Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bi1mCtA-vgMSHVdeW9oFpu65i8g.roa
File: Bi1mCtA-vgMSHVdeW9oFpu65i8g.roa (raw, json)
Hash identifier: 5X/EJzV2AYCq7GIW/FOiiulrxnPPemAj8wE2oKBZkdY=
Subject key identifier: 06:2D:66:0A:D0:3E:BE:03:12:1D:57:5E:5B:DA:05:A6:EE:B9:8B:C8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01928FEC77EE43C581089261BE5154F12F47
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bi1mCtA-vgMSHVdeW9oFpu65i8g.roa
Signing time: Tue 15 Oct 2024 11:24:52 +0000
ROA not before: Tue 15 Oct 2024 11:24:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 15:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:ec:77:ee:43:c5:81:08:92:61:be:51:54:f1:2f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 15 11:24:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=062d660ad03ebe03121d575e5bda05a6eeb98bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:64:c0:a1:45:69:61:e8:df:06:69:a5:b9:2d:
59:58:61:f2:7f:67:cc:06:59:aa:b6:71:8f:d6:dd:
28:6b:87:70:b8:36:af:42:28:97:fb:1d:45:6a:bd:
c1:b1:6e:13:86:72:e7:11:01:e5:9b:4b:e4:72:75:
f4:15:a4:3a:2d:7a:1b:a9:d4:24:e2:a8:b4:17:ec:
ca:5c:15:89:70:dc:88:1d:88:90:3e:c4:22:06:c5:
6f:d1:32:7f:77:91:37:b0:8c:6d:ce:5a:2c:d9:30:
e1:42:05:c2:5e:b5:c6:6c:5f:e7:a3:89:9a:c1:4b:
b9:f9:b9:56:44:ad:f8:1e:f8:94:4f:5f:5c:5b:e6:
9f:25:c8:fd:e0:e2:ce:56:8c:a2:bb:ad:f9:b7:b9:
45:b8:43:f9:0c:43:0d:e3:33:84:57:c1:7b:c6:ba:
c7:d8:27:60:c4:7c:b0:41:86:e0:6b:c6:7e:91:65:
1e:61:ee:9a:cd:23:06:ff:7e:e4:00:3a:29:0b:13:
d0:1f:9e:67:82:8e:1e:5a:58:8e:a7:00:47:62:65:
5a:98:94:ad:6f:f3:78:64:59:fa:c2:0c:27:e9:76:
3b:56:4c:b9:11:c4:3b:6c:ae:46:27:17:32:1f:26:
75:f0:b3:b5:6e:79:88:63:7f:5c:f0:40:07:5a:5b:
50:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2D:66:0A:D0:3E:BE:03:12:1D:57:5E:5B:DA:05:A6:EE:B9:8B:C8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bi1mCtA-vgMSHVdeW9oFpu65i8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.122.0/24
82.152.131.0/24
82.152.176.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
89.213.249.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
01:79:47:27:7b:ec:95:c1:fd:68:e1:92:d2:5d:60:69:b3:70:
d8:a3:13:76:92:7a:ab:73:6b:82:6f:61:2d:8d:7d:4c:65:38:
71:a9:8e:a7:e8:e0:05:3b:db:8c:f0:23:9b:7d:7c:95:28:8c:
fa:f1:68:7e:12:a2:85:a9:43:14:06:f3:51:54:07:11:4d:79:
0c:8e:f1:da:e5:95:01:a4:fd:26:c5:82:ea:0b:0c:dc:6f:74:
53:72:6f:e9:89:63:78:ac:51:03:d9:b2:73:10:4a:56:4b:ce:
8c:c8:06:87:5a:37:69:7f:61:2a:ef:9e:4b:c2:3a:a5:3e:12:
2b:b6:0d:8a:93:be:14:d4:da:87:e3:42:83:a8:55:63:45:5d:
e1:3d:ac:b2:ae:8a:e8:67:bf:08:cb:de:48:07:ff:57:22:0e:
5a:ab:d6:48:18:fe:5a:22:10:e3:2a:b9:97:ea:28:73:1b:d8:
99:83:f1:7a:b8:fd:31:6b:1e:a4:94:f1:61:27:ea:37:32:c5:
28:6d:9a:0e:77:50:29:6b:0e:42:12:55:bb:a5:06:17:25:69:
5e:72:37:e2:1d:40:91:b7:18:e3:21:d5:53:7d:00:25:00:91:
ee:58:ed:81:f0:d3:b1:aa:72:aa:fd:a6:6a:ab:fd:04:c9:92:
78:61:22:33
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZKP7HfuQ8WBCJJhvlFU8S9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDE1MTEyNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJkNjYwYWQwM2ViZTAzMTIxZDU3NWU1YmRhMDVhNmVlYjk4YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWTAoUVpYejfBmmluS1ZWGHyf2fM
BlmqtnGP1t0oa4dwuDavQiiX+x1Far3BsW4ThnLnEQHlm0vkcnX0FaQ6LXobqdQk
4qi0F+zKXBWJcNyIHYiQPsQiBsVv0TJ/d5E3sIxtzlos2TDhQgXCXrXGbF/no4ma
wUu5+blWRK34HviUT19cW+afJcj94OLOVoyiu635t7lFuEP5DEMN4zOEV8F7xrrH
2CdgxHywQYbga8Z+kWUeYe6azSMG/37kADopCxPQH55ngo4eWliOpwBHYmVamJSt
b/N4ZFn6wgwn6XY7Vky5EcQ7bK5GJxcyHyZ18LO1bnmIY39c8EAHWltQzQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAYtZgrQPr4DEh1XXlvaBabuuYvIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQmkxbUN0QS12Z01TSFZkZVc5b0ZwdTY1aThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUQW9AwQA
Uah6AwQAUpiDAwQAUpiwAwQAWdWYAwQAWdWwAwQAWdW3AwQAWdXUAwQAWdX5AwQA
bbDmMA0GCSqGSIb3DQEBCwUAA4IBAQABeUcne+yVwf1o4ZLSXWBps3DYoxN2knqr
c2uCb2EtjX1MZThxqY6n6OAFO9uM8CObfXyVKIz68Wh+EqKFqUMUBvNRVAcRTXkM
jvHa5ZUBpP0mxYLqCwzcb3RTcm/piWN4rFED2bJzEEpWS86MyAaHWjdpf2Eq755L
wjqlPhIrtg2Kk74U1NqH40KDqFVjRV3hPayyroroZ78Iy95IB/9XIg5aq9ZIGP5a
IhDjKrmX6ihzG9iZg/F6uP0xax6klPFhJ+o3MsUobZoOd1Apaw5CElW7pQYXJWle
cjfiHUCRtxjjIdVTfQAlAJHuWO2B8NOxqnKq/aZqq/0EyZJ4YSIz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:09 2025 by rpki-client