Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IkbGVSV1uoDRCoCuN5NsCuP3yOg.roa
File: IkbGVSV1uoDRCoCuN5NsCuP3yOg.roa (raw, json)
Hash identifier: XlYCDR/6Y8ERxyfEbaH5t9kiduz9qjTUtbfpnUR6Azs=
Subject key identifier: 22:46:C6:55:25:75:BA:80:D1:0A:80:AE:37:93:6C:0A:E3:F7:C8:E8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443257EB0D2C740F29BCB9EC0A9E05
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IkbGVSV1uoDRCoCuN5NsCuP3yOg.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 09:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:32:57:eb:0d:2c:74:0f:29:bc:b9:ec:0a:9e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2246c6552575ba80d10a80ae37936c0ae3f7c8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c6:18:30:53:6f:31:12:da:b0:27:ce:ed:23:
3a:73:f8:74:d7:18:35:72:38:25:20:6a:a0:45:6a:
78:f2:50:3f:8d:58:94:05:e5:d1:f6:f2:12:f0:af:
10:53:9d:8f:e2:78:01:60:56:96:d2:cf:a1:bb:19:
9d:9e:61:f3:bf:4a:46:2c:47:36:c7:2f:ab:b1:6e:
07:57:6a:aa:a3:0f:bf:62:90:e5:81:16:cc:8f:e9:
bb:61:8d:b8:bf:84:c8:c9:a5:0e:29:cd:22:55:64:
c5:ff:ad:03:22:0f:11:18:37:96:4a:00:cc:93:b0:
02:cd:5b:ed:3c:2a:e5:f2:e8:3c:54:3c:8a:36:54:
14:b6:4f:9f:5a:c7:d3:e3:47:2b:2e:c9:8c:22:c5:
e9:8b:54:5e:54:46:0c:89:bc:5b:62:6b:ae:a4:3a:
c8:31:d4:9d:0f:ae:40:0f:0e:1e:86:15:4b:ac:04:
f5:55:9e:eb:dd:0f:75:6f:f1:b6:6d:7d:ee:ae:94:
58:6a:14:84:7f:28:ed:83:a6:da:9b:1f:9a:55:48:
09:89:1a:28:5b:a0:77:9e:53:9e:1b:6d:50:55:b1:
88:94:ad:bc:7d:4a:4a:15:23:a3:ab:63:f2:c2:6f:
c5:65:fa:13:df:21:53:3b:5a:1e:e3:c7:99:56:ea:
04:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:46:C6:55:25:75:BA:80:D1:0A:80:AE:37:93:6C:0A:E3:F7:C8:E8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IkbGVSV1uoDRCoCuN5NsCuP3yOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.63.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0/24
213.130.154.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ed:eb:e3:43:8e:dd:97:ff:a0:6c:15:f7:db:f8:09:af:33:
2a:ae:ae:76:6d:ef:cc:af:0e:a4:29:a0:24:c2:b4:1e:91:72:
0e:0e:c2:a3:47:03:bd:ef:bf:40:53:2f:f8:35:ad:27:f4:11:
d6:8a:15:33:e8:39:af:7a:7e:a8:d1:1d:f5:03:de:5e:f0:b7:
7d:f5:e6:e3:b0:ec:3a:d3:0a:a2:8d:c4:e8:3d:4d:40:e9:9e:
7b:62:7f:6a:c2:ec:37:5f:21:db:56:98:96:13:9e:f5:e0:9e:
08:ed:f4:9d:ad:bf:f8:91:c5:00:9e:b5:e6:cb:ff:a6:dd:4e:
a6:64:dd:10:5f:21:90:9e:76:d5:73:b7:c6:cb:7d:99:1a:13:
e2:e4:7b:7d:84:f7:a1:4d:ce:0a:7e:86:40:61:c3:7f:d2:d2:
e0:f3:b0:9e:ce:0a:c2:0d:14:6b:34:96:cb:2e:7b:9f:03:32:
cf:11:14:b4:59:56:0e:06:61:18:52:a6:47:27:ea:85:39:7c:
61:d6:33:09:6b:b8:50:b5:a9:2f:bd:ba:08:e4:87:9d:b1:85:
80:a3:5e:4c:69:00:f5:76:e1:11:02:35:ef:17:e1:3e:c6:94:
67:d8:f3:4a:62:aa:a4:13:52:c6:a9:e9:69:32:5a:7c:e9:dc:
c5:c6:3c:2e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQhRDJX6w0sdA8pvLnsCp4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQ2YzY1NTI1NzViYTgwZDEwYTgwYWUzNzkzNmMwYWUzZjdjOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8YYMFNvMRLasCfO7SM6c/h01xg1
cjglIGqgRWp48lA/jViUBeXR9vIS8K8QU52P4ngBYFaW0s+huxmdnmHzv0pGLEc2
xy+rsW4HV2qqow+/YpDlgRbMj+m7YY24v4TIyaUOKc0iVWTF/60DIg8RGDeWSgDM
k7ACzVvtPCrl8ug8VDyKNlQUtk+fWsfT40crLsmMIsXpi1ReVEYMibxbYmuupDrI
MdSdD65ADw4ehhVLrAT1VZ7r3Q91b/G2bX3urpRYahSEfyjtg6bamx+aVUgJiRoo
W6B3nlOeG21QVbGIlK28fUpKFSOjq2Pywm/FZfoT3yFTO1oe48eZVuoEfwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCJGxlUldbqA0QqArjeTbArj98joMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSWtiR1ZTVjF1b0RSQ29DdU41TnNDdVAzeU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdU/AwQAWdVrAwQBWdVwAwQAWdV0AwQA
WdV5AwQAWdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYAwQA1YKaMA0GCSqGSIb3
DQEBCwUAA4IBAQB37evjQ47dl/+gbBX32/gJrzMqrq52be/Mrw6kKaAkwrQekXIO
DsKjRwO9779AUy/4Na0n9BHWihUz6Dmven6o0R31A95e8Ld99ebjsOw60wqijcTo
PU1A6Z57Yn9qwuw3XyHbVpiWE5714J4I7fSdrb/4kcUAnrXmy/+m3U6mZN0QXyGQ
nnbVc7fGy32ZGhPi5Ht9hPehTc4KfoZAYcN/0tLg87CezgrCDRRrNJbLLnufAzLP
ERS0WVYOBmEYUqZHJ+qFOXxh1jMJa7hQtakvvboI5IedsYWAo15MaQD1duERAjXv
F+E+xpRn2PNKYqqkE1LGqelpMlp86dzFxjwu
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:25 2025 by rpki-client