Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Dy171dyUSI6XXLjXiQ3ufjUa9_E.roa
File: Dy171dyUSI6XXLjXiQ3ufjUa9_E.roa (raw, json)
Hash identifier: 1TjtPBtJdvMPzTv0wOKI79KwTY1irWAyG01QCgsc62w=
Subject key identifier: 0F:2D:7B:D5:DC:94:48:8E:97:5C:B8:D7:89:0D:EE:7E:35:1A:F7:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194BC0BF23E81E17B64FEE5AE6EFBD3EB69
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Dy171dyUSI6XXLjXiQ3ufjUa9_E.roa
Signing time: Fri 31 Jan 2025 11:08:06 +0000
ROA not before: Fri 31 Jan 2025 11:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.50.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.196.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.248.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 09:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:0b:f2:3e:81:e1:7b:64:fe:e5:ae:6e:fb:d3:eb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 31 11:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f2d7bd5dc94488e975cb8d7890dee7e351af7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c4:6d:85:c6:c5:7c:e5:a2:3d:dc:ac:de:b8:
2d:f6:57:23:10:22:ce:db:32:2c:95:a1:7b:62:c9:
3e:58:f6:35:f1:b3:cb:ad:c2:bd:2d:65:dd:ad:0f:
87:6b:ba:ab:fd:de:14:fb:67:ee:75:c2:1c:d5:05:
4f:fe:ef:33:9b:58:b7:ae:c1:95:e9:86:2e:5a:46:
38:6a:ce:f9:45:a3:b7:e2:34:38:c2:f2:39:cf:4b:
47:1f:70:7c:29:d1:67:a9:b0:43:eb:b3:d4:6b:81:
dd:48:dc:13:1f:e6:e6:d6:ab:dc:7f:cc:73:71:18:
1d:28:89:26:f8:b5:55:4e:c3:cc:fa:81:7c:d5:06:
6c:0a:29:88:d8:d3:6c:eb:ca:63:ec:0b:b8:d4:bd:
02:da:7d:94:75:32:0d:25:77:86:dc:f2:5a:34:f3:
f3:06:39:dd:0c:9e:4c:1a:61:bf:1b:ea:8a:b7:68:
a8:f3:94:46:31:61:5f:54:bd:a8:10:be:52:ad:6b:
6a:76:fc:fe:cc:6d:35:c6:55:ba:7d:af:ce:ad:07:
bc:c4:ce:1f:c5:61:6f:af:72:69:59:ac:ce:41:7a:
22:28:5d:bf:96:25:1b:0b:3d:b8:e8:4b:f2:7a:27:
a6:e5:e1:7c:cb:a0:63:75:3e:82:4b:8f:48:6b:5c:
1c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2D:7B:D5:DC:94:48:8E:97:5C:B8:D7:89:0D:EE:7E:35:1A:F7:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Dy171dyUSI6XXLjXiQ3ufjUa9_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.69.0/24
82.153.136.0/22
82.153.222.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
89.213.248.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
36:e3:3f:b3:c4:9a:5c:51:a1:bb:3b:77:c6:d3:e1:f6:7c:25:
fd:95:30:aa:d2:31:eb:d0:3b:2b:67:1a:b3:41:e5:8f:f9:c8:
12:5e:b0:9b:7b:cc:5d:c0:f3:8f:b7:46:95:e0:dc:15:10:aa:
da:95:f7:a6:27:2b:d5:e1:c6:67:63:0c:43:20:5f:6a:4d:b9:
53:00:32:9e:f7:21:5e:74:93:ce:93:10:39:6f:67:4d:d8:f7:
bb:3a:1b:49:04:39:13:64:a4:c5:eb:45:60:7e:22:f6:99:ac:
88:90:02:58:cd:ad:02:40:4d:a7:9a:a0:dd:db:f3:1a:15:25:
26:09:1e:68:d0:f0:b1:fd:be:11:f5:42:0d:44:79:53:57:73:
5c:d5:90:ba:8f:54:bb:86:d6:a2:a8:c7:b2:1c:bb:7f:f2:d3:
4e:01:70:37:35:04:e1:86:05:ac:b9:74:36:71:09:af:70:73:
f4:34:35:db:a0:96:21:3b:cf:2f:26:30:67:5c:17:30:05:5c:
14:e7:5d:f4:b1:4b:9c:f2:d1:47:f8:1b:8e:24:26:f4:02:9a:
c1:70:cd:3f:fc:2f:f7:cf:30:0f:46:d0:07:97:71:2a:e1:f4:
28:2e:81:a6:84:c6:c7:39:55:79:f2:7f:43:2a:fb:d2:8d:21:
80:f2:38:73
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZS8C/I+geF7ZP7lrm770+tpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTMxMTEwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJkN2JkNWRjOTQ0ODhlOTc1Y2I4ZDc4OTBkZWU3ZTM1MWFmN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cRthcbFfOWiPdys3rgt9lcjECLO
2zIslaF7Ysk+WPY18bPLrcK9LWXdrQ+Ha7qr/d4U+2fudcIc1QVP/u8zm1i3rsGV
6YYuWkY4as75RaO34jQ4wvI5z0tHH3B8KdFnqbBD67PUa4HdSNwTH+bm1qvcf8xz
cRgdKIkm+LVVTsPM+oF81QZsCimI2NNs68pj7Au41L0C2n2UdTINJXeG3PJaNPPz
BjndDJ5MGmG/G+qKt2io85RGMWFfVL2oEL5SrWtqdvz+zG01xlW6fa/OrQe8xM4f
xWFvr3JpWazOQXoiKF2/liUbCz246Evyeiem5eF8y6BjdT6CS49Ia1wcewIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFA8te9XclEiOl1y414kN7n41GvfxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRHkxNzFkeVVTSTZYWExqWGlRM3VmalVhOV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAFKYCAMEAVKYsAMEAFKZMgMEAFKZRQMEAlKZiAMEAFKZ3gMEAFKZ8wMEAVnV
LAMEAVnVMgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQA
WdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnV
qwMEBFnVoAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eAD
BABZ1fgDBANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgD
BADVmCsDBALV0jQDBADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0B
AQsFAAOCAQEANuM/s8SaXFGhuzt3xtPh9nwl/ZUwqtIx69A7K2cas0Hlj/nIEl6w
m3vMXcDzj7dGleDcFRCq2pX3picr1eHGZ2MMQyBfak25UwAynvchXnSTzpMQOW9n
Tdj3uzobSQQ5E2SkxetFYH4i9pmsiJACWM2tAkBNp5qg3dvzGhUlJgkeaNDwsf2+
EfVCDUR5U1dzXNWQuo9Uu4bWoqjHshy7f/LTTgFwNzUE4YYFrLl0NnEJr3Bz9DQ1
26CWITvPLyYwZ1wXMAVcFOdd9LFLnPLRR/gbjiQm9AKawXDNP/wv988wD0bQB5dx
KuH0KC6BpoTGxzlVefJ/Qyr70o0hgPI4cw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:54 2025 by rpki-client