Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I60w9uhMr9-8FgggB2hCZnzQN4U.roa
File: I60w9uhMr9-8FgggB2hCZnzQN4U.roa (raw, json)
Hash identifier: w3oQoVimHf+Kyb8ZHktFSGstJCGUlbqGUwjq2M7AE2Q=
Subject key identifier: 23:AD:30:F6:E8:4C:AF:DF:BC:16:08:20:07:68:42:66:7C:D0:37:85
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B3F805133A357122C7595200BB245A4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I60w9uhMr9-8FgggB2hCZnzQN4U.roa
Signing time: Fri 06 Dec 2024 09:14:10 +0000
ROA not before: Fri 06 Dec 2024 09:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 79.99.150.0/23 maxlen: 24
82.152.176.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.226.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 09:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:3f:80:51:33:a3:57:12:2c:75:95:20:0b:b2:45:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ad30f6e84cafdfbc160820076842667cd03785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:73:0c:92:d2:c2:3c:68:f4:27:34:ce:0a:f9:
0e:aa:6b:d0:a5:f0:33:34:2d:8d:cf:d3:8c:64:9d:
82:b3:21:ac:e2:d8:11:62:af:f5:7e:a4:ce:96:dc:
b9:52:a8:e8:9c:bb:f7:ab:f1:e9:59:84:c3:37:5c:
2e:90:91:33:57:18:d3:28:93:6a:d4:75:f9:77:43:
fc:8b:d7:5d:bd:eb:2c:20:62:33:da:96:92:28:48:
8f:39:b9:d0:d2:fb:bd:e5:2d:f6:82:e4:8c:74:2f:
74:28:6e:56:dd:66:ed:40:fe:7b:5e:00:cb:32:f8:
94:e0:d0:25:dd:2d:f3:76:1c:f4:ae:5a:5f:f0:bc:
1f:51:ff:be:0b:de:21:f6:aa:48:53:5b:7c:f4:ae:
cb:82:8f:ff:1f:ef:0c:9e:4f:00:db:73:c4:92:51:
cf:ec:6c:1e:a1:52:cc:ff:bb:b8:83:9e:85:da:74:
1e:5c:8f:0f:27:53:b6:d0:28:33:0a:3a:3a:f3:ac:
7a:57:80:d4:38:d4:59:98:4f:a7:c8:ef:25:c2:58:
9c:61:a4:2d:d6:18:cb:1a:13:5c:47:a5:9c:87:9a:
7c:6b:af:e8:98:63:3f:25:5d:90:7a:ff:b7:10:c8:
63:09:05:31:54:a1:53:8d:8c:c6:9c:7f:27:d1:09:
7b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AD:30:F6:E8:4C:AF:DF:BC:16:08:20:07:68:42:66:7C:D0:37:85
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I60w9uhMr9-8FgggB2hCZnzQN4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.150.0/23
82.152.176.0/24
82.153.255.0/24
82.163.10.0/23
89.213.127.0/24
89.213.226.0/24
109.176.14.0/24
109.176.30.0/24
109.176.208.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
56:81:ac:d1:9e:0a:6f:ce:ea:9a:60:e2:a7:58:c7:fa:94:6b:
b3:32:71:0f:8b:f5:e2:d2:5c:59:b8:8c:c4:e9:2d:b2:f6:d2:
69:bb:bc:81:3a:23:bb:27:99:b0:ab:94:b4:23:34:99:f5:31:
9d:d9:2f:4d:36:9e:ca:9e:d7:6f:26:ec:3c:e7:77:99:5e:1a:
86:c3:0b:10:1e:02:22:53:c4:54:c5:fb:e6:dc:df:e8:e2:78:
5e:f5:01:0c:61:71:a3:4e:12:b2:11:19:1c:73:fd:fd:f4:0d:
d5:47:47:67:1c:f8:12:13:28:18:6c:ac:ab:44:0b:7f:c7:46:
96:08:37:b4:b1:6e:39:1e:11:4a:4a:fa:bc:42:d0:c4:6a:3d:
c8:fa:14:74:8d:74:91:89:7f:83:c4:56:c0:6a:9e:1c:1f:fa:
59:27:1a:cf:df:9d:8b:06:17:2e:8e:25:09:3a:91:2c:2b:da:
c3:86:9d:ad:19:76:cd:68:f0:e3:8d:e3:81:07:9d:35:c9:59:
61:06:5b:98:89:59:04:65:fd:3c:c7:ba:eb:af:38:5c:b7:f1:
c6:d8:f2:ce:4d:c7:b8:2f:49:8a:0d:b3:9d:fe:03:35:ea:e1:
b3:90:4e:cc:0a:7b:ba:7f:11:98:d1:1d:93:99:db:d5:57:1c:
c6:93:9c:c5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZObP4BRM6NXEix1lSALskWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FkMzBmNmU4NGNhZmRmYmMxNjA4MjAwNzY4NDI2NjdjZDAzNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3MMktLCPGj0JzTOCvkOqmvQpfAz
NC2Nz9OMZJ2CsyGs4tgRYq/1fqTOlty5UqjonLv3q/HpWYTDN1wukJEzVxjTKJNq
1HX5d0P8i9ddvessIGIz2paSKEiPObnQ0vu95S32guSMdC90KG5W3WbtQP57XgDL
MviU4NAl3S3zdhz0rlpf8LwfUf++C94h9qpIU1t89K7Lgo//H+8Mnk8A23PEklHP
7GweoVLM/7u4g56F2nQeXI8PJ1O20CgzCjo686x6V4DUONRZmE+nyO8lwlicYaQt
1hjLGhNcR6Wch5p8a6/omGM/JV2Qev+3EMhjCQUxVKFTjYzGnH8n0Ql7BQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCOtMPboTK/fvBYIIAdoQmZ80DeFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSTYwdzl1aE1yOS04RmdnZ0IyaENabnpRTjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBT2OWAwQA
UpiwAwQAUpn/AwQBUqMKAwQAWdV/AwQAWdXiAwQAbbAOAwQAbbAeAwQAbbDQAwQA
1dr4MA0GCSqGSIb3DQEBCwUAA4IBAQBWgazRngpvzuqaYOKnWMf6lGuzMnEPi/Xi
0lxZuIzE6S2y9tJpu7yBOiO7J5mwq5S0IzSZ9TGd2S9NNp7KntdvJuw853eZXhqG
wwsQHgIiU8RUxfvm3N/o4nhe9QEMYXGjThKyERkcc/399A3VR0dnHPgSEygYbKyr
RAt/x0aWCDe0sW45HhFKSvq8QtDEaj3I+hR0jXSRiX+DxFbAap4cH/pZJxrP352L
BhcujiUJOpEsK9rDhp2tGXbNaPDjjeOBB501yVlhBluYiVkEZf08x7rrrzhct/HG
2PLOTce4L0mKDbOd/gM16uGzkE7MCnu6fxGY0R2TmdvVVxzGk5zF
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:53 2025 by rpki-client