Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D2X1CyP56tybML-kqm2BquHlBFg.roa
File: D2X1CyP56tybML-kqm2BquHlBFg.roa (raw, json)
Hash identifier: heT9Oa01YRNNX+019cf/s5/F+ZxOWp5sBXuHR9dyI6U=
Subject key identifier: 0F:65:F5:0B:23:F9:EA:DC:9B:30:BF:A4:AA:6D:81:AA:E1:E5:04:58
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193A85C521465C34DBC39B5100F486C4D21
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D2X1CyP56tybML-kqm2BquHlBFg.roa
Signing time: Sun 08 Dec 2024 22:20:42 +0000
ROA not before: Sun 08 Dec 2024 22:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.153.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 10:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a8:5c:52:14:65:c3:4d:bc:39:b5:10:0f:48:6c:4d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 8 22:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f65f50b23f9eadc9b30bfa4aa6d81aae1e50458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:6a:f4:d7:92:b1:9a:21:3d:62:a5:cd:e1:
aa:9e:38:47:76:a6:0b:1f:92:12:84:d2:4f:a7:d5:
1c:b9:a0:a9:07:cf:c7:06:14:91:40:77:cf:62:89:
a1:42:aa:20:18:38:e7:0e:0a:4d:ba:c7:72:7b:b9:
c1:88:06:4b:9b:a1:85:eb:39:d8:1d:00:e9:e5:b8:
00:a6:aa:11:4a:97:4b:66:5e:19:20:cd:6d:f6:65:
94:67:44:e4:18:35:63:72:99:25:3f:67:d1:0c:9a:
33:30:49:71:3c:96:d3:78:2f:79:c8:fc:60:a5:26:
07:5a:fa:f2:8c:4b:76:9c:95:2e:17:a5:be:dc:ae:
f4:c0:0d:fc:1e:a9:98:57:89:55:c7:f0:e7:58:ea:
0b:ef:44:36:2b:ac:9e:d4:f5:92:54:79:8e:6b:54:
73:1d:ee:c5:97:39:8c:57:ba:99:a1:2c:98:14:ce:
0c:35:8b:c8:51:10:b5:1c:91:19:33:11:f6:f6:47:
3d:46:26:27:b5:c3:f2:dd:45:bc:e3:f7:80:3d:b8:
3b:8a:8f:42:d8:29:ef:86:47:2b:ca:b3:7c:94:73:
e0:8e:a3:f1:87:4b:5d:8a:84:15:bf:5f:0f:50:07:
f8:ea:31:c8:04:4f:85:59:da:3d:89:2f:25:6f:d4:
1e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:65:F5:0B:23:F9:EA:DC:9B:30:BF:A4:AA:6D:81:AA:E1:E5:04:58
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D2X1CyP56tybML-kqm2BquHlBFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.130.153.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:4f:03:46:bf:da:4e:21:4e:37:37:6c:e7:b7:40:40:9e:24:
dd:cf:63:33:1a:6f:51:28:b1:2b:8d:02:25:00:ab:bc:74:11:
c2:55:19:96:00:86:71:da:92:cc:47:00:ca:91:e1:ae:f6:98:
81:e0:e3:3c:ee:94:c6:7d:30:e7:59:9c:8d:68:cf:30:e7:03:
68:58:3c:94:89:17:58:f9:13:81:cf:bd:05:c7:43:c8:ac:92:
15:81:05:03:cb:18:6d:b9:01:89:0e:77:f5:fd:ca:33:04:2e:
3a:93:22:dd:c0:7c:34:38:7b:f7:0a:59:8b:7a:9e:0e:41:da:
b1:18:9e:b1:4d:0b:55:f9:73:5c:6d:7d:28:a5:ef:ad:88:ad:
89:c1:e9:8a:ae:ee:f9:b8:e0:1d:a2:4b:9a:ff:f2:ff:6c:87:
59:5c:7b:37:06:9a:0b:4d:bc:04:17:94:6c:d6:d0:c0:cb:58:
40:67:dd:05:94:3f:93:31:04:87:38:26:86:c7:bb:38:75:e0:
ed:3e:e2:8a:aa:90:18:94:ae:61:f5:03:32:ec:2c:a3:63:2c:
2b:29:4e:d2:d8:a7:65:e9:57:b5:e4:8f:6c:c0:ee:10:f0:41:
f1:bd:09:95:00:a5:11:f8:1e:98:a8:0e:14:c8:82:05:40:1a:
85:98:63:b6
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZOoXFIUZcNNvDm1EA9IbE0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA4MjIyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY1ZjUwYjIzZjllYWRjOWIzMGJmYTRhYTZkODFhYWUxZTUwNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHlq9NeSsZohPWKlzeGqnjhHdqYL
H5IShNJPp9UcuaCpB8/HBhSRQHfPYomhQqogGDjnDgpNusdye7nBiAZLm6GF6znY
HQDp5bgApqoRSpdLZl4ZIM1t9mWUZ0TkGDVjcpklP2fRDJozMElxPJbTeC95yPxg
pSYHWvryjEt2nJUuF6W+3K70wA38HqmYV4lVx/DnWOoL70Q2K6ye1PWSVHmOa1Rz
He7FlzmMV7qZoSyYFM4MNYvIURC1HJEZMxH29kc9RiYntcPy3UW84/eAPbg7io9C
2CnvhkcryrN8lHPgjqPxh0tdioQVv18PUAf46jHIBE+FWdo9iS8lb9Qe7QIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFA9l9Qsj+ercmzC/pKptgarh5QRYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRDJYMUN5UDU2dHliTUwta3FtMkJxdUhsQkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWnAwQCWdWs
AwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAME
AW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEANWCmQMEAtXSNAMEANXa0zAMAwQA2ZFB
AwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAqTwNGv9pOIU43N2znt0BA
niTdz2MzGm9RKLErjQIlAKu8dBHCVRmWAIZx2pLMRwDKkeGu9piB4OM87pTGfTDn
WZyNaM8w5wNoWDyUiRdY+ROBz70Fx0PIrJIVgQUDyxhtuQGJDnf1/cozBC46kyLd
wHw0OHv3ClmLep4OQdqxGJ6xTQtV+XNcbX0ope+tiK2JwemKru75uOAdokua//L/
bIdZXHs3BpoLTbwEF5Rs1tDAy1hAZ90FlD+TMQSHOCaGx7s4deDtPuKKqpAYlK5h
9QMy7CyjYywrKU7S2Kdl6Ve15I9swO4Q8EHxvQmVAKUR+B6YqA4UyIIFQBqFmGO2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:04 2025 by rpki-client