Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa
File: IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa (raw, json)
Hash identifier: W1HXFRSUpMJT//aDmOj9dauJK53h4LoNL97hXB5WnGI=
Subject key identifier: 20:98:03:86:BE:9A:2E:AA:59:93:B3:3E:35:59:96:73:F6:78:5F:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F805CF21891D6B3C21E71748EE15DCD65
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa
Signing time: Thu 16 May 2024 07:45:25 +0000
ROA not before: Thu 16 May 2024 07:45:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.97.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 10:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:5c:f2:18:91:d6:b3:c2:1e:71:74:8e:e1:5d:cd:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 16 07:45:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20980386be9a2eaa5993b33e35599673f6785ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:8c:7b:8b:13:55:9a:58:5a:9b:d5:13:0e:
d0:dc:f0:66:c2:39:d1:d2:07:58:22:49:ca:77:36:
95:85:66:31:c7:4e:6c:14:89:58:88:2b:d5:e9:39:
b2:9e:71:0e:86:c8:4b:dc:2a:af:99:8b:7c:75:9c:
98:58:36:70:6f:87:ba:ca:a1:17:af:0a:07:74:e2:
20:5b:e0:c3:b6:9a:0b:04:75:d6:f1:0b:d3:65:81:
3b:39:44:f9:11:98:8c:4e:59:21:4f:90:c3:e7:40:
11:a1:23:ac:2f:75:55:e5:bc:ac:59:ac:c7:9e:1d:
b5:2d:4c:e1:a5:a0:38:48:25:c0:21:b4:84:4f:32:
48:fc:57:c3:33:be:ae:41:4e:2c:1f:38:b0:10:f4:
84:31:02:59:8c:87:93:4c:66:07:7f:12:83:63:d8:
fc:4f:5d:70:48:97:ca:ce:7f:b2:24:6d:5f:f7:ce:
1a:49:8b:ea:66:f6:b6:78:75:80:f6:81:9c:a3:bb:
25:bc:d3:2e:35:aa:d9:74:21:48:06:3b:b1:03:e4:
63:a4:1d:37:25:9b:ad:98:5f:ac:63:f2:e5:0a:d9:
7b:fa:dd:74:57:eb:46:2d:ff:30:97:ac:3b:d1:57:
b2:0b:b3:47:ca:ba:1e:dc:18:61:5b:65:c8:cf:49:
43:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:98:03:86:BE:9A:2E:AA:59:93:B3:3E:35:59:96:73:F6:78:5F:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IJgDhr6aLqpZk7M-NVmWc_Z4X_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
89.213.97.0-89.213.98.255
89.213.148.0-89.213.159.255
89.213.172.0/22
109.176.16.0/21
109.176.201.0/24
109.176.253.0/24
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.210.59.0/24
213.218.210.0/23
213.218.213.0/24
213.218.227.0/24
213.218.231.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:1c:da:62:56:68:44:b3:02:cf:fd:e2:34:6f:36:1d:b9:6e:
96:83:ef:13:a0:83:3e:18:30:76:98:23:f8:2e:91:0c:3e:94:
26:1e:ac:89:fb:8f:aa:d6:c7:14:3a:3a:64:36:cb:98:75:60:
89:3f:9c:64:d0:c7:d2:34:bb:88:e3:09:fa:4f:b1:ef:e0:96:
56:64:ca:38:8b:79:ff:99:6e:71:1f:b1:f9:30:7a:c3:5d:cb:
8e:ab:e5:9b:8c:f2:01:9a:e3:e0:94:8d:6f:fc:12:5f:9c:08:
01:36:36:30:c2:98:c2:0b:c5:d0:37:27:ab:20:27:0b:57:6c:
3e:44:97:26:b6:f8:74:a9:54:8d:75:9c:cc:ca:1d:d2:12:a5:
c5:1f:97:ad:6f:51:3c:f0:7c:cf:eb:d4:63:df:dd:07:98:dd:
25:e8:4e:99:11:73:22:a8:b8:11:49:e5:26:e9:44:67:87:b7:
43:9a:ff:fc:b1:e0:62:25:48:43:b5:87:bd:2f:6c:71:b6:c8:
51:9f:f5:44:42:7b:ad:a8:fd:88:74:af:f0:26:3c:fa:2d:f2:
e2:21:b6:35:57:17:9b:bd:49:a8:4e:88:59:7a:40:c5:3d:05:
23:c2:d1:1a:73:9f:58:15:dc:32:32:c3:97:7e:54:7e:2e:c8:
a9:78:5e:a7
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAY+AXPIYkdazwh5xdI7hXc1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MDc0NTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk4MDM4NmJlOWEyZWFhNTk5M2IzM2UzNTU5OTY3M2Y2Nzg1ZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOiMe4sTVZpYWpvVEw7Q3PBmwjnR
0gdYIknKdzaVhWYxx05sFIlYiCvV6TmynnEOhshL3CqvmYt8dZyYWDZwb4e6yqEX
rwoHdOIgW+DDtpoLBHXW8QvTZYE7OUT5EZiMTlkhT5DD50ARoSOsL3VV5bysWazH
nh21LUzhpaA4SCXAIbSETzJI/FfDM76uQU4sHziwEPSEMQJZjIeTTGYHfxKDY9j8
T11wSJfKzn+yJG1f984aSYvqZva2eHWA9oGco7slvNMuNarZdCFIBjuxA+RjpB03
JZutmF+sY/LlCtl7+t10V+tGLf8wl6w70VeyC7NHyroe3BhhW2XIz0lD2QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCCYA4a+mi6qWZOzPjVZlnP2eF/xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSUpnRGhyNmFMcXBaazdNLU5WbVdjX1o0WF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAFS
mLADBABSmTIDBAJSmYgwDAMEAFnVYQMEAFnVYjAMAwQCWdWUAwQFWdWAAwQCWdWs
AwQDbbAQAwQAbbDJAwQAbbD9AwQBuTF+AwQEwmlQAwQA1YKCAwQA1YKVAwQA1dI7
AwQB1drSAwQA1drVAwQA1drjAwQA1drnAwQA1dr5MA0GCSqGSIb3DQEBCwUAA4IB
AQBfHNpiVmhEswLP/eI0bzYduW6Wg+8ToIM+GDB2mCP4LpEMPpQmHqyJ+4+q1scU
OjpkNsuYdWCJP5xk0MfSNLuI4wn6T7Hv4JZWZMo4i3n/mW5xH7H5MHrDXcuOq+Wb
jPIBmuPglI1v/BJfnAgBNjYwwpjCC8XQNyerICcLV2w+RJcmtvh0qVSNdZzMyh3S
EqXFH5etb1E88HzP69Rj390HmN0l6E6ZEXMiqLgRSeUm6URnh7dDmv/8seBiJUhD
tYe9L2xxtshRn/VEQnutqP2IdK/wJjz6LfLiIbY1VxebvUmoTohZekDFPQUjwtEa
c59YFdwyMsOXflR+LsipeF6n
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:36 2025 by rpki-client