Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FVwj4DRe2LZ8a-uq6en9YImfyf0.roa
File: FVwj4DRe2LZ8a-uq6en9YImfyf0.roa (raw, json)
Hash identifier: s3WaDHe0z1NudFzsNEL0dCLgxmKw9zF2VB1S2ZEBXJY=
Subject key identifier: 15:5C:23:E0:34:5E:D8:B6:7C:6B:EB:AA:E9:E9:FD:60:89:9F:C9:FD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01911D4EBD3F411D70782A1DF6B486F4FF99
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FVwj4DRe2LZ8a-uq6en9YImfyf0.roa
Signing time: Sun 04 Aug 2024 12:13:05 +0000
ROA not before: Sun 04 Aug 2024 12:13:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.196.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 13:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:4e:bd:3f:41:1d:70:78:2a:1d:f6:b4:86:f4:ff:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 4 12:13:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=155c23e0345ed8b67c6bebaae9e9fd60899fc9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:03:0c:c1:ec:d2:97:63:8a:22:a2:2a:5e:
27:5b:b5:54:58:2a:f0:88:6a:0b:01:d8:e5:41:0b:
f0:d1:36:70:b9:a5:8d:f0:8b:51:70:25:23:0a:09:
fe:c7:8b:ce:48:f8:96:1c:d2:fb:95:da:8c:55:7b:
c6:b7:05:c1:4e:b9:f1:b6:07:ff:c9:b7:a1:23:03:
01:7c:d3:58:52:ee:cc:7b:7f:dc:62:62:11:af:d6:
27:bc:b9:ed:7e:11:96:e3:31:60:a6:b2:c3:61:c9:
db:4f:28:56:33:85:8a:87:02:91:f3:94:b0:61:c8:
50:b4:4c:2c:c1:24:d9:24:74:b4:48:09:c4:39:d3:
66:03:f7:aa:3a:3a:3e:4c:83:7b:51:d0:77:91:67:
c5:72:b7:3f:72:b4:b2:6e:a0:09:ef:3f:5f:8b:4f:
d1:60:0a:6f:3d:bc:06:7c:5c:19:b2:72:42:e4:6a:
f0:3b:f8:5a:f5:9a:ad:cb:05:9e:1f:d2:1c:86:9a:
3f:05:f2:50:45:69:81:67:38:d9:f2:a4:8f:ab:62:
91:4f:ec:ef:f9:4e:2c:95:2c:bd:4b:b0:9a:15:59:
27:a4:e3:8a:15:6a:57:84:89:63:22:f8:26:68:9e:
e6:b0:ff:fa:16:26:37:50:f0:c2:32:db:d2:5b:90:
68:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5C:23:E0:34:5E:D8:B6:7C:6B:EB:AA:E9:E9:FD:60:89:9F:C9:FD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FVwj4DRe2LZ8a-uq6en9YImfyf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.8.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
82.163.23.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.196.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:47:6e:c6:48:25:36:59:f4:83:f0:d3:71:6c:8a:57:c2:71:
56:8e:c3:fb:9d:f5:ad:53:12:71:ce:90:88:dd:8c:00:9d:97:
50:0d:8b:f7:95:24:3c:89:d7:d5:d0:03:26:6e:75:d7:2e:53:
e5:a1:2f:b9:b8:a8:1d:7b:e0:92:38:32:43:ff:5f:43:57:50:
4c:52:e8:59:92:05:60:d9:37:9a:cf:6e:57:2d:52:c9:13:48:
cd:3b:1f:0e:64:8a:1d:b4:d5:a7:18:b2:87:f8:79:6b:08:19:
f3:e1:43:28:75:af:10:ec:af:11:13:a9:b1:31:5e:ac:c6:ba:
47:aa:ae:a7:49:b9:23:9b:20:8e:89:a9:aa:58:33:58:23:b4:
42:a2:a1:96:f9:0e:85:c4:42:cd:db:1b:36:ec:e1:ea:74:4f:
89:00:c5:8a:5e:9c:9c:ba:1a:61:be:c0:9f:9a:ad:57:7e:90:
5c:9a:81:94:9e:e2:32:0f:65:31:1f:f9:64:3f:a3:b2:36:0c:
1c:5d:c6:58:a3:ad:09:c1:a7:7b:c1:b3:a3:b5:01:95:d9:8d:
b1:ad:2c:48:c0:35:d1:cb:fd:d1:85:68:dc:0e:c0:9f:e3:2d:
5b:41:9c:52:c8:4f:5e:12:69:27:0e:92:fd:5a:20:62:79:99:
b1:43:cc:21
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZEdTr0/QR1weCod9rSG9P+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODA0MTIxMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTVjMjNlMDM0NWVkOGI2N2M2YmViYWFlOWU5ZmQ2MDg5OWZjOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD0DDMHs0pdjiiKiKl4nW7VUWCrw
iGoLAdjlQQvw0TZwuaWN8ItRcCUjCgn+x4vOSPiWHNL7ldqMVXvGtwXBTrnxtgf/
ybehIwMBfNNYUu7Me3/cYmIRr9YnvLntfhGW4zFgprLDYcnbTyhWM4WKhwKR85Sw
YchQtEwswSTZJHS0SAnEOdNmA/eqOjo+TIN7UdB3kWfFcrc/crSybqAJ7z9fi0/R
YApvPbwGfFwZsnJC5GrwO/ha9ZqtywWeH9Ichpo/BfJQRWmBZzjZ8qSPq2KRT+zv
+U4slSy9S7CaFVknpOOKFWpXhIljIvgmaJ7msP/6FiY3UPDCMtvSW5BoNwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFBVcI+A0Xti2fGvrqunp/WCJn8n9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRlZ3ajREUmUyTFo4YS11cTZlbjlZSW1meWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAFGo
eAMEAFKYCAMEAFKY+AMEAFKY+wMEAFKY/gMEAFKZIgMEAFKZJQMEAFKZRQMEAFKZ
SAMEAFKZTwMEAFKZhAMEAFKZ4AMEAFKjFwMEAFnVBAMEAFnVBwMEAFnVggMEAFnV
vgMEAFnVxAMEAG2w9wMEAG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAfkdu
xkglNln0g/DTcWyKV8JxVo7D+531rVMScc6QiN2MAJ2XUA2L95UkPInX1dADJm51
1y5T5aEvubioHXvgkjgyQ/9fQ1dQTFLoWZIFYNk3ms9uVy1SyRNIzTsfDmSKHbTV
pxiyh/h5awgZ8+FDKHWvEOyvEROpsTFerMa6R6qup0m5I5sgjompqlgzWCO0QqKh
lvkOhcRCzdsbNuzh6nRPiQDFil6cnLoaYb7An5qtV36QXJqBlJ7iMg9lMR/5ZD+j
sjYMHF3GWKOtCcGne8Gzo7UBldmNsa0sSMA10cv90YVo3A7An+MtW0GcUshPXhJp
Jw6S/VogYnmZsUPMIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:05 2025 by rpki-client