Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FrGWQzR8kDxRv46RV02Wa7v0nuY.roa
File: FrGWQzR8kDxRv46RV02Wa7v0nuY.roa (raw, json)
Hash identifier: SCiJaviMWaBJAG5YpIL30NJRepPoZrkCcuD8VV6+Fkg=
Subject key identifier: 16:B1:96:43:34:7C:90:3C:51:BF:8E:91:57:4D:96:6B:BB:F4:9E:E6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190823CC409CF835F3EB67572DF3AC39B89
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FrGWQzR8kDxRv46RV02Wa7v0nuY.roa
Signing time: Fri 05 Jul 2024 09:32:18 +0000
ROA not before: Fri 05 Jul 2024 09:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 16:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:3c:c4:09:cf:83:5f:3e:b6:75:72:df:3a:c3:9b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 5 09:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16b19643347c903c51bf8e91574d966bbbf49ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:34:e5:22:3e:73:50:5b:1c:e1:6e:1a:06:
0b:92:88:1c:f4:e7:90:bd:96:e9:97:70:ef:1f:88:
ea:59:a8:cf:66:10:b6:73:e5:86:9b:3f:83:ba:be:
61:79:69:c9:df:e5:44:68:30:0a:35:ee:5d:3e:0b:
02:ff:75:ed:b4:aa:d2:f6:5c:e4:21:42:c1:e4:26:
bd:00:d0:7f:36:d1:88:b1:e4:3a:4c:2c:89:11:1c:
a0:05:dd:88:20:03:f0:cd:d8:d0:1c:6f:b0:b2:34:
c4:fb:cd:32:73:79:67:10:92:6f:dc:e8:5d:b3:92:
ed:ba:c2:92:85:6b:6a:42:e7:99:b7:1b:47:38:6a:
ba:8f:93:46:88:27:f1:81:0a:ea:fc:30:12:b4:59:
2f:10:09:e8:df:bc:88:c5:06:01:c4:07:04:24:86:
4b:9a:ac:a6:0f:23:09:8b:f0:8f:f9:a1:88:7c:37:
c0:0d:dd:7d:79:12:7c:47:4b:f3:21:f2:6e:75:06:
0a:b2:19:1a:51:b6:c8:0f:98:75:f9:5d:ff:8f:d2:
08:cd:72:99:3a:b2:16:58:12:79:e1:e4:ba:e7:f1:
2c:c6:56:54:00:7e:df:f8:37:fe:f6:59:26:95:53:
2c:62:4b:fc:24:c4:ac:da:29:76:96:e4:96:b5:ac:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B1:96:43:34:7C:90:3C:51:BF:8E:91:57:4D:96:6B:BB:F4:9E:E6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FrGWQzR8kDxRv46RV02Wa7v0nuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:1a:15:fe:a0:21:d2:20:62:c6:63:4d:8b:5c:c3:ef:d3:74:
cb:a1:94:7d:4f:22:fb:52:9a:6d:76:14:7d:59:62:28:c7:a7:
32:4f:fe:1f:c5:19:e1:f2:ff:67:97:08:61:39:da:e4:ed:6c:
30:b2:e0:db:4f:6c:fd:15:49:03:cb:59:bf:59:69:2b:59:b3:
56:55:fb:19:32:35:d8:f1:cb:d9:8d:2d:62:99:16:58:f9:f1:
ba:2e:5d:de:ca:c4:03:7e:d9:c4:c8:ef:94:fc:35:b7:d8:2d:
5a:72:69:5b:57:95:3b:96:19:ac:61:47:6a:c7:a2:ef:38:a6:
bb:4e:c9:46:97:b5:c1:04:2e:39:f6:2b:7c:3e:e9:da:3b:93:
cb:af:1b:5b:8d:b9:83:13:21:03:5b:ca:f6:52:e6:16:7b:4a:
53:6a:7b:d0:fb:13:b9:fc:05:82:eb:a5:46:05:cb:e4:86:b0:
11:ea:22:26:cf:29:6f:c7:88:53:25:5b:70:cb:27:11:56:6d:
a8:94:e9:ad:67:05:60:76:3b:0b:11:fd:e9:8e:41:d9:e7:f4:
6a:8f:83:cb:e1:24:15:2f:3c:aa:84:6f:6b:6d:1e:b1:c2:ce:
fd:7d:1d:e1:5b:47:b1:87:f8:a5:27:a2:30:75:96:ef:92:2f:
10:91:ae:34
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZCCPMQJz4NfPrZ1ct86w5uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzA1MDkzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmIxOTY0MzM0N2M5MDNjNTFiZjhlOTE1NzRkOTY2YmJiZjQ5ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHU05SI+c1BbHOFuGgYLkogc9OeQ
vZbpl3DvH4jqWajPZhC2c+WGmz+Dur5heWnJ3+VEaDAKNe5dPgsC/3XttKrS9lzk
IULB5Ca9ANB/NtGIseQ6TCyJERygBd2IIAPwzdjQHG+wsjTE+80yc3lnEJJv3Ohd
s5LtusKShWtqQueZtxtHOGq6j5NGiCfxgQrq/DAStFkvEAno37yIxQYBxAcEJIZL
mqymDyMJi/CP+aGIfDfADd19eRJ8R0vzIfJudQYKshkaUbbID5h1+V3/j9IIzXKZ
OrIWWBJ54eS65/EsxlZUAH7f+Df+9lkmlVMsYkv8JMSs2il2luSWtazhawIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFBaxlkM0fJA8Ub+OkVdNlmu79J7mMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRnJHV1F6UjhrRHhSdjQ2UlYwMldhN3YwbnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAVKYsAME
AlKZiAMEAVnVMgMEAlnVOAMEAFnVhjAMAwQCWdWUAwQFWdWAAwQCWdWsMAwDBAJZ
1cQDBARZ1cADBANZ1egDBANtsBADBAJtsMwDBAG5MX4DBATCaVADBAHUJlgDBADV
2tMDBAPZkUgwDQYJKoZIhvcNAQELBQADggEBAE4aFf6gIdIgYsZjTYtcw+/TdMuh
lH1PIvtSmm12FH1ZYijHpzJP/h/FGeHy/2eXCGE52uTtbDCy4NtPbP0VSQPLWb9Z
aStZs1ZV+xkyNdjxy9mNLWKZFlj58bouXd7KxAN+2cTI75T8NbfYLVpyaVtXlTuW
GaxhR2rHou84prtOyUaXtcEELjn2K3w+6do7k8uvG1uNuYMTIQNbyvZS5hZ7SlNq
e9D7E7n8BYLrpUYFy+SGsBHqIibPKW/HiFMlW3DLJxFWbaiU6a1nBWB2OwsR/emO
Qdnn9GqPg8vhJBUvPKqEb2ttHrHCzv19HeFbR7GH+KUnojB1lu+SLxCRrjQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:26 2025 by rpki-client