Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D5YR1Pr1ulXPXzNvrKz_woJh7Rs.roa
File: D5YR1Pr1ulXPXzNvrKz_woJh7Rs.roa (raw, json)
Hash identifier: D5c55og6nv50TbOEPq2iHYNFMEokAQwPW7eaBAQRZe0=
Subject key identifier: 0F:96:11:D4:FA:F5:BA:55:CF:5F:33:6F:AC:AC:FF:C2:82:61:ED:1B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190360306901AA1D4A6CA34020CA390093B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D5YR1Pr1ulXPXzNvrKz_woJh7Rs.roa
Signing time: Thu 20 Jun 2024 14:18:06 +0000
ROA not before: Thu 20 Jun 2024 14:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 15:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:03:06:90:1a:a1:d4:a6:ca:34:02:0c:a3:90:09:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 20 14:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9611d4faf5ba55cf5f336facacffc28261ed1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8e:eb:47:b5:2c:8d:fa:60:dc:f9:fb:9a:8d:
60:2c:72:5a:8b:41:2b:ff:36:fd:86:3e:87:59:ca:
4f:6f:fa:47:19:16:65:38:39:c3:1b:be:89:bf:4c:
6c:7e:26:e5:d3:ed:2e:02:1a:80:2b:d4:61:2b:e2:
a7:f4:99:7e:11:5b:e0:bf:7d:29:08:6c:2c:24:86:
c1:9a:77:16:b3:d6:0e:d8:a0:b2:6b:58:8b:87:0d:
cc:ae:2a:07:06:1d:b3:a1:0a:d2:2a:9d:1f:c3:4e:
d3:69:17:26:da:04:1f:3b:fc:22:13:d2:1c:5d:b9:
9f:cc:e8:43:eb:9d:3d:05:5f:24:a6:2d:51:8a:bb:
aa:5c:69:22:20:00:f8:cd:84:5e:f7:e4:9c:a8:48:
29:36:4c:f7:e5:56:cd:61:28:d6:7c:ab:c6:aa:37:
21:75:af:e6:e3:43:90:0d:f4:0a:2d:2f:c0:b5:47:
25:cc:c0:30:59:a7:8e:a6:30:7c:cb:ad:94:3c:41:
16:9c:aa:74:e0:91:ce:ff:60:70:7c:24:68:c3:fc:
ba:c4:fb:c2:74:08:1b:f5:52:ca:80:eb:8e:1d:ad:
03:65:e2:bd:8f:41:3c:0a:9c:b7:ab:34:a4:3a:1b:
b6:5a:2d:55:7f:86:58:f5:fa:24:ec:74:1a:65:8c:
b3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:96:11:D4:FA:F5:BA:55:CF:5F:33:6F:AC:AC:FF:C2:82:61:ED:1B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D5YR1Pr1ulXPXzNvrKz_woJh7Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0/23
82.152.98.0/24
82.152.131.0/24
82.153.55.0/24
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
82.153.207.0/24
82.163.0.0/24
89.213.197.0/24
109.176.193.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.63.0/24
213.218.211.0/24
213.218.224.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:03:77:67:f1:9c:bd:17:ee:ac:e6:14:a0:23:0c:91:51:7a:
93:fc:c0:0c:e9:de:82:da:08:74:02:e4:f2:68:f7:6b:35:1c:
d4:36:2a:44:fb:e1:21:f7:66:10:59:c8:36:35:42:f8:57:7e:
a6:c7:ec:a8:03:47:97:1b:5a:76:07:6a:64:4f:0d:6c:6e:4e:
cb:0e:b9:5e:ec:19:e1:1b:4e:40:19:a8:22:f2:f3:fb:28:07:
54:5a:12:a0:34:61:4a:6a:94:6b:7a:a7:a0:76:07:63:f2:cb:
ee:97:f8:f9:fd:77:5d:2d:48:49:56:b4:d1:93:4c:cb:e0:06:
af:8d:58:8b:71:7f:c1:f2:f9:b2:36:c0:6d:df:74:fc:e7:9f:
51:7f:29:6e:1e:25:6f:97:cf:a2:84:c6:27:e6:46:be:54:87:
f2:94:45:d8:0e:f6:f1:ec:78:59:03:2a:77:8b:88:f1:24:e0:
ff:45:78:ab:9f:f7:e4:36:1b:30:72:d1:a6:3c:72:f3:b4:0e:
f9:79:3f:4f:1e:af:bf:59:48:35:65:a9:3a:0e:42:cf:d8:e0:
80:8f:b8:f8:a9:bb:ca:f9:2d:34:68:f3:8e:e9:ad:e2:a1:7c:
2e:ce:6d:bb:d2:92:85:b9:2f:00:b8:49:5d:71:97:4e:4a:a7:
a3:af:eb:7d
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZA2AwaQGqHUpso0AgyjkAk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIwMTQxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk2MTFkNGZhZjViYTU1Y2Y1ZjMzNmZhY2FjZmZjMjgyNjFlZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4o7rR7Usjfpg3Pn7mo1gLHJai0Er
/zb9hj6HWcpPb/pHGRZlODnDG76Jv0xsfibl0+0uAhqAK9RhK+Kn9Jl+EVvgv30p
CGwsJIbBmncWs9YO2KCya1iLhw3MrioHBh2zoQrSKp0fw07TaRcm2gQfO/wiE9Ic
XbmfzOhD6509BV8kpi1RiruqXGkiIAD4zYRe9+ScqEgpNkz35VbNYSjWfKvGqjch
da/m40OQDfQKLS/AtUclzMAwWaeOpjB8y62UPEEWnKp04JHO/2BwfCRow/y6xPvC
dAgb9VLKgOuOHa0DZeK9j0E8Cpy3qzSkOhu2Wi1Vf4ZY9fok7HQaZYyzrwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFA+WEdT69bpVz18zb6ys/8KCYe0bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRDVZUjFQcjF1bFhQWHpOdnJLel93b0poN1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABR
qHoDBAFSmAQDBABSmGIDBABSmIMDBABSmTcDBABSmZkDBABSmZwDBABSmcgDBABS
mc8DBABSowADBABZ1cUDBABtsMEwDAMEAG2w5QMEAG2w5gMEAG2w9AMEANQmTwME
AdWClgMEANXSPwMEANXa0wMEANXa4AMEANXa6TANBgkqhkiG9w0BAQsFAAOCAQEA
fQN3Z/GcvRfurOYUoCMMkVF6k/zADOnegtoIdALk8mj3azUc1DYqRPvhIfdmEFnI
NjVC+Fd+psfsqANHlxtadgdqZE8NbG5Oyw65XuwZ4RtOQBmoIvLz+ygHVFoSoDRh
SmqUa3qnoHYHY/LL7pf4+f13XS1ISVa00ZNMy+AGr41Yi3F/wfL5sjbAbd90/Oef
UX8pbh4lb5fPooTGJ+ZGvlSH8pRF2A728ex4WQMqd4uI8STg/0V4q5/35DYbMHLR
pjxy87QO+Xk/Tx6vv1lINWWpOg5Cz9jggI+4+Km7yvktNGjzjumt4qF8Ls5tu9KS
hbkvALhJXXGXTkqno6/rfQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:41 2025 by rpki-client