Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C5IAl_gIChdGNVsgHfX2q9HATng.roa
File: C5IAl_gIChdGNVsgHfX2q9HATng.roa (raw, json)
Hash identifier: AIrQSthXNSdqhAnyX2UGF7vJz7oRPBwPWI/PrPrlcD0=
Subject key identifier: 0B:92:00:97:F8:08:0A:17:46:35:5B:20:1D:F5:F6:AB:D1:C0:4E:78
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FF252425A7BF3EEED7BE86D2498579549
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C5IAl_gIChdGNVsgHfX2q9HATng.roa
Signing time: Fri 07 Jun 2024 10:50:28 +0000
ROA not before: Fri 07 Jun 2024 10:50:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.6.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.105.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.140.0/24 maxlen: 24
82.152.142.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.159.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.202.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.97.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 07:53:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:52:42:5a:7b:f3:ee:ed:7b:e8:6d:24:98:57:95:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 7 10:50:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b920097f8080a1746355b201df5f6abd1c04e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3f:57:2f:fc:5a:ab:2d:79:5e:f8:13:15:02:
f1:21:cc:f9:74:3a:b5:3e:e5:d9:50:90:b3:60:e6:
71:cd:3a:f9:b5:2a:97:17:7e:0e:c4:9d:db:9d:3a:
12:59:49:81:47:75:06:15:bc:b7:86:bc:2e:c6:0e:
94:22:cf:ae:a4:03:a7:3a:25:ac:ba:43:45:ef:1b:
81:59:92:27:69:0b:4f:9f:30:67:7c:dc:72:34:0f:
01:f5:f6:78:c6:6f:ce:a5:20:7d:0c:75:76:af:15:
7c:c8:93:71:c3:31:78:6f:26:95:f6:b9:81:37:1b:
53:d5:8a:14:3d:fb:35:33:e4:9b:58:d7:80:6d:ce:
b6:94:a1:04:4c:c5:a1:53:d8:a6:f0:a3:bf:7a:a4:
71:51:8d:23:ed:e8:00:30:bb:af:39:43:36:3a:43:
70:01:a6:72:b6:05:2a:bb:13:96:41:5f:95:89:c0:
83:82:92:c5:af:0c:d4:38:6a:88:80:de:59:cd:c0:
5b:85:cd:c3:07:c3:ab:f9:b5:79:51:57:db:62:27:
7f:a5:32:a3:a8:25:ae:b2:37:7e:ff:40:f2:b7:5c:
55:cc:f6:7d:6a:60:55:30:65:7b:47:7c:eb:50:63:
9f:ee:76:5e:46:84:b0:fc:51:89:90:2b:12:69:8b:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:92:00:97:F8:08:0A:17:46:35:5B:20:1D:F5:F6:AB:D1:C0:4E:78
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C5IAl_gIChdGNVsgHfX2q9HATng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0-82.152.6.255
82.152.12.0/24
82.152.98.0/24
82.152.105.0/24
82.152.131.0/24
82.152.140.0/24
82.152.142.0/24
82.153.34.0/24
82.153.55.0/24
82.153.135.0/24
82.153.153.0/24
82.153.156.0/24
82.153.159.0/24
82.153.200.0-82.153.202.255
82.153.207.0/24
82.163.0.0/24
89.213.97.0/24
89.213.134.0/24
89.213.197.0/24
