyc
/a+h7oUcoS+rC3y0iGx7oAcDu3VbB0vUSYYT1+zLqVQljjeoXxKY/5D3PVWG164A
SdLLiuS+V02zXwUwam2wnVdWRqy5YMCmerapqLswer37y3n/2EidkwIqfuqIi8St
5+VW08Kamz5RwvvJ2+7ka6vSFrRV4AeDnxl6JlH0J3c5R9s5jF9yliWwNDaZnaE6
0eaQd1bgLKBUebIl38/TkbpXb3fTSc2Tq9WTEcfwhrQLUJpE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:28 2025 by rpki-client