Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GhhjgieWrus_TQRQ4CxYYtJRjYE.roa
File: GhhjgieWrus_TQRQ4CxYYtJRjYE.roa (raw, json)
Hash identifier: wV+zQsrgBpJdIv/ko0t1MGRPNgiHsft+iozHCiPwo3g=
Subject key identifier: 1A:18:63:82:27:96:AE:EB:3F:4D:04:50:E0:2C:58:62:D2:51:8D:81
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190985B8B4732B8794FF3F61B1A7913BB08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GhhjgieWrus_TQRQ4CxYYtJRjYE.roa
Signing time: Tue 09 Jul 2024 16:37:34 +0000
ROA not before: Tue 09 Jul 2024 16:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 14:55:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:5b:8b:47:32:b8:79:4f:f3:f6:1b:1a:79:13:bb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 9 16:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a1863822796aeeb3f4d0450e02c5862d2518d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:29:7d:b3:7d:39:21:35:88:14:1c:5c:b2:
a1:7e:7e:e6:09:93:86:b8:2c:e0:6b:ed:f8:f2:11:
08:20:30:67:c6:0a:e8:e0:ad:c7:12:14:df:67:dc:
52:e0:71:69:bd:43:91:60:a5:06:da:b8:fe:e0:49:
c5:19:57:1d:f4:f4:02:17:39:c9:6d:22:99:ff:a3:
18:bd:ca:a4:11:08:02:ae:92:2c:a1:a0:a9:51:03:
45:31:5e:63:f0:40:ba:45:14:33:cf:8f:0b:ab:3f:
3b:b1:06:38:52:08:ca:a5:e4:bd:eb:24:26:16:61:
7c:0c:a3:d3:e4:78:77:2e:75:9f:33:0c:63:10:b1:
94:f5:a5:56:40:1c:6b:aa:8d:93:e7:a0:14:ab:9f:
c5:c5:52:fd:56:29:2d:1a:48:0f:8e:c0:3f:f0:e6:
5d:d2:37:31:43:77:b8:5f:b2:96:c6:2d:0f:a4:1e:
f3:74:8f:45:d7:ce:9c:5a:d3:4f:9a:b6:b3:d7:5b:
f0:5e:29:11:6c:1f:c1:f9:b2:40:99:d0:03:4a:11:
19:c1:67:e1:06:c3:e3:7a:19:2b:38:fa:3d:cc:18:
77:5b:7e:92:38:ae:7e:8f:39:bf:e7:7f:84:9c:31:
7a:2f:53:33:f6:c6:e8:04:24:0f:06:eb:9b:f1:b5:
fd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:18:63:82:27:96:AE:EB:3F:4D:04:50:E0:2C:58:62:D2:51:8D:81
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GhhjgieWrus_TQRQ4CxYYtJRjYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.68.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
11:99:9b:b6:22:52:24:b6:c1:31:b8:6b:b1:ed:90:0e:4b:52:
0d:5a:b1:b5:0e:6a:1c:87:d9:48:99:d1:97:ff:66:32:74:7f:
76:ea:79:29:d3:1a:a1:3d:4f:bc:e9:ea:b5:fe:b3:a2:cd:36:
9f:79:4d:a4:08:2a:e0:7d:50:b9:aa:e1:ad:0d:4b:e0:5a:20:
86:1a:70:26:52:54:b1:19:3c:66:5d:af:65:4e:d4:77:ce:a4:
47:30:e8:c3:cc:bd:0c:c2:6b:84:e3:5c:98:49:7f:15:61:4d:
e3:ee:44:de:31:9b:44:ac:66:33:fb:cf:99:05:10:97:53:c6:
6f:9a:53:7e:18:8d:a5:fa:a8:bb:41:ee:76:c5:6e:e1:e2:29:
d7:2d:ac:75:ca:32:43:4e:cd:13:08:ed:56:4d:8f:d6:73:e1:
ed:0f:42:fc:dd:7d:b3:4c:75:58:81:a9:d6:e4:9d:6b:f7:b3:
da:b5:24:07:60:b3:7d:09:af:13:bc:80:ee:2a:ad:ee:0d:d0:
e5:32:d0:2e:86:21:70:a7:e6:16:11:97:b7:e7:b4:67:ab:2e:
05:2a:1e:1a:31:e2:54:e5:20:4d:57:76:0e:be:87:3e:fc:41:
22:28:ea:c6:c8:5a:fe:66:d2:e9:9b:c9:37:08:f8:ff:05:da:
0f:b9:86:99
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZCYW4tHMrh5T/P2Gxp5E7sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzA5MTYzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTE4NjM4MjI3OTZhZWViM2Y0ZDA0NTBlMDJjNTg2MmQyNTE4ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3UpfbN9OSE1iBQcXLKhfn7mCZOG
uCzga+348hEIIDBnxgro4K3HEhTfZ9xS4HFpvUORYKUG2rj+4EnFGVcd9PQCFznJ
bSKZ/6MYvcqkEQgCrpIsoaCpUQNFMV5j8EC6RRQzz48Lqz87sQY4UgjKpeS96yQm
FmF8DKPT5Hh3LnWfMwxjELGU9aVWQBxrqo2T56AUq5/FxVL9ViktGkgPjsA/8OZd
0jcxQ3e4X7KWxi0PpB7zdI9F186cWtNPmraz11vwXikRbB/B+bJAmdADShEZwWfh
BsPjehkrOPo9zBh3W36SOK5+jzm/53+EnDF6L1Mz9sboBCQPBuub8bX9BwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBoYY4Inlq7rP00EUOAsWGLSUY2BMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2hoamdpZVdydXNfVFFSUTRDeFlZdEpSallFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFSmLAD
BAJSmYgDBAFZ1TIDBAJZ1TgwDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQE
WdXAAwQDWdXoAwQDbbAQAwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQA1drTAwQA
2ZFCAwQA2ZFEAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQARmZu2IlIktsExuGux
7ZAOS1INWrG1Dmoch9lImdGX/2YydH926nkp0xqhPU+86eq1/rOizTafeU2kCCrg
fVC5quGtDUvgWiCGGnAmUlSxGTxmXa9lTtR3zqRHMOjDzL0MwmuE41yYSX8VYU3j
7kTeMZtErGYz+8+ZBRCXU8ZvmlN+GI2l+qi7Qe52xW7h4inXLax1yjJDTs0TCO1W
TY/Wc+HtD0L83X2zTHVYganW5J1r97PatSQHYLN9Ca8TvIDuKq3uDdDlMtAuhiFw
p+YWEZe357Rnqy4FKh4aMeJU5SBNV3YOvoc+/EEiKOrGyFr+ZtLpm8k3CPj/BdoP
uYaZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:51 2025 by rpki-client