Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BOaRWdnA7H2CvP5M4hDUwUUSVC0.roa
File: BOaRWdnA7H2CvP5M4hDUwUUSVC0.roa (raw, json)
Hash identifier: uSwnuVEo9fy6fC8vTq2rt/gi/jJucSts8lu39DcNTRc=
Subject key identifier: 04:E6:91:59:D9:C0:EC:7D:82:BC:FE:4C:E2:10:D4:C1:45:12:54:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01956D47D9857A0BE9F2B831621D275822E7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BOaRWdnA7H2CvP5M4hDUwUUSVC0.roa
Signing time: Thu 06 Mar 2025 21:06:20 +0000
ROA not before: Thu 06 Mar 2025 21:06:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 14:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:47:d9:85:7a:0b:e9:f2:b8:31:62:1d:27:58:22:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 6 21:06:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04e69159d9c0ec7d82bcfe4ce210d4c14512542d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:59:9d:e4:0e:a6:ed:37:e8:a3:10:59:5e:f3:
e8:cb:70:66:20:c5:ef:0c:7b:49:20:78:f8:22:a5:
91:ab:16:68:24:6f:f4:f4:d6:86:f5:c1:aa:1f:f3:
6d:ce:0d:c9:f7:ab:68:5d:fa:b4:a8:a4:4b:05:31:
83:7d:16:c5:51:8d:95:84:e3:08:6f:fc:fc:06:a0:
14:01:dd:3d:e8:fc:29:11:c2:42:90:62:3a:35:7a:
b8:5f:22:c8:56:09:66:ba:31:d4:f4:1a:d0:3f:11:
99:bf:b2:d2:4f:65:7e:f0:e4:92:43:aa:77:79:e3:
00:75:67:cc:02:cf:ce:ab:4f:b3:68:6b:e3:47:c0:
e1:40:57:45:22:02:26:51:0f:7f:92:60:79:8e:c1:
18:85:29:09:74:b9:74:0e:9d:a2:f5:c1:73:dc:93:
75:7e:ac:e7:f0:06:60:b6:e7:fe:ff:9c:6d:1f:e3:
83:48:04:d2:12:ee:c3:d9:0d:76:a6:ab:6c:82:cd:
b9:30:55:ac:fa:ea:37:60:73:f0:e7:32:58:94:63:
4f:0d:a6:f4:fc:3d:65:6b:b8:e5:f4:ce:d6:89:17:
ce:68:09:76:c0:9b:4b:c2:d0:7a:d8:f0:50:55:7a:
43:be:be:4d:51:be:9e:2d:07:56:7a:0f:72:37:e1:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E6:91:59:D9:C0:EC:7D:82:BC:FE:4C:E2:10:D4:C1:45:12:54:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BOaRWdnA7H2CvP5M4hDUwUUSVC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:08:bb:49:68:09:dd:44:45:46:d6:75:11:de:b4:1d:04:2e:
ec:93:7b:8f:80:79:c9:1a:4a:28:9d:ab:ec:e0:05:21:8a:98:
5f:b3:56:f3:c2:81:1b:ac:7c:5a:09:24:6a:f4:aa:ce:33:88:
8c:90:9d:5d:d7:b1:ee:20:c6:41:04:39:af:65:ad:58:ea:f7:
77:64:16:26:03:01:2d:08:de:51:8d:ac:a2:c9:d7:f6:65:a3:
7b:56:15:f2:27:4f:8c:1f:6c:2a:29:17:77:a1:45:9d:26:87:
8f:ce:1e:62:b0:31:37:a4:0a:29:2f:4a:3a:ac:b0:b2:c9:22:
20:dd:4f:d0:59:a1:0a:ba:ae:3c:73:0d:8c:56:0c:0f:a4:92:
a7:74:3d:11:58:34:af:92:73:86:84:11:71:6a:3e:98:7d:7a:
73:52:31:11:4a:70:6c:ce:35:c8:d1:92:35:42:cf:21:59:ef:
11:e6:b2:8e:e7:32:e1:9b:b6:0d:40:26:f1:1c:49:51:42:b5:
1e:74:7d:fb:59:c9:f1:ca:57:e1:ba:7e:7f:e7:e6:61:74:45:
82:95:06:a0:bc:ab:42:74:04:65:3c:56:1c:25:1e:93:69:0e:
ca:47:b9:7b:24:a3:b7:23:71:48:64:3a:89:d1:aa:35:6a:7b:
c1:2d:8d:37
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZVtR9mFegvp8rgxYh0nWCLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA2MjEwNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU2OTE1OWQ5YzBlYzdkODJiY2ZlNGNlMjEwZDRjMTQ1MTI1NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lmd5A6m7TfooxBZXvPoy3BmIMXv
DHtJIHj4IqWRqxZoJG/09NaG9cGqH/Ntzg3J96toXfq0qKRLBTGDfRbFUY2VhOMI
b/z8BqAUAd096PwpEcJCkGI6NXq4XyLIVglmujHU9BrQPxGZv7LST2V+8OSSQ6p3
eeMAdWfMAs/Oq0+zaGvjR8DhQFdFIgImUQ9/kmB5jsEYhSkJdLl0Dp2i9cFz3JN1
fqzn8AZgtuf+/5xtH+ODSATSEu7D2Q12pqtsgs25MFWs+uo3YHPw5zJYlGNPDab0
/D1la7jl9M7WiRfOaAl2wJtLwtB62PBQVXpDvr5NUb6eLQdWeg9yN+GJ8QIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFATmkVnZwOx9grz+TOIQ1MFFElQtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQk9hUldkbkE3SDJDdlA1TTRoRFV3VVVTVkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVKwMEAFnVYgME
AFnVoTAMAwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDJAwQAbbDrAwQA1YKC
AwQA1YKVAwQA1dIpAwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQAeCLtJ
aAndREVG1nUR3rQdBC7sk3uPgHnJGkoonavs4AUhiphfs1bzwoEbrHxaCSRq9KrO
M4iMkJ1d17HuIMZBBDmvZa1Y6vd3ZBYmAwEtCN5Rjayiydf2ZaN7VhXyJ0+MH2wq
KRd3oUWdJoePzh5isDE3pAopL0o6rLCyySIg3U/QWaEKuq48cw2MVgwPpJKndD0R
WDSvknOGhBFxaj6YfXpzUjERSnBszjXI0ZI1Qs8hWe8R5rKO5zLhm7YNQCbxHElR
QrUedH37Wcnxylfhun5/5+ZhdEWClQagvKtCdARlPFYcJR6TaQ7KR7l7JKO3I3FI
ZDqJ0ao1anvBLY03
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:29:43 2025 by rpki-client