Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EFRT53dJsYANH3exioKB4geMRus.roa
File: EFRT53dJsYANH3exioKB4geMRus.roa (raw, json)
Hash identifier: Jfl03Y7Mz2xt6+izUMPR90TcbtteNHczZt0oYQM6NUo=
Subject key identifier: 10:54:53:E7:77:49:B1:80:0D:1F:77:B1:8A:82:81:E2:07:8C:46:EB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193ABBE1CA5680FCA1CF31F1102977B66A5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EFRT53dJsYANH3exioKB4geMRus.roa
Signing time: Mon 09 Dec 2024 14:06:23 +0000
ROA not before: Mon 09 Dec 2024 14:06:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 37.98.144.0/21 maxlen: 24
37.98.144.0/22 maxlen: 24
37.252.24.0/21 maxlen: 24
77.107.64.0/18 maxlen: 24
79.99.72.0/21 maxlen: 24
80.240.80.0/20 maxlen: 20
81.5.128.0/18 maxlen: 18
81.168.0.0/17 maxlen: 17
82.152.0.0/15 maxlen: 15
82.152.0.0/16 maxlen: 16
82.163.0.0/19 maxlen: 24
85.159.128.0/21 maxlen: 24
89.31.232.0/21 maxlen: 24
89.213.48.0/20 maxlen: 24
89.213.64.0/18 maxlen: 24
89.213.192.0/18 maxlen: 24
109.176.0.0/16 maxlen: 16
185.20.32.0/22 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
185.24.84.0/24 maxlen: 24
185.24.86.0/23 maxlen: 23
194.105.64.0/19 maxlen: 24
195.128.138.0/24 maxlen: 24
212.38.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
213.152.32.0/19 maxlen: 19
213.210.0.0/18 maxlen: 24
213.218.208.0/20 maxlen: 24
213.218.224.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
2001:1a90::/32 maxlen: 32
2a00:c60::/32 maxlen: 32
2a02:21f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:be:1c:a5:68:0f:ca:1c:f3:1f:11:02:97:7b:66:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 14:06:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=105453e77749b1800d1f77b18a8281e2078c46eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:5c:58:b7:56:7a:4a:b0:a5:a5:fc:15:73:
7e:58:a6:cd:b7:c4:c9:22:e6:7a:2c:a5:af:cd:0d:
5e:33:22:8a:9f:b1:52:c7:ef:08:3a:fa:9d:44:07:
e8:96:95:83:5a:7d:83:51:44:30:95:ca:f5:81:4f:
ba:f2:c5:f7:74:3a:8d:24:fa:f9:92:30:00:21:33:
34:8c:7d:54:9f:50:b9:89:c3:31:0f:70:9e:74:2b:
d6:bf:33:22:99:99:5a:f1:16:96:3c:01:cf:68:8f:
d3:4f:79:5f:83:41:20:a6:5c:5b:df:cb:ce:a2:ba:
50:54:ce:3d:4c:50:9d:86:2a:d8:4f:bd:ad:6b:52:
10:52:17:f5:c2:0f:43:60:86:11:0d:5a:7d:96:fa:
3d:3a:1f:ad:04:ad:1d:a8:54:e8:30:2f:09:99:f4:
e8:d3:47:8f:09:a5:ff:2e:db:64:5d:ea:c9:bc:3c:
97:ba:b3:b7:7f:12:17:1d:16:9b:ee:f0:3d:38:bf:
b1:9e:cf:9a:26:29:0b:28:18:67:ef:1a:07:11:e2:
cc:18:95:f6:11:1c:f3:2b:e0:92:f0:ee:cf:04:89:
fa:fe:ab:cf:bf:3d:21:8d:f3:54:6c:81:4b:a3:60:
41:82:cc:55:ce:3e:38:8f:f5:56:70:2b:71:00:5a:
8f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:54:53:E7:77:49:B1:80:0D:1F:77:B1:8A:82:81:E2:07:8C:46:EB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EFRT53dJsYANH3exioKB4geMRus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.107.64.0/18
