Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JYvGXpsdj5XWhV4BfEU--2YGTd8.roa
File: JYvGXpsdj5XWhV4BfEU--2YGTd8.roa (raw, json)
Hash identifier: mvQWdZzaPHhROw75qHEDKs/i5ftNNfGDr1amJ1X63ro=
Subject key identifier: 25:8B:C6:5E:9B:1D:8F:95:D6:85:5E:01:7C:45:3E:FB:66:06:4D:DF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191E1D9213394A199056AA3699BBE2163F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JYvGXpsdj5XWhV4BfEU--2YGTd8.roa
Signing time: Wed 11 Sep 2024 16:09:48 +0000
ROA not before: Wed 11 Sep 2024 16:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.98.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 16:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:d9:21:33:94:a1:99:05:6a:a3:69:9b:be:21:63:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 11 16:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=258bc65e9b1d8f95d6855e017c453efb66064ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d1:bb:fc:e3:0b:9b:d3:3e:b4:2a:66:f9:ae:
7b:19:ae:d9:5c:55:bc:a2:77:20:b8:96:63:a5:5d:
a9:6c:aa:7d:d7:d9:e3:21:91:8e:74:b6:51:a6:7b:
c2:ea:c6:aa:a3:b2:ac:ef:21:ee:0e:aa:01:1b:88:
2c:8b:a0:0c:f8:a3:92:f4:e9:0f:41:69:19:ec:b5:
3d:2e:b4:46:54:9d:fe:3a:9b:e3:ea:5a:e2:10:4a:
2f:b8:a1:cd:63:2a:99:ef:f2:4c:40:a4:99:35:ce:
1b:24:61:09:83:2f:4b:00:1d:82:8c:23:6c:97:19:
c4:80:ff:c3:6d:28:5b:33:f4:6b:27:2d:6a:29:7e:
3b:92:43:37:a2:47:9b:0f:f2:dc:9e:3f:31:d8:c0:
5d:c8:8b:0d:75:09:b5:7b:44:c8:57:21:a1:0b:7b:
7b:57:75:0d:3a:57:e3:a7:44:6d:b7:c6:e3:c8:27:
b8:25:9f:5f:43:d2:6e:75:8c:5f:92:a7:58:1f:b0:
51:45:eb:5a:23:7b:8d:14:4b:a5:76:e5:10:91:8d:
04:dc:82:40:40:78:3d:90:f2:80:94:87:72:6f:54:
6a:ac:67:80:e5:29:9c:d1:33:5c:c2:e6:8e:2b:28:
7f:39:f3:31:a6:5d:ef:85:ec:77:31:15:d4:c1:6c:
22:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:8B:C6:5E:9B:1D:8F:95:D6:85:5E:01:7C:45:3E:FB:66:06:4D:DF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JYvGXpsdj5XWhV4BfEU--2YGTd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.98.0/24
82.153.205.0/24
89.213.50.0/24
109.176.244.0/24
213.218.234.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
99:2c:cb:c6:d7:04:8a:0b:f3:8d:ad:30:62:78:23:a3:02:38:
a7:c1:eb:04:82:b5:b0:fe:e1:8a:35:7c:d1:b7:06:f9:a7:aa:
b8:52:54:8c:07:89:2b:f5:85:a7:15:e8:c9:2e:09:1c:1c:3e:
85:4f:4e:83:6e:9a:be:40:de:9e:72:7c:95:ea:f5:74:58:06:
0e:fd:54:90:e0:a9:e2:45:2e:21:13:a0:6d:1e:7f:bf:d8:ad:
fd:62:e6:dc:d3:7f:e8:4a:8c:46:72:08:ae:ab:ea:ba:8f:d8:
3e:0b:f0:98:ab:8d:42:5a:6f:92:53:1e:55:83:1e:60:cd:4f:
5f:c6:df:eb:b6:c4:a4:75:5b:e5:41:5c:ac:ec:72:c7:b6:24:
1a:c6:96:7d:04:2e:b1:75:48:e9:f4:57:3a:7c:ea:a3:e9:9a:
d3:a8:b0:20:3c:36:17:49:da:4f:53:89:cd:76:69:84:67:6d:
e7:14:90:08:54:9f:64:73:92:f8:df:99:28:7e:30:52:b3:de:
bf:70:ef:74:a8:46:7c:dd:3f:fa:5e:4e:fa:8b:f9:8e:68:75:
e0:96:ef:61:55:98:20:ea:c5:56:e9:e7:14:52:dc:d3:ce:78:
56:22:45:11:53:c4:f7:a7:e6:fd:11:cd:38:8c:b1:b3:66:77:
dc:d3:43:ee
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHh2SEzlKGZBWqjaZu+IWP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTExMTYwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNThiYzY1ZTliMWQ4Zjk1ZDY4NTVlMDE3YzQ1M2VmYjY2MDY0ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9G7/OMLm9M+tCpm+a57Ga7ZXFW8
oncguJZjpV2pbKp919njIZGOdLZRpnvC6saqo7Ks7yHuDqoBG4gsi6AM+KOS9OkP
QWkZ7LU9LrRGVJ3+Opvj6lriEEovuKHNYyqZ7/JMQKSZNc4bJGEJgy9LAB2CjCNs
lxnEgP/DbShbM/RrJy1qKX47kkM3okebD/Lcnj8x2MBdyIsNdQm1e0TIVyGhC3t7
V3UNOlfjp0Rtt8bjyCe4JZ9fQ9JudYxfkqdYH7BRRetaI3uNFEulduUQkY0E3IJA
QHg9kPKAlIdyb1RqrGeA5Smc0TNcwuaOKyh/OfMxpl3vhex3MRXUwWwiyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCWLxl6bHY+V1oVeAXxFPvtmBk3fMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSll2R1hwc2RqNVhXaFY0QmZFVS0tMllHVGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUphiAwQA
UpnNAwQAWdUyAwQAbbD0AwQA1drqAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
LMvG1wSKC/ONrTBieCOjAjinwesEgrWw/uGKNXzRtwb5p6q4UlSMB4kr9YWnFejJ
LgkcHD6FT06Dbpq+QN6ecnyV6vV0WAYO/VSQ4KniRS4hE6BtHn+/2K39Yubc03/o
SoxGcgiuq+q6j9g+C/CYq41CWm+SUx5Vgx5gzU9fxt/rtsSkdVvlQVys7HLHtiQa
xpZ9BC6xdUjp9Fc6fOqj6ZrTqLAgPDYXSdpPU4nNdmmEZ23nFJAIVJ9kc5L435ko
fjBSs96/cO90qEZ83T/6Xk76i/mOaHXglu9hVZgg6sVW6ecUUtzTznhWIkURU8T3
p+b9Ec04jLGzZnfc00Pu
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:44 2025 by rpki-client