Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K9CrOgvMcJQ5zyxdxy0BNW3LlAc.roa
File: K9CrOgvMcJQ5zyxdxy0BNW3LlAc.roa (raw, json)
Hash identifier: I8g4cwfYAWV4/AI24loCrUeUiMEqIBTMeo58bIAsK/I=
Subject key identifier: 2B:D0:AB:3A:0B:CC:70:94:39:CF:2C:5D:C7:2D:01:35:6D:CB:94:07
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192F81EC711C4B17C05F1E9A9A882E3AA9F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K9CrOgvMcJQ5zyxdxy0BNW3LlAc.roa
Signing time: Mon 04 Nov 2024 17:00:19 +0000
ROA not before: Mon 04 Nov 2024 17:00:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.163.23.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.153.0/24 maxlen: 24
213.210.35.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 17:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f8:1e:c7:11:c4:b1:7c:05:f1:e9:a9:a8:82:e3:aa:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 4 17:00:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd0ab3a0bcc709439cf2c5dc72d01356dcb9407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:32:f8:76:a8:a7:f5:b9:9a:41:c3:36:d6:56:
24:84:7b:78:ad:45:1e:b3:9e:0e:c0:50:c7:0a:79:
74:eb:ce:3d:88:b5:9c:cd:99:64:15:b6:66:9d:37:
96:9f:33:68:f6:11:c6:b0:1b:30:c7:0e:08:ec:2a:
be:eb:7f:40:d9:59:1b:5f:88:fe:6c:21:3c:f1:d2:
95:83:30:23:36:50:22:30:21:99:e6:c7:e9:f7:5b:
bc:8b:0a:55:4e:37:10:0d:f1:a1:b6:ba:b7:f8:80:
13:cd:91:1f:6e:4c:cc:35:89:1e:83:c0:b9:d7:69:
51:30:b8:98:1b:13:00:b2:1f:f3:75:31:ea:52:f6:
f7:77:f2:4f:37:1b:d5:40:dd:36:74:fa:09:37:27:
bb:15:63:b7:51:b6:e0:c8:da:d0:fe:2e:2b:35:f2:
bb:35:ad:7c:03:07:7a:66:1c:e4:ca:cd:bf:d8:92:
39:16:91:05:7e:93:01:b4:37:dc:5e:bd:45:32:54:
1b:31:3a:46:f9:0c:4a:06:a0:33:0c:b4:8d:30:97:
65:d7:96:b1:12:10:7b:06:75:98:6d:fa:67:c7:8a:
2c:f0:8a:8b:fb:f9:4f:f8:31:1f:5e:b9:43:da:84:
36:74:b1:9b:c9:a6:53:99:4e:eb:39:b2:be:2a:8d:
d8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:AB:3A:0B:CC:70:94:39:CF:2C:5D:C7:2D:01:35:6D:CB:94:07
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K9CrOgvMcJQ5zyxdxy0BNW3LlAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.163.23.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
89.213.249.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.130.153.0/24
213.210.35.0/24
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
16:b4:eb:61:b8:70:bf:b9:50:eb:bc:ce:8a:16:ca:9d:da:b5:
60:95:2e:2e:36:fb:1d:f6:ed:76:7b:26:6c:a5:7f:65:cd:50:
fd:78:48:43:03:27:c6:94:97:e8:6c:f9:a6:ec:f7:2f:75:85:
a8:91:61:87:be:32:e9:92:de:d7:74:99:b1:24:b4:4e:e5:0c:
6b:5d:35:22:dd:19:10:10:34:6c:b5:5a:62:d2:aa:9f:3d:6b:
ff:a1:32:ed:5f:99:49:bf:d6:bb:46:c8:08:7e:01:3e:bd:05:
c8:17:63:dc:2d:0e:dd:bf:33:87:16:46:ed:e2:77:48:db:bd:
a8:e4:9b:b1:63:23:f1:18:28:49:45:09:0f:92:ce:6c:2d:26:
d3:86:50:73:da:d2:0f:fb:0d:1e:8e:6c:8c:2c:cc:d5:07:d1:
9c:c2:1a:a9:a9:a1:63:5d:d5:6b:1b:50:1e:a6:f2:57:a7:95:
e9:ff:82:2a:87:f4:21:2c:be:fe:b0:2a:4c:df:4f:58:84:72:
86:0d:a9:4f:5f:5a:22:1c:ec:2f:c0:81:ee:d1:4b:c4:89:8d:
5e:f8:33:fd:be:50:52:78:75:03:8f:4d:0a:fa:f6:d9:78:0d:
d7:df:ff:56:33:a4:65:77:ec:43:1f:c0:d4:54:ad:1a:24:91:
9b:4f:24:cb
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZL4HscRxLF8BfHpqaiC46qfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA0MTcwMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQwYWIzYTBiY2M3MDk0MzljZjJjNWRjNzJkMDEzNTZkY2I5NDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTL4dqin9bmaQcM21lYkhHt4rUUe
s54OwFDHCnl06849iLWczZlkFbZmnTeWnzNo9hHGsBswxw4I7Cq+639A2VkbX4j+
bCE88dKVgzAjNlAiMCGZ5sfp91u8iwpVTjcQDfGhtrq3+IATzZEfbkzMNYkeg8C5
12lRMLiYGxMAsh/zdTHqUvb3d/JPNxvVQN02dPoJNye7FWO3UbbgyNrQ/i4rNfK7
Na18Awd6Zhzkys2/2JI5FpEFfpMBtDfcXr1FMlQbMTpG+QxKBqAzDLSNMJdl15ax
EhB7BnWYbfpnx4os8IqL+/lP+DEfXrlD2oQ2dLGbyaZTmU7rObK+Ko3YuwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFCvQqzoLzHCUOc8sXcctATVty5QHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSzlDck9ndk1jSlE1enl4ZHh5MEJOVzNMbEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAFS
mLADBAJSmYgDBABSoxcDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ
1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEAFnV+QMEA22wEAMEAm2wzAMEAW2w8gME
AbkxfgMEBMJpUAMEAdQmWAMEANWCmQMEANXSIwMEANXa0zAMAwQA2ZFBAwQA2ZFC
AwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAWtOthuHC/uVDrvM6KFsqd2rVglS4u
Nvsd9u12eyZspX9lzVD9eEhDAyfGlJfobPmm7PcvdYWokWGHvjLpkt7XdJmxJLRO
5QxrXTUi3RkQEDRstVpi0qqfPWv/oTLtX5lJv9a7RsgIfgE+vQXIF2PcLQ7dvzOH
Fkbt4ndI272o5JuxYyPxGChJRQkPks5sLSbThlBz2tIP+w0ejmyMLMzVB9Gcwhqp
qaFjXdVrG1AepvJXp5Xp/4Iqh/QhLL7+sCpM309YhHKGDalPX1oiHOwvwIHu0UvE
iY1e+DP9vlBSeHUDj00K+vbZeA3X3/9WM6Rld+xDH8DUVK0aJJGbTyTL
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:46 2025 by rpki-client