Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NOwji3Em0nbXIyPJsc97RuIPveo.roa
File: NOwji3Em0nbXIyPJsc97RuIPveo.roa (raw, json)
Hash identifier: 9D0V/qpyHiHXrR78k7ppAa2OvIx5n/pKaYaXU0VrIpc=
Subject key identifier: 34:EC:23:8B:71:26:D2:76:D7:23:23:C9:B1:CF:7B:46:E2:0F:BD:EA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194DCDCD27DA6015609A6AEE9E5C4C89143
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NOwji3Em0nbXIyPJsc97RuIPveo.roa
Signing time: Thu 06 Feb 2025 20:04:06 +0000
ROA not before: Thu 06 Feb 2025 20:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 16:22:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:dc:d2:7d:a6:01:56:09:a6:ae:e9:e5:c4:c8:91:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 6 20:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34ec238b7126d276d72323c9b1cf7b46e20fbdea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5a:cf:92:d9:46:f6:e4:04:5e:79:50:bf:c9:
e9:b0:10:10:7d:f9:a2:61:ba:46:d2:40:10:08:b1:
f5:db:d0:0d:44:fa:32:87:7b:ad:13:33:88:35:49:
70:a1:a4:46:55:8c:00:dd:57:04:84:55:73:6d:34:
67:d5:4a:e6:4c:ce:3f:9a:56:e9:23:28:c4:45:ed:
2f:31:12:52:2e:8c:9f:f4:3b:62:6b:2d:cc:35:c9:
a4:02:c7:5d:de:1c:a0:67:6a:b7:01:b0:ba:17:0f:
15:ba:ce:1b:50:31:bf:9f:ec:ac:a1:89:94:e9:19:
09:3f:13:2e:c0:5a:c4:8c:21:cc:7b:33:60:9a:44:
89:3b:39:d5:8d:a5:db:26:31:ad:b2:fa:50:5d:a4:
15:88:43:26:73:ae:b3:b1:26:e7:81:2d:a9:c6:12:
2b:bc:14:06:7c:db:93:22:e8:81:72:3b:9d:83:02:
06:04:1f:62:56:ea:11:b1:a9:53:64:b8:46:19:a7:
7c:39:f7:db:bb:14:f8:00:39:23:9e:20:6f:d6:fe:
d5:e5:5d:53:1d:17:50:0c:bf:9e:e2:34:68:18:8a:
97:21:1c:8d:80:74:a3:5d:cc:18:03:fc:3c:7b:a9:
0d:c2:9c:55:bf:51:1a:82:ba:ce:50:98:17:90:57:
04:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EC:23:8B:71:26:D2:76:D7:23:23:C9:B1:CF:7B:46:E2:0F:BD:EA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NOwji3Em0nbXIyPJsc97RuIPveo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
44:c4:18:23:26:77:ec:97:45:1f:42:3f:87:04:78:78:88:b8:
6d:b2:f2:3f:7b:52:01:fe:ac:cd:46:46:a6:4b:76:31:f7:72:
f8:ca:b1:68:df:57:ec:3d:03:ab:eb:c3:8e:02:a7:3b:6b:98:
60:f7:56:5e:8f:b1:6d:18:9b:10:80:44:49:6b:8f:a0:25:f2:
ef:1d:09:ff:67:db:e1:e0:62:53:54:00:b1:f6:c0:4f:07:e9:
bf:9d:f7:f4:db:0f:43:94:2a:7d:bf:ca:8b:ce:f1:65:f9:19:
ab:a2:9f:f8:e7:6c:b6:5a:0a:3a:19:ed:48:0e:c1:11:40:19:
80:5a:eb:93:17:c2:70:79:a6:20:cf:c8:92:f0:9b:8b:d2:7c:
16:90:fe:a9:38:d0:f8:7a:d7:c0:80:07:90:71:e7:48:1b:35:
3a:b2:87:78:92:a6:63:55:42:b7:fe:77:cd:eb:29:a7:32:65:
9e:47:c5:08:89:1f:df:e8:6c:f5:77:05:93:80:1f:16:d6:8b:
7b:4b:c9:1d:fe:d5:1b:fb:29:a9:a5:c3:89:0c:f5:5d:14:46:
dd:6d:3e:0f:af:72:e2:0d:d5:3c:5c:9b:4e:00:27:83:0a:a0:
ef:67:b4:b4:20:ea:bd:40:d7:28:f9:02:c9:6d:09:a6:1a:fe:
ae:9f:63:d9
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZTc3NJ9pgFWCaau6eXEyJFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA2MjAwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVjMjM4YjcxMjZkMjc2ZDcyMzIzYzliMWNmN2I0NmUyMGZiZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFrPktlG9uQEXnlQv8npsBAQffmi
YbpG0kAQCLH129ANRPoyh3utEzOINUlwoaRGVYwA3VcEhFVzbTRn1UrmTM4/mlbp
IyjERe0vMRJSLoyf9Dtiay3MNcmkAsdd3hygZ2q3AbC6Fw8Vus4bUDG/n+ysoYmU
6RkJPxMuwFrEjCHMezNgmkSJOznVjaXbJjGtsvpQXaQViEMmc66zsSbngS2pxhIr
vBQGfNuTIuiBcjudgwIGBB9iVuoRsalTZLhGGad8OffbuxT4ADkjniBv1v7V5V1T
HRdQDL+e4jRoGIqXIRyNgHSjXcwYA/w8e6kNwpxVv1EagrrOUJgXkFcEowIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFDTsI4txJtJ21yMjybHPe0biD73qMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTk93amkzRW0wbmJYSXlQSnNjOTdSdUlQdmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnV
OAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQD
BAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnVoAMEAFnV
tQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwD
BAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBADVmCsDBALV0jQDBADV2tMw
DAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEARMQYIyZ37JdF
H0I/hwR4eIi4bbLyP3tSAf6szUZGpkt2Mfdy+MqxaN9X7D0Dq+vDjgKnO2uYYPdW
Xo+xbRibEIBESWuPoCXy7x0J/2fb4eBiU1QAsfbATwfpv5339NsPQ5Qqfb/Ki87x
ZfkZq6Kf+OdstloKOhntSA7BEUAZgFrrkxfCcHmmIM/IkvCbi9J8FpD+qTjQ+HrX
wIAHkHHnSBs1OrKHeJKmY1VCt/53zesppzJlnkfFCIkf3+hs9XcFk4AfFtaLe0vJ
Hf7VG/spqaXDiQz1XRRG3W0+D69y4g3VPFybTgAngwqg72e0tCDqvUDXKPkCyW0J
phr+rp9j2Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:29 2025 by rpki-client