Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G_K5MvNKtFy41IqvtmHJiSimLTg.roa
File: G_K5MvNKtFy41IqvtmHJiSimLTg.roa (raw, json)
Hash identifier: a6thTjnXUHCEwpGCXPQicfpKOQJNzZuYvu7fbnS5JAQ=
Subject key identifier: 1B:F2:B9:32:F3:4A:B4:5C:B8:D4:8A:AF:B6:61:C9:89:28:A6:2D:38
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191BD7D7B2603BB6A3E6C5000CFA792350D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G_K5MvNKtFy41IqvtmHJiSimLTg.roa
Signing time: Wed 04 Sep 2024 14:43:22 +0000
ROA not before: Wed 04 Sep 2024 14:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.178.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.76.0/24 maxlen: 24
217.145.78.0/24 maxlen: 24
217.145.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 20:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:7d:7b:26:03:bb:6a:3e:6c:50:00:cf:a7:92:35:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 14:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bf2b932f34ab45cb8d48aafb661c98928a62d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:5d:75:38:22:02:01:07:7a:cf:28:1f:a5:
6b:f7:34:d7:c3:5a:ef:6d:0f:e2:96:2e:82:7d:a3:
db:a1:c7:e4:ec:f2:5b:a5:07:b9:a8:22:32:9e:44:
54:de:92:cb:e8:27:b8:f2:86:77:8f:6c:62:07:65:
9f:53:3b:c3:81:37:74:d7:04:46:c5:6a:e3:a3:53:
79:b3:79:fa:16:1c:d3:cf:2f:fe:a7:c3:da:64:b5:
c8:d4:24:19:ed:7b:19:3c:fa:95:8c:56:29:98:8b:
eb:00:22:81:51:82:73:d2:9e:c3:fc:d0:f5:ea:cd:
d5:5d:17:ac:d9:99:0e:2e:54:c1:1c:59:02:96:f7:
31:ff:93:d9:a5:12:1e:7f:7a:37:23:e7:94:1e:55:
41:1d:9e:71:37:ea:d2:7b:78:c4:12:ed:81:e9:9c:
41:d7:d6:a4:44:4a:47:22:74:aa:e4:52:0e:97:6e:
e8:4d:30:34:9a:b8:71:f0:ec:d9:18:39:62:be:8c:
df:ca:89:21:fc:d8:f2:91:a9:39:df:38:ef:ff:ba:
b3:47:95:a7:c6:3c:fc:51:7e:62:59:f1:eb:ed:23:
08:68:b4:72:86:f6:c6:3b:e0:b9:86:dc:75:0d:f1:
39:de:3e:7e:64:48:dd:0b:cd:85:ac:97:90:86:0a:
25:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F2:B9:32:F3:4A:B4:5C:B8:D4:8A:AF:B6:61:C9:89:28:A6:2D:38
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G_K5MvNKtFy41IqvtmHJiSimLTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0-82.152.178.255
82.153.136.0/22
82.153.243.0/24
89.213.6.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
82:40:03:84:91:ce:c1:6f:67:1b:fd:25:bd:d5:70:90:7e:45:
0f:31:9d:71:2d:98:bb:8d:cb:29:5b:33:c5:64:a4:c7:25:8e:
c9:5d:78:a8:82:ce:3c:6d:8c:86:41:68:af:34:a4:bc:72:e4:
ee:48:dc:9b:cd:97:5e:84:61:e2:6a:5e:ef:55:b6:30:2e:17:
c7:c8:21:7b:47:8c:06:79:8b:72:db:62:c1:e5:03:c3:86:a1:
c0:52:38:8a:93:ff:ba:b9:78:6e:42:61:11:70:67:47:72:96:
20:1a:87:c7:a5:5d:61:57:20:4a:c2:58:b5:cb:89:01:ea:0c:
92:6f:90:b7:c1:75:aa:b7:94:cb:d5:c8:e1:c8:e4:4d:76:d4:
5b:72:b7:76:1f:a0:4e:84:52:7c:33:1b:82:94:05:19:bd:ca:
55:4a:54:79:a7:51:7e:86:cc:cb:01:12:f6:d0:fa:86:02:db:
12:61:4e:04:5c:71:24:ca:6f:10:eb:61:ae:ac:62:85:13:34:
65:18:d7:46:6d:19:d0:b5:52:77:2f:84:21:0e:ff:f3:09:c0:
dd:88:ff:21:95:55:e3:33:61:1e:a7:ba:d9:0b:d7:da:da:b3:
48:a7:f6:3e:ea:bb:43:b7:94:d2:33:79:eb:42:b7:e7:36:27:
ba:46:1b:98
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZG9fXsmA7tqPmxQAM+nkjUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA0MTQ0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmYyYjkzMmYzNGFiNDVjYjhkNDhhYWZiNjYxYzk4OTI4YTYyZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzONddTgiAgEHes8oH6Vr9zTXw1rv
bQ/ili6CfaPbocfk7PJbpQe5qCIynkRU3pLL6Ce48oZ3j2xiB2WfUzvDgTd01wRG
xWrjo1N5s3n6FhzTzy/+p8PaZLXI1CQZ7XsZPPqVjFYpmIvrACKBUYJz0p7D/ND1
6s3VXRes2ZkOLlTBHFkClvcx/5PZpRIef3o3I+eUHlVBHZ5xN+rSe3jEEu2B6ZxB
19akREpHInSq5FIOl27oTTA0mrhx8OzZGDlivozfyokh/Njykak53zjv/7qzR5Wn
xjz8UX5iWfHr7SMIaLRyhvbGO+C5htx1DfE53j5+ZEjdC82FrJeQhgolWwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBvyuTLzSrRcuNSKr7ZhyYkopi04MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR19LNU12Tkt0Rnk0MUlxdnRtSEppU2ltTFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIwDAME
BFKYsAMEAFKYsgMEAlKZiAMEAFKZ8wMEAFnVBgMEAVnVLAMEAVnVMgMEAlnVOAME
AFnVgQMEAFnVkTAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ
1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAME
AdQmWAMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IB
AQCCQAOEkc7Bb2cb/SW91XCQfkUPMZ1xLZi7jcspWzPFZKTHJY7JXXiogs48bYyG
QWivNKS8cuTuSNybzZdehGHial7vVbYwLhfHyCF7R4wGeYty22LB5QPDhqHAUjiK
k/+6uXhuQmERcGdHcpYgGofHpV1hVyBKwli1y4kB6gySb5C3wXWqt5TL1cjhyORN
dtRbcrd2H6BOhFJ8MxuClAUZvcpVSlR5p1F+hszLARL20PqGAtsSYU4EXHEkym8Q
62GurGKFEzRlGNdGbRnQtVJ3L4QhDv/zCcDdiP8hlVXjM2Eep7rZC9fa2rNIp/Y+
6rtDt5TSM3nrQrfnNie6RhuY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:46 2025 by rpki-client