Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bd03vofPKdccbaKwb_ntkvUQTi8.roa
File: Bd03vofPKdccbaKwb_ntkvUQTi8.roa (raw, json)
Hash identifier: /FiOUoVEqcowOwFMHKXeCsjuGkr+O/JpN7LdrB8cQmQ=
Subject key identifier: 05:DD:37:BE:87:CF:29:D7:1C:6D:A2:B0:6F:F9:ED:92:F5:10:4E:2F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FC3CC18FD8F23D0E403F2826DEF9C533C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bd03vofPKdccbaKwb_ntkvUQTi8.roa
Signing time: Wed 29 May 2024 10:01:23 +0000
ROA not before: Wed 29 May 2024 10:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.83.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.196.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 15:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:cc:18:fd:8f:23:d0:e4:03:f2:82:6d:ef:9c:53:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 29 10:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05dd37be87cf29d71c6da2b06ff9ed92f5104e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a3:83:20:0e:83:da:ce:cf:a4:be:b9:e6:af:
76:cf:8f:0f:40:ae:cc:7a:92:41:d9:ab:13:55:55:
18:4f:2c:d8:99:a0:3d:25:38:06:07:51:81:8f:cd:
a7:21:f9:06:f4:7b:1e:61:70:e9:7d:1f:db:1f:58:
06:6b:d3:3f:40:0b:8d:7a:79:cf:39:54:49:e0:fd:
b3:6d:40:d0:ea:6d:f9:70:0a:aa:02:69:58:28:ba:
88:ae:23:08:93:cc:ca:e5:5f:6a:ed:b9:fd:b2:7c:
df:f4:95:be:40:59:b7:b7:42:5a:95:47:d7:86:3c:
42:20:98:73:88:4e:b4:10:72:0f:29:a7:fd:23:2e:
8e:e9:4a:26:fb:7d:30:9f:1a:ad:2a:2c:1a:75:0d:
0e:26:93:97:fc:3d:5e:cf:83:f4:09:86:fe:e7:ab:
4e:92:98:a8:7e:b2:e6:4f:64:ae:53:4e:2c:f9:e5:
b0:29:bd:d0:71:ee:36:3d:41:d2:d7:9f:88:41:e2:
42:2d:13:02:7c:98:ba:d5:4b:17:4b:b8:69:e8:4d:
c1:9b:3d:ac:5d:a2:39:aa:1b:51:cb:ee:85:92:9f:
4c:30:7b:18:89:be:2a:6f:ec:47:94:d6:24:1b:c1:
5c:c7:f2:20:81:36:bd:f0:78:54:a8:ef:05:9a:c8:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DD:37:BE:87:CF:29:D7:1C:6D:A2:B0:6F:F9:ED:92:F5:10:4E:2F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bd03vofPKdccbaKwb_ntkvUQTi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.83.0/24
81.168.120.0/24
82.152.8.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
82.163.23.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.190.0/24
89.213.196.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7d:b0:bd:b3:b7:43:52:33:b3:c3:ce:97:ba:9e:1a:65:01:
b2:88:fe:4e:db:63:2d:39:5d:00:23:5c:22:6e:bf:05:6a:ea:
b4:c9:83:1e:d0:5e:7b:2d:2f:af:09:aa:d0:ad:b5:79:bb:9b:
26:67:0b:6f:eb:81:45:b5:1f:b5:59:13:90:db:49:12:a2:0d:
01:87:21:24:3d:a3:a4:e1:7d:a5:98:ec:cf:53:0c:e9:a2:80:
16:9a:76:a2:c3:06:a2:02:cc:5a:da:fa:0d:7c:ca:a1:21:13:
a4:ab:05:b4:d8:d6:bd:fb:af:19:88:88:76:56:b2:37:b5:a3:
7e:da:1f:af:91:ce:87:f8:cb:dc:68:a7:6a:9a:9e:23:fc:41:
b0:cd:d3:25:c5:8d:f3:60:e2:4d:46:48:eb:e6:c6:65:73:6b:
5e:62:52:db:84:47:e6:db:c6:7a:5e:0b:9e:29:c3:c9:2b:20:
37:82:e0:a2:ee:0e:08:87:4d:d0:6e:9d:5f:d2:8b:26:8e:5f:
d5:b6:a7:6c:2f:e4:cb:d2:87:a2:3b:c2:08:bb:c6:9b:9d:ec:
61:f5:2e:41:e6:45:5c:de:15:db:68:90:41:fe:13:92:40:a2:
b4:08:06:81:18:0a:85:71:98:3e:46:4e:3c:64:70:df:74:17:
f5:4f:3e:6b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY/DzBj9jyPQ5APygm3vnFM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI5MTAwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRkMzdiZTg3Y2YyOWQ3MWM2ZGEyYjA2ZmY5ZWQ5MmY1MTA0ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KODIA6D2s7PpL655q92z48PQK7M
epJB2asTVVUYTyzYmaA9JTgGB1GBj82nIfkG9HseYXDpfR/bH1gGa9M/QAuNennP
OVRJ4P2zbUDQ6m35cAqqAmlYKLqIriMIk8zK5V9q7bn9snzf9JW+QFm3t0JalUfX
hjxCIJhziE60EHIPKaf9Iy6O6Uom+30wnxqtKiwadQ0OJpOX/D1ez4P0CYb+56tO
kpiofrLmT2SuU04s+eWwKb3Qce42PUHS15+IQeJCLRMCfJi61UsXS7hp6E3Bmz2s
XaI5qhtRy+6Fkp9MMHsYib4qb+xHlNYkG8Fcx/IggTa98HhUqO8Fmsg6LQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFAXdN76HzynXHG2isG/57ZL1EE4vMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQmQwM3ZvZlBLZGNjYmFLd2JfbnRrdlVRVGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAFGo
UwMEAFGoeAMEAFKYCAMEAFKY+AMEAFKY+wMEAFKY/gMEAFKZJQMEAFKZRQMEAFKZ
SAMEAFKZTwMEAFKZhAMEAFKZ4AMEAFKjFwMEAFnVBAMEAVnVBgMEAFnVggMEAFnV
vgMEAFnVxAMEAG2w9wMEAG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAJH2w
vbO3Q1Izs8POl7qeGmUBsoj+TttjLTldACNcIm6/BWrqtMmDHtBeey0vrwmq0K21
ebubJmcLb+uBRbUftVkTkNtJEqINAYchJD2jpOF9pZjsz1MM6aKAFpp2osMGogLM
Wtr6DXzKoSETpKsFtNjWvfuvGYiIdlayN7Wjftofr5HOh/jL3GinapqeI/xBsM3T
JcWN82DiTUZI6+bGZXNrXmJS24RH5tvGel4LninDySsgN4Lgou4OCIdN0G6dX9KL
Jo5f1banbC/ky9KHojvCCLvGm53sYfUuQeZFXN4V22iQQf4TkkCitAgGgRgKhXGY
PkZOPGRw33QX9U8+aw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:58 2025 by rpki-client