Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Inkn40Tj0iNYoBmcMQb2NK4zjUU.roa
File: Inkn40Tj0iNYoBmcMQb2NK4zjUU.roa (raw, json)
Hash identifier: x8BTkgUkeFikYwUMkiI9BGqYzPdb9XqrTVSBYui0k6Y=
Subject key identifier: 22:79:27:E3:44:E3:D2:23:58:A0:19:9C:31:06:F6:34:AE:33:8D:45
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143E09026418ADF1E8CEC2ECC2861E2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Inkn40Tj0iNYoBmcMQb2NK4zjUU.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 79.99.76.0/24 maxlen: 24
82.152.110.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
109.176.16.0/24 maxlen: 24
109.176.165.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:36:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e0:90:26:41:8a:df:1e:8c:ec:2e:cc:28:61:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=227927e344e3d22358a0199c3106f634ae338d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:79:94:d7:0c:5c:26:c1:dc:9c:84:f0:0f:
89:da:51:b2:1b:8f:54:4d:61:e7:93:00:6a:52:02:
1d:d3:57:36:93:23:72:c0:ea:06:f0:56:0c:dd:a0:
52:80:8b:4a:6c:eb:b7:6d:97:24:f2:cb:63:e3:09:
13:5a:99:48:6b:81:4f:81:e1:c8:3a:57:ab:77:0b:
47:cc:17:48:04:ef:07:78:c2:c6:97:c4:90:66:fb:
42:09:5e:a3:b2:3c:de:29:6d:40:dc:4f:b4:44:5f:
61:9e:17:72:d7:cd:f1:55:65:be:83:bf:6f:18:b4:
1d:73:9b:76:dd:57:9c:bd:0c:f3:ed:cd:ee:61:b0:
0b:8d:94:1f:83:d4:e2:b8:99:9a:75:e0:fd:74:73:
24:fb:e1:d2:8a:3f:bd:99:44:fa:30:9e:6e:1b:73:
2f:13:67:9a:60:21:9c:e5:f2:f8:7d:a3:48:f5:29:
5f:09:7b:6e:05:48:4a:e1:b9:d9:cb:df:8a:3d:aa:
b3:3e:08:12:d3:d2:40:e3:28:f2:70:e8:e0:a3:d2:
6e:28:47:75:00:b7:16:7a:2f:ec:0b:c1:bd:e1:b7:
1c:8e:e1:82:02:00:a8:07:07:dc:a9:93:58:1e:c8:
b4:45:3d:73:df:98:e2:a5:e0:99:16:76:6e:20:8b:
72:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:79:27:E3:44:E3:D2:23:58:A0:19:9C:31:06:F6:34:AE:33:8D:45
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Inkn40Tj0iNYoBmcMQb2NK4zjUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.76.0/24
82.152.110.0/24
82.153.66.0/24
109.176.16.0/24
109.176.165.0/24
213.218.213.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
61:63:a6:20:a3:34:76:6a:df:fe:99:29:42:7e:2f:d1:05:23:
53:af:3e:5c:38:3e:0a:4f:5a:6c:7c:c0:cc:30:0b:fe:ae:35:
58:0e:d9:9b:3f:b2:dd:03:fd:8c:c4:5a:a4:4e:dd:1f:e0:4e:
97:1c:44:cf:e3:0e:93:19:55:16:31:10:c6:fd:b2:61:42:5d:
4e:67:6d:62:63:60:65:23:78:3d:93:3e:8b:fe:48:9a:f1:73:
76:bf:c3:09:c3:7e:1f:58:59:19:9a:88:a9:97:35:7f:87:b7:
df:99:de:61:cc:09:2a:c3:ec:87:d7:eb:ef:dd:92:8c:ee:2e:
11:ae:2c:52:aa:3f:d9:5e:e4:45:ec:d1:7e:82:a3:b3:5e:e3:
e1:13:81:9d:ac:bf:bb:f0:f5:31:dd:a8:fd:c1:31:95:e4:6b:
26:60:27:c6:b4:57:cd:52:69:3f:28:f4:5c:81:91:27:32:fb:
90:a3:a8:16:d3:e1:b1:67:f5:6a:73:ce:5d:c7:3a:db:48:7f:
b0:bc:15:a7:86:06:b9:0e:18:4b:5d:c0:d2:91:cb:dd:11:6a:
1e:1d:e0:79:40:ec:03:05:70:ef:81:f3:94:7c:fa:90:4d:3c:
f5:aa:0a:c9:02:d8:cf:f0:c2:8f:97:e0:b6:87:a8:fb:78:b1:
bd:15:d6:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhQ+CQJkGK3x6M7C7MKGHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjc5MjdlMzQ0ZTNkMjIzNThhMDE5OWMzMTA2ZjYzNGFlMzM4ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ95lNcMXCbB3JyE8A+J2lGyG49U
TWHnkwBqUgId01c2kyNywOoG8FYM3aBSgItKbOu3bZck8stj4wkTWplIa4FPgeHI
OlerdwtHzBdIBO8HeMLGl8SQZvtCCV6jsjzeKW1A3E+0RF9hnhdy183xVWW+g79v
GLQdc5t23VecvQzz7c3uYbALjZQfg9TiuJmadeD9dHMk++HSij+9mUT6MJ5uG3Mv
E2eaYCGc5fL4faNI9SlfCXtuBUhK4bnZy9+KPaqzPggS09JA4yjycOjgo9JuKEd1
ALcWei/sC8G94bccjuGCAgCoBwfcqZNYHsi0RT1z35jipeCZFnZuIItyiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCJ5J+NE49IjWKAZnDEG9jSuM41FMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSW5rbjQwVGowaU5Zb0JtY01RYjJOSzR6alVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT2NMAwQA
UphuAwQAUplCAwQAbbAQAwQAbbClAwQA1drVAwQA1drjMA0GCSqGSIb3DQEBCwUA
A4IBAQBhY6YgozR2at/+mSlCfi/RBSNTrz5cOD4KT1psfMDMMAv+rjVYDtmbP7Ld
A/2MxFqkTt0f4E6XHETP4w6TGVUWMRDG/bJhQl1OZ21iY2BlI3g9kz6L/kia8XN2
v8MJw34fWFkZmoiplzV/h7ffmd5hzAkqw+yH1+vv3ZKM7i4RrixSqj/ZXuRF7NF+
gqOzXuPhE4GdrL+78PUx3aj9wTGV5GsmYCfGtFfNUmk/KPRcgZEnMvuQo6gW0+Gx
Z/Vqc85dxzrbSH+wvBWnhga5DhhLXcDSkcvdEWoeHeB5QOwDBXDvgfOUfPqQTTz1
qgrJAtjP8MKPl+C2h6j7eLG9FdYS
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:00 2025 by rpki-client