109.176.193.0/24
109.176.202.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.58.0/24
213.210.63.0/24
213.218.211.0/24
213.218.224.0/24
213.218.233.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e8:12:d4:51:b0:67:5b:c8:17:21:97:04:d1:a8:97:86:9f:
c4:f5:66:f5:fd:f1:a1:6a:95:96:55:06:aa:d5:47:fb:d4:c4:
f7:cf:03:ad:b1:64:f1:0b:21:99:4d:e8:1b:1b:c7:33:fb:19:
29:92:95:7e:61:01:c8:ea:9c:71:64:c4:be:6f:a9:d6:85:b9:
da:34:80:9a:88:0b:a3:c7:4c:15:c5:56:eb:4a:75:fe:7c:3e:
0f:f3:69:4e:5c:fe:ce:d1:38:f0:19:12:9d:2b:f3:26:69:63:
b0:05:e4:24:49:71:72:fb:67:c6:68:36:97:94:17:39:64:69:
c8:8f:23:86:91:57:2f:93:92:b6:f8:af:68:07:f4:03:7c:b0:
28:ed:89:01:f2:3c:02:f7:2b:77:8f:e4:4a:06:a0:b0:d6:34:
6d:3b:26:1d:8b:5f:a2:47:72:63:10:3d:37:05:1b:cd:13:e1:
f2:88:fa:13:f1:77:10:63:a8:bd:99:16:db:f4:81:e7:7b:9a:
65:1e:ca:4c:b8:c5:93:c2:93:2b:9e:28:f2:13:ae:e5:49:98:
7e:0d:7e:c6:78:e6:0e:de:75:11:d5:f1:36:d2:e6:fb:48:9f:
25:52:a5:fd:4e:95:26:29:70:27:9e:e4:19:4f:4a:dd:7d:99:
e7:46:0d:37
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAY/yUkJae/Pu7XvobSSYV5VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA3MTA1MDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjkyMDA5N2Y4MDgwYTE3NDYzNTViMjAxZGY1ZjZhYmQxYzA0ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj9XL/xaqy15XvgTFQLxIcz5dDq1
PuXZUJCzYOZxzTr5tSqXF34OxJ3bnToSWUmBR3UGFby3hrwuxg6UIs+upAOnOiWs
ukNF7xuBWZInaQtPnzBnfNxyNA8B9fZ4xm/OpSB9DHV2rxV8yJNxwzF4byaV9rmB
NxtT1YoUPfs1M+SbWNeAbc62lKEETMWhU9im8KO/eqRxUY0j7egAMLuvOUM2OkNw
AaZytgUquxOWQV+VicCDgpLFrwzUOGqIgN5ZzcBbhc3DB8Or+bV5UVfbYid/pTKj
qCWusjd+/0Dyt1xVzPZ9amBVMGV7R3zrUGOf7nZeRoSw/FGJkCsSaYuWdQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFAuSAJf4CAoXRjVbIB319qvRwE54MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQzVJQWxfZ0lDaGRHTlZzZ0hmWDJxOUhBVG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBABR
qHowDAMEAlKYBAMEAFKYBgMEAFKYDAMEAFKYYgMEAFKYaQMEAFKYgwMEAFKYjAME
AFKYjgMEAFKZIgMEAFKZNwMEAFKZhwMEAFKZmQMEAFKZnAMEAFKZnzAMAwQDUpnI
AwQAUpnKAwQAUpnPAwQAUqMAAwQAWdVhAwQAWdWGAwQAWdXFAwQAbbDBAwQAbbDK
MAwDBABtsOUDBABtsOYDBABtsPQDBADUJk8DBAHVgpYDBADV0joDBADV0j8DBADV
2tMDBADV2uADBADV2ukDBADV2vkwDQYJKoZIhvcNAQELBQADggEBAIboEtRRsGdb
yBchlwTRqJeGn8T1ZvX98aFqlZZVBqrVR/vUxPfPA62xZPELIZlN6BsbxzP7GSmS
lX5hAcjqnHFkxL5vqdaFudo0gJqIC6PHTBXFVutKdf58Pg/zaU5c/s7ROPAZEp0r
8yZpY7AF5CRJcXL7Z8ZoNpeUFzlkaciPI4aRVy+Tkrb4r2gH9AN8sCjtiQHyPAL3
K3eP5EoGoLDWNG07Jh2LX6JHcmMQPTcFG80T4fKI+hPxdxBjqL2ZFtv0ged7mmUe
yky4xZPCkyueKPITruVJmH4NfsZ45g7edRHV8TbS5vtInyVSpf1OlSYpcCee5BlP
St19medGDTc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:27 2025 by rpki-client