79.99.72.0/21
80.240.80.0/20
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
82.163.0.0/19
85.159.128.0/21
89.31.232.0/21
89.213.48.0-89.213.127.255
89.213.192.0/18
109.176.0.0/16
185.20.32.0/22
185.24.84.0/24
185.24.86.0/23
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.152.32.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
IPv6:
2001:1a90::/32
2a00:c60::/32
2a02:21f8::/32
Signature Algorithm: sha256WithRSAEncryption
1c:11:f2:00:10:1c:e8:bc:8f:4e:26:a9:13:d6:8f:d5:fa:f1:
39:83:fe:9d:6d:c6:1b:c3:cd:fc:9d:54:4f:2e:1c:db:a2:6b:
5f:fd:af:9a:8b:45:c6:7a:92:e2:94:15:31:72:c8:26:67:ef:
6f:72:ac:b6:39:9d:4f:d3:19:88:52:e4:26:c9:97:17:da:51:
5b:0e:67:17:62:2e:6d:d2:59:98:2f:fe:ec:54:f3:12:5d:38:
d8:63:f5:e5:21:8c:7e:90:64:18:aa:62:45:8c:91:84:7d:1f:
58:3d:c8:09:95:5a:1e:90:51:61:81:e8:b7:5a:71:1b:5e:72:
86:be:95:b6:c5:34:7d:43:84:a1:83:27:3c:b8:08:d6:7b:5c:
02:02:7b:99:da:14:1e:70:b1:f3:71:02:57:f1:a4:dc:49:0c:
e7:70:73:0a:9e:67:29:0c:66:e4:12:1d:cd:97:71:58:0f:fd:
c2:12:73:b5:09:7e:ad:a7:05:a0:3c:3c:1f:d6:26:f2:98:75:
d4:50:07:b8:92:52:35:d5:97:ad:70:dd:5a:00:6a:70:a9:d5:
be:a3:1b:18:b1:70:34:1c:76:32:ec:86:7f:85:e6:5f:43:a7:
81:a7:59:10:e1:6f:c8:73:cb:21:6d:c2:b5:f2:99:a4:40:c5:
cc:0b:04:f8
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZOrvhylaA/KHPMfEQKXe2alMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA5MTQwNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU0NTNlNzc3NDliMTgwMGQxZjc3YjE4YTgyODFlMjA3OGM0NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIxcWLdWekqwpaX8FXN+WKbNt8TJ
IuZ6LKWvzQ1eMyKKn7FSx+8IOvqdRAfolpWDWn2DUUQwlcr1gU+68sX3dDqNJPr5
kjAAITM0jH1Un1C5icMxD3CedCvWvzMimZla8RaWPAHPaI/TT3lfg0Egplxb38vO
orpQVM49TFCdhirYT72ta1IQUhf1wg9DYIYRDVp9lvo9Oh+tBK0dqFToMC8JmfTo
00ePCaX/LttkXerJvDyXurO3fxIXHRab7vA9OL+xns+aJikLKBhn7xoHEeLMGJX2
ERzzK+CS8O7PBIn6/qvPvz0hjfNUbIFLo2BBgsxVzj44j/VWcCtxAFqPXwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFBBUU+d3SbGADR93sYqCgeIHjEbrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUZSVDUzZEpzWUFOSDNleGlvS0I0Z2VNUnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBsAQCAAEwgakDBAMl
YpADBAMl/BgDBAZNa0ADBANPY0gDBARQ8FADBAZRBYADBAdRqAADAwFSmAMEBVKj
AAMEA1WfgAMEA1kf6DAMAwQEWdUwAwQHWdUAAwQGWdXAAwMAbbADBAK5FCADBAC5
GFQDBAG5GFYDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV0gAwCwME
BNXa0AMDANXaAwQE2ZCQAwQE2ZFAMBsEAgACMBUDBQAgARqQAwUAKgAMYAMFACoC
IfgwDQYJKoZIhvcNAQELBQADggEBABwR8gAQHOi8j04mqRPWj9X68TmD/p1txhvD
zfydVE8uHNuia1/9r5qLRcZ6kuKUFTFyyCZn729yrLY5nU/TGYhS5CbJlxfaUVsO
ZxdiLm3SWZgv/uxU8xJdONhj9eUhjH6QZBiqYkWMkYR9H1g9yAmVWh6QUWGB6Lda
cRtecoa+lbbFNH1DhKGDJzy4CNZ7XAICe5naFB5wsfNxAlfxpNxJDOdwcwqeZykM
ZuQSHc2XcVgP/cISc7UJfq2nBaA8PB/WJvKYddRQB7iSUjXVl61w3VoAanCp1b6j
GxixcDQcdjLshn+F5l9Dp4GnWRDhb8hzyyFtwrXymaRAxcwLBPg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:03 2025 by rpki-client