Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hz-3ILs51M85jRF0CnwcgFlObLM.roa
File: Hz-3ILs51M85jRF0CnwcgFlObLM.roa (raw, json)
Hash identifier: AoDBPDe/jbS6t5d87VNZC9k2ZL6OlE9jIRHIsT5GXl4=
Subject key identifier: 1F:3F:B7:20:BB:39:D4:CF:39:8D:11:74:0A:7C:1C:80:59:4E:6C:B3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193F07242C5D1858427C9892150554416A8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hz-3ILs51M85jRF0CnwcgFlObLM.roa
Signing time: Sun 22 Dec 2024 22:17:20 +0000
ROA not before: Sun 22 Dec 2024 22:17:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.196.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 13:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f0:72:42:c5:d1:85:84:27:c9:89:21:50:55:44:16:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 22 22:17:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f3fb720bb39d4cf398d11740a7c1c80594e6cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:40:ee:7e:1d:ca:31:1e:88:f5:5d:d2:13:64:
cb:24:d2:06:93:b5:60:94:98:3a:c3:85:26:0d:f9:
4f:46:4f:85:69:9e:ff:21:9b:a5:04:a4:d4:47:5e:
3c:a7:f5:98:f6:e5:e1:e5:75:64:23:6e:18:8e:3d:
5e:30:8b:90:6b:94:d1:6a:3a:e0:75:89:be:29:77:
26:3c:5d:8e:1a:ca:23:0e:a0:09:ea:b0:5a:7f:4b:
9d:f9:8d:d2:24:27:66:60:57:24:f9:56:e9:d2:a9:
c3:34:bd:67:8f:8b:d4:02:d3:46:90:fd:87:3e:1c:
71:6b:63:62:3c:2a:40:02:9f:f2:ac:f3:cd:fe:0f:
5d:c1:77:b2:20:a2:29:e4:52:0f:4d:39:04:c1:26:
ac:dc:36:07:d5:9e:a9:de:88:11:35:8f:cc:0a:a3:
4e:fe:82:9a:da:45:8d:e4:2a:12:35:c2:eb:72:7f:
06:e5:f6:5f:46:1e:2a:17:c8:6f:f7:30:ba:f0:83:
7a:15:a9:1f:4f:89:b2:7a:ce:0f:4e:94:fa:b8:72:
ff:f7:af:6e:33:45:31:9c:6e:55:f2:57:e3:cd:a6:
c6:34:87:00:df:45:b3:78:bf:bd:c5:76:b3:f9:a7:
2c:88:96:93:57:e9:6a:a6:2d:70:4b:52:c1:48:fe:
2b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:B7:20:BB:39:D4:CF:39:8D:11:74:0A:7C:1C:80:59:4E:6C:B3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hz-3ILs51M85jRF0CnwcgFlObLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:cf:41:82:17:12:ba:ca:e8:22:3b:b8:92:d8:a8:a4:e2:77:
93:39:02:82:7d:dc:cc:00:8d:52:73:06:90:fc:9c:ac:e4:a4:
10:0f:48:1a:a5:a9:8b:7f:f6:f9:59:62:e4:77:de:c1:db:42:
08:f0:66:3c:d6:7f:35:d5:94:54:4f:bc:22:3f:6b:1f:36:73:
fc:29:02:ae:e9:3a:ba:e4:98:24:09:51:1e:97:4c:18:79:fa:
7e:54:3f:89:38:7e:ff:89:60:65:51:e9:7c:a1:1a:1a:fe:c0:
db:d3:77:71:65:f4:ce:f1:b5:41:4a:f4:b5:53:12:68:85:28:
2f:d2:6b:70:69:df:62:f6:8f:42:82:79:c7:54:6b:70:d3:08:
40:29:46:2f:5d:35:c9:22:ad:0e:cc:a6:e3:fc:7a:32:6b:32:
28:ee:7f:73:65:15:61:d9:74:f1:be:cd:da:31:96:ec:93:38:
39:e9:bc:2e:1e:72:5a:3d:f2:29:0b:84:7a:7f:14:b0:2e:30:
20:76:1b:f3:c5:08:42:d4:20:9d:60:87:f8:23:be:17:c7:92:
38:9f:4c:b1:a3:7c:5f:13:a5:31:1a:9c:59:d0:2a:e4:ac:b3:
14:64:74:61:97:a7:7a:ce:4e:c8:f9:0a:9f:b4:77:85:e0:56:
99:28:54:4f
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZPwckLF0YWEJ8mJIVBVRBaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjIyMjIxNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNmYjcyMGJiMzlkNGNmMzk4ZDExNzQwYTdjMWM4MDU5NGU2Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUDufh3KMR6I9V3SE2TLJNIGk7Vg
lJg6w4UmDflPRk+FaZ7/IZulBKTUR148p/WY9uXh5XVkI24Yjj1eMIuQa5TRajrg
dYm+KXcmPF2OGsojDqAJ6rBaf0ud+Y3SJCdmYFck+Vbp0qnDNL1nj4vUAtNGkP2H
Phxxa2NiPCpAAp/yrPPN/g9dwXeyIKIp5FIPTTkEwSas3DYH1Z6p3ogRNY/MCqNO
/oKa2kWN5CoSNcLrcn8G5fZfRh4qF8hv9zC68IN6FakfT4myes4PTpT6uHL/969u
M0UxnG5V8lfjzabGNIcA30WzeL+9xXaz+acsiJaTV+lqpi1wS1LBSP4rqQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFB8/tyC7OdTPOY0RdAp8HIBZTmyzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSHotM0lMczUxTTg1alJGMENud2NnRmxPYkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABS
mAgDBAFSmLADBABSmTIDBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWk
AwQAWdWnAwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AME
A22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEAtXSNAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQCez0GC
FxK6yugiO7iS2Kik4neTOQKCfdzMAI1ScwaQ/Jys5KQQD0gapamLf/b5WWLkd97B
20II8GY81n811ZRUT7wiP2sfNnP8KQKu6Tq65JgkCVEel0wYefp+VD+JOH7/iWBl
Uel8oRoa/sDb03dxZfTO8bVBSvS1UxJohSgv0mtwad9i9o9CgnnHVGtw0whAKUYv
XTXJIq0OzKbj/HoyazIo7n9zZRVh2XTxvs3aMZbskzg56bwuHnJaPfIpC4R6fxSw
LjAgdhvzxQhC1CCdYIf4I74Xx5I4n0yxo3xfE6UxGpxZ0CrkrLMUZHRhl6d6zk7I
+QqftHeF4FaZKFRP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:00 2025 by rpki-client