Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BVxViP0SKEyJ5h6sBQRKtfGSCW4.roa
File: BVxViP0SKEyJ5h6sBQRKtfGSCW4.roa (raw, json)
Hash identifier: kfymX1G+kRoUghSO35GMznCgqLr7rihEdr2UR4cydtI=
Subject key identifier: 05:5C:55:88:FD:12:28:4C:89:E6:1E:AC:05:04:4A:B5:F1:92:09:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193D9706DD7C0A918B655B8B0DC29388367
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BVxViP0SKEyJ5h6sBQRKtfGSCW4.roa
Signing time: Wed 18 Dec 2024 11:04:04 +0000
ROA not before: Wed 18 Dec 2024 11:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 22:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:70:6d:d7:c0:a9:18:b6:55:b8:b0:dc:29:38:83:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 11:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=055c5588fd12284c89e61eac05044ab5f192096e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:51:3f:15:32:87:86:6f:e0:55:4f:ee:bf:
d2:69:64:14:bd:b4:0f:e8:e4:46:9c:db:21:8f:75:
cb:01:ae:27:10:37:96:bc:2d:ec:29:42:af:c3:a1:
a8:41:83:13:8e:bf:f7:94:29:c3:cf:a5:77:36:3c:
e6:4b:af:e6:fc:7a:a7:4a:b2:a4:38:50:77:9c:9d:
33:3d:11:47:5e:9a:57:cc:90:48:65:c4:68:fe:25:
b7:0a:e9:c7:9a:b8:2f:fe:53:13:f7:40:14:2d:9d:
66:77:85:88:37:90:34:35:22:a4:12:d7:af:c1:08:
12:9e:6f:ee:81:b2:af:65:8b:e0:74:48:ad:7c:16:
b5:a9:a5:5f:93:af:ed:fd:eb:58:00:08:0a:a5:58:
cb:7f:89:8b:de:11:5f:9b:f1:dc:12:75:2b:52:02:
d6:af:3d:75:49:b5:52:6a:a6:bd:c9:31:c5:fd:e3:
5c:a3:10:a7:72:b8:a2:2c:6d:b3:18:42:c5:ba:14:
c0:72:88:fa:47:4f:c2:fa:10:84:6b:d8:38:c8:7a:
9f:18:44:1a:43:66:c5:09:99:03:2f:3e:0c:e9:f4:
2c:25:19:fd:9b:df:91:24:63:16:52:c1:ad:8a:98:
2d:fd:8a:af:08:20:80:8b:ab:77:3b:bb:4a:9b:28:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5C:55:88:FD:12:28:4C:89:E6:1E:AC:05:04:4A:B5:F1:92:09:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BVxViP0SKEyJ5h6sBQRKtfGSCW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
66:ac:48:2b:0d:35:40:37:50:d6:a5:cd:6e:27:7f:10:bb:db:
81:5d:19:67:d4:63:7d:32:2c:ab:03:00:75:d1:8e:92:f0:44:
53:73:45:c4:97:16:cd:50:ff:48:cf:c0:d9:3b:08:94:63:d4:
01:8c:9a:b3:42:5a:8d:a5:ae:7a:e8:86:20:06:18:38:ab:e2:
62:33:31:59:3e:c8:ca:89:be:e6:48:09:bc:42:07:f2:37:01:
80:ef:32:c3:53:d7:93:c7:66:14:5f:16:49:bf:53:1e:75:da:
cd:2e:50:4f:8b:94:01:03:06:1a:01:8d:5f:9a:99:ff:fa:5c:
14:02:43:3d:f8:51:b9:c1:d7:12:3e:f4:9a:cc:fd:4e:16:63:
2f:47:95:ff:2a:03:62:32:50:73:d8:7d:e3:8b:ad:c3:76:b6:
6b:90:75:1d:0c:25:f1:31:34:d8:18:3f:f3:3a:42:91:de:a3:
32:c0:2d:9c:16:7d:d7:4c:06:91:c0:0f:75:a4:47:fb:0b:af:
14:7a:23:e1:0a:41:89:2b:42:46:f9:7e:08:d0:0c:07:54:d7:
eb:6b:91:98:91:60:05:c1:f2:88:8d:e8:4f:72:1c:b8:e9:78:
64:c8:38:e4:29:74:07:30:77:ba:93:ae:f4:70:18:c3:ca:cb:
e3:0c:44:60
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZPZcG3XwKkYtlW4sNwpOINnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjE4MTEwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVjNTU4OGZkMTIyODRjODllNjFlYWMwNTA0NGFiNWYxOTIwOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5VRPxUyh4Zv4FVP7r/SaWQUvbQP
6ORGnNshj3XLAa4nEDeWvC3sKUKvw6GoQYMTjr/3lCnDz6V3NjzmS6/m/HqnSrKk
OFB3nJ0zPRFHXppXzJBIZcRo/iW3CunHmrgv/lMT90AULZ1md4WIN5A0NSKkEtev
wQgSnm/ugbKvZYvgdEitfBa1qaVfk6/t/etYAAgKpVjLf4mL3hFfm/HcEnUrUgLW
rz11SbVSaqa9yTHF/eNcoxCncriiLG2zGELFuhTAcoj6R0/C+hCEa9g4yHqfGEQa
Q2bFCZkDLz4M6fQsJRn9m9+RJGMWUsGtipgt/YqvCCCAi6t3O7tKmygO+QIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFAVcVYj9EihMieYerAUESrXxkgluMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQlZ4VmlQMFNLRXlKNWg2c0JRUkt0ZkdTQ1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWkAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAME
Am2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEAtXSNAMEANXa0zAM
AwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBmrEgrDTVAN1DW
pc1uJ38Qu9uBXRln1GN9MiyrAwB10Y6S8ERTc0XElxbNUP9Iz8DZOwiUY9QBjJqz
QlqNpa566IYgBhg4q+JiMzFZPsjKib7mSAm8QgfyNwGA7zLDU9eTx2YUXxZJv1Me
ddrNLlBPi5QBAwYaAY1fmpn/+lwUAkM9+FG5wdcSPvSazP1OFmMvR5X/KgNiMlBz
2H3ji63DdrZrkHUdDCXxMTTYGD/zOkKR3qMywC2cFn3XTAaRwA91pEf7C68UeiPh
CkGJK0JG+X4I0AwHVNfra5GYkWAFwfKIjehPchy46XhkyDjkKXQHMHe6k670cBjD
ysvjDERg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:23 2025 by rpki-client