Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IA5mPYah5nCxzuutJ8l7Tp_frls.roa
File: IA5mPYah5nCxzuutJ8l7Tp_frls.roa (raw, json)
Hash identifier: mYvg5OlCRd/qt83aWX59s9QyjC4FVtZ988BaluiGx8I=
Subject key identifier: 20:0E:66:3D:86:A1:E6:70:B1:CE:EB:AD:27:C9:7B:4E:9F:DF:AE:5B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143D02297F0F326BB29E1C347864841
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IA5mPYah5nCxzuutJ8l7Tp_frls.roa
Signing time: Wed 01 Jan 2025 09:47:59 +0000
ROA not before: Wed 01 Jan 2025 09:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 09:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d0:22:97:f0:f3:26:bb:29:e1:c3:47:86:48:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=200e663d86a1e670b1ceebad27c97b4e9fdfae5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:01:78:f5:45:ce:a2:d3:5d:e9:b8:d6:92:
ee:d1:be:14:57:e6:df:88:6f:03:07:e6:e0:e0:e1:
4d:12:cc:10:36:75:dc:9b:2d:c2:8e:5f:d5:b0:db:
92:9c:56:2d:de:40:11:4a:74:c9:f5:59:45:db:78:
e8:8f:92:8c:ee:f1:7f:11:3c:83:fc:64:f3:a1:27:
fd:83:3d:ef:b7:76:c1:4d:4b:6a:cd:82:34:b8:a0:
50:54:16:7c:68:35:fe:41:f1:86:59:e4:73:c3:37:
79:a8:6d:b1:d2:a7:14:80:ad:64:5f:a1:8a:bc:9c:
88:ca:4b:f8:74:5f:db:85:28:04:49:ed:06:20:b9:
f2:76:06:e2:c1:25:ee:4b:8c:d4:88:d9:94:a2:a5:
6a:f0:31:56:fb:78:c8:78:e8:47:28:74:58:52:f0:
3b:2d:a1:2a:c9:b8:ac:66:b7:85:5a:20:93:96:5b:
4d:01:bb:02:2a:21:36:2b:06:47:29:61:44:c5:56:
8b:5d:64:07:f5:8b:08:12:28:f7:e5:26:fe:ba:d0:
49:c1:0a:5e:fa:25:0d:87:99:73:8d:83:34:b2:1f:
e2:43:f1:87:f1:e4:0e:43:b3:69:b4:a7:7d:5e:48:
cb:71:80:0b:e8:25:23:77:12:a1:1d:ee:d2:16:7e:
41:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0E:66:3D:86:A1:E6:70:B1:CE:EB:AD:27:C9:7B:4E:9F:DF:AE:5B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IA5mPYah5nCxzuutJ8l7Tp_frls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0/24
213.130.154.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:36:1b:3a:e3:27:3f:8a:bf:24:ae:bb:5c:d2:db:8f:7e:0e:
b7:36:24:cc:84:4b:ce:51:ad:9a:5e:7b:0f:57:30:f7:26:ea:
1a:4f:6d:b8:ce:17:ae:86:cb:b2:c6:7d:3a:50:e0:7d:72:c8:
ee:28:d7:a5:11:fb:9b:a3:89:b7:84:96:76:fb:ef:77:7c:3d:
23:7b:35:19:ff:3b:4e:08:b1:4c:16:eb:e2:e2:58:29:5d:d7:
4a:ab:ca:a9:17:27:01:48:5a:49:b8:fb:96:09:ff:b6:26:c1:
37:45:b5:09:fd:60:ff:c1:64:83:63:d4:e6:12:9b:4d:f6:32:
66:d4:28:af:f0:d0:ab:c7:42:7a:5e:3f:c0:bc:7f:13:c5:06:
6d:3f:6b:b5:f7:54:55:7a:32:e5:8f:05:05:37:97:ee:83:df:
3c:d4:ab:a5:07:ed:e2:b7:ee:25:42:a4:f1:de:91:f4:d4:dc:
55:f9:a7:35:eb:dd:d0:9f:c5:35:40:21:7d:5b:e2:f6:04:71:
39:91:c7:d1:1f:f8:e1:49:97:3b:90:3e:30:9e:77:4f:14:9a:
d7:0e:14:3a:cd:1c:e9:4e:85:e9:54:54:c2:70:c6:33:c0:ab:
3b:13:dd:a7:81:b7:ce:13:f5:9d:00:63:aa:f2:fb:d8:be:8f:
b8:f4:6e:25
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQhQ9Ail/DzJrsp4cNHhkhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBlNjYzZDg2YTFlNjcwYjFjZWViYWQyN2M5N2I0ZTlmZGZhZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfUBePVFzqLTXem41pLu0b4UV+bf
iG8DB+bg4OFNEswQNnXcmy3Cjl/VsNuSnFYt3kARSnTJ9VlF23joj5KM7vF/ETyD
/GTzoSf9gz3vt3bBTUtqzYI0uKBQVBZ8aDX+QfGGWeRzwzd5qG2x0qcUgK1kX6GK
vJyIykv4dF/bhSgESe0GILnydgbiwSXuS4zUiNmUoqVq8DFW+3jIeOhHKHRYUvA7
LaEqybisZreFWiCTlltNAbsCKiE2KwZHKWFExVaLXWQH9YsIEij35Sb+utBJwQpe
+iUNh5lzjYM0sh/iQ/GH8eQOQ7NptKd9XkjLcYAL6CUjdxKhHe7SFn5BZwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCAOZj2GoeZwsc7rrSfJe06f365bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSUE1bVBZYWg1bkN4enV1dEo4bDdUcF9mcmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdVrAwQBWdVwAwQAWdV0AwQAWdV5AwQA
WdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYAwQA1YKaMA0GCSqGSIb3DQEBCwUA
A4IBAQCqNhs64yc/ir8krrtc0tuPfg63NiTMhEvOUa2aXnsPVzD3JuoaT224zheu
hsuyxn06UOB9csjuKNelEfubo4m3hJZ2++93fD0jezUZ/ztOCLFMFuvi4lgpXddK
q8qpFycBSFpJuPuWCf+2JsE3RbUJ/WD/wWSDY9TmEptN9jJm1Civ8NCrx0J6Xj/A
vH8TxQZtP2u191RVejLljwUFN5fug9881KulB+3it+4lQqTx3pH01NxV+ac1693Q
n8U1QCF9W+L2BHE5kcfRH/jhSZc7kD4wnndPFJrXDhQ6zRzpToXpVFTCcMYzwKs7
E92ngbfOE/WdAGOq8vvYvo+49G4l
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:54 2025 by rpki-client