Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FoXOJDSw1W5qR4XUJO4TeJTvt2o.roa
File: FoXOJDSw1W5qR4XUJO4TeJTvt2o.roa (raw, json)
Hash identifier: 0O5ebGJr++L0zPkx9OEBm6haWzwU7h7qQJE5H3c2oBg=
Subject key identifier: 16:85:CE:24:34:B0:D5:6E:6A:47:85:D4:24:EE:13:78:94:EF:B7:6A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193B04F3B04491E4B044F968E54D77760D4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FoXOJDSw1W5qR4XUJO4TeJTvt2o.roa
Signing time: Tue 10 Dec 2024 11:23:22 +0000
ROA not before: Tue 10 Dec 2024 11:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.165.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 13:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:4f:3b:04:49:1e:4b:04:4f:96:8e:54:d7:77:60:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 10 11:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1685ce2434b0d56e6a4785d424ee137894efb76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7b:c6:d6:f6:b7:96:d7:1f:f9:9b:84:30:3e:
9d:39:77:a3:03:c6:a2:94:d2:88:4b:ea:fe:6b:c6:
c5:e6:79:5e:46:71:cd:5d:e6:8a:00:b2:41:05:fd:
c0:65:21:f9:96:68:b1:24:20:f7:93:8e:41:24:34:
fe:16:6f:c3:e1:8a:20:ea:3c:51:df:55:2b:64:44:
85:28:23:0a:00:c0:35:1e:46:0d:85:45:45:c8:42:
e3:5b:84:bf:ac:5f:ad:eb:cd:d2:2c:e4:c6:70:c8:
53:df:2b:46:c3:32:68:26:20:ff:9d:ef:9e:de:8e:
1d:a2:b4:bf:95:64:75:05:58:36:ec:1f:70:a1:da:
f8:6e:41:12:bd:f9:87:75:00:a1:93:2d:cc:fb:2c:
97:60:00:71:99:20:8c:8d:1a:41:db:25:09:4c:85:
c3:98:af:c8:1c:47:e3:f9:4e:2d:b2:01:85:98:4d:
33:d1:5a:b3:16:28:cb:4e:4b:57:43:d4:88:0e:a3:
1f:ec:35:09:2d:1d:de:b6:ff:ed:23:ee:fb:66:95:
42:09:f1:a7:a2:b9:20:b5:fb:a2:94:5d:46:b5:2b:
19:92:88:d5:d2:10:ba:53:9c:15:ff:7c:e9:c0:1e:
86:fe:d0:92:48:0d:42:f1:1c:8d:f2:07:31:3c:0a:
56:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:85:CE:24:34:B0:D5:6E:6A:47:85:D4:24:EE:13:78:94:EF:B7:6A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FoXOJDSw1W5qR4XUJO4TeJTvt2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.165.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:e4:45:73:0d:8c:13:79:8b:fd:6e:09:74:0b:96:8e:d1:3e:
40:3b:0c:eb:53:2e:8f:86:66:3f:42:99:20:fe:e1:59:18:03:
b4:cf:d5:85:ab:3e:12:52:f3:dc:a6:59:e6:34:98:0f:56:ba:
bb:0e:7c:95:e1:08:a6:d5:16:c1:99:02:e5:e8:29:12:9f:4e:
bc:25:e1:f1:c0:3d:90:94:61:9d:09:4f:63:2c:84:bc:1d:49:
77:6b:e6:1e:41:1c:00:dd:b1:0c:7f:65:b9:c6:6b:55:21:1e:
7b:c6:6b:9b:7f:75:25:74:a3:f1:6b:25:17:01:16:83:e9:db:
7f:5f:83:a7:01:c7:32:3a:b6:cc:6b:4c:c5:97:fd:1a:20:07:
e5:49:77:d8:04:02:09:a0:3e:a6:5b:f7:da:0d:4c:d8:b6:1e:
50:3f:ac:ee:35:40:83:7b:57:a0:7b:f3:82:cc:fd:8b:ec:a4:
eb:d9:ee:d2:7b:84:32:7a:5b:c4:99:6a:cb:29:4e:0b:30:56:
3c:a3:ec:16:ef:2f:5f:f1:8c:53:94:9b:20:5c:9f:e3:83:c9:
88:7a:d3:f5:f5:66:5e:41:7a:2f:61:64:42:70:e4:8f:fd:08:
22:7a:19:94:b1:0b:f9:9f:a3:be:92:74:07:7b:52:8b:3a:cd:
c9:dc:41:cd
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZOwTzsESR5LBE+WjlTXd2DUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjEwMTEyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg1Y2UyNDM0YjBkNTZlNmE0Nzg1ZDQyNGVlMTM3ODk0ZWZiNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHvG1va3ltcf+ZuEMD6dOXejA8ai
lNKIS+r+a8bF5nleRnHNXeaKALJBBf3AZSH5lmixJCD3k45BJDT+Fm/D4Yog6jxR
31UrZESFKCMKAMA1HkYNhUVFyELjW4S/rF+t683SLOTGcMhT3ytGwzJoJiD/ne+e
3o4dorS/lWR1BVg27B9wodr4bkESvfmHdQChky3M+yyXYABxmSCMjRpB2yUJTIXD
mK/IHEfj+U4tsgGFmE0z0VqzFijLTktXQ9SIDqMf7DUJLR3etv/tI+77ZpVCCfGn
orkgtfuilF1GtSsZkojV0hC6U5wV/3zpwB6G/tCSSA1C8RyN8gcxPApW0wIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFBaFziQ0sNVuakeF1CTuE3iU77dqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRm9YT0pEU3cxVzVxUjRYVUpPNFRlSlR2dDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWlAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAME
Am2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEAtXSNAMEANXa0zAM
AwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQCj5EVzDYwTeYv9
bgl0C5aO0T5AOwzrUy6PhmY/Qpkg/uFZGAO0z9WFqz4SUvPcplnmNJgPVrq7DnyV
4Qim1RbBmQLl6CkSn068JeHxwD2QlGGdCU9jLIS8HUl3a+YeQRwA3bEMf2W5xmtV
IR57xmubf3UldKPxayUXARaD6dt/X4OnAccyOrbMa0zFl/0aIAflSXfYBAIJoD6m
W/faDUzYth5QP6zuNUCDe1ege/OCzP2L7KTr2e7Se4QyelvEmWrLKU4LMFY8o+wW
7y9f8YxTlJsgXJ/jg8mIetP19WZeQXovYWRCcOSP/QgiehmUsQv5n6O+knQHe1KL
Os3J3EHN
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:54 2025 by rpki-client