Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/O09TwPqP42-RoxxGY8SS6Ox0U8k.roa
File: O09TwPqP42-RoxxGY8SS6Ox0U8k.roa (raw, json)
Hash identifier: zhYYafXTaNG4NB1Kth8R3miX+FWYQmL3cPxLmrn+ONk=
Subject key identifier: 3B:4F:53:C0:FA:8F:E3:6F:91:A3:1C:46:63:C4:92:E8:EC:74:53:C9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01954D0E0981B1F96F1ECB3C6FB746F1B62F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/O09TwPqP42-RoxxGY8SS6Ox0U8k.roa
Signing time: Fri 28 Feb 2025 14:55:20 +0000
ROA not before: Fri 28 Feb 2025 14:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:44:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:0e:09:81:b1:f9:6f:1e:cb:3c:6f:b7:46:f1:b6:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 28 14:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b4f53c0fa8fe36f91a31c4663c492e8ec7453c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:cb:88:de:f2:f0:02:8d:90:59:4b:73:f7:
2f:89:4e:53:f2:e8:59:bb:3c:00:94:48:43:5a:7a:
47:d7:ea:ae:0a:21:57:7e:be:a0:2b:9a:b1:54:59:
33:52:fc:3a:7d:da:d4:19:d5:76:6a:d2:dc:e9:e1:
ec:b2:a5:cd:aa:64:3a:d6:47:39:3a:76:d6:b7:c5:
f8:67:05:64:03:2c:a1:6a:17:3d:3a:79:2a:6a:d4:
9d:16:9d:5c:81:8f:d8:de:30:5d:82:ee:5a:8a:50:
98:4e:17:20:88:07:92:81:78:f1:03:8d:8e:ff:26:
03:99:4e:0b:41:53:ed:79:24:99:75:b2:44:56:45:
2f:c7:58:22:51:bd:18:2b:0c:2a:ea:ea:16:12:38:
2e:71:32:10:f5:49:4a:0b:71:fe:4c:90:fc:61:a8:
a8:fe:ec:d9:ba:a3:09:5e:de:49:4f:83:4d:b7:f4:
80:36:b2:17:25:6f:1c:66:87:b2:d7:5f:be:7d:ee:
3d:70:fc:2c:fb:b3:01:ca:b0:46:aa:d3:ad:16:24:
8d:b6:18:c8:0b:c0:12:88:70:08:de:e5:bc:35:e6:
90:1b:f0:46:6e:49:c1:40:f1:74:c2:2c:08:b4:b6:
ad:0b:ee:67:19:a2:cb:18:bf:37:8b:ee:57:ee:6b:
d5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4F:53:C0:FA:8F:E3:6F:91:A3:1C:46:63:C4:92:E8:EC:74:53:C9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/O09TwPqP42-RoxxGY8SS6Ox0U8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.72.0/24
82.153.132.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.215.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3a:19:19:eb:67:22:8f:f2:9e:c9:ca:5b:87:2d:4a:de:2c:
6e:46:6d:1e:4b:17:a7:7e:e5:7a:9d:4a:02:f4:4a:68:d4:46:
1c:13:e0:21:b2:7c:78:94:bc:31:25:0b:4c:82:c2:f3:5d:13:
c6:03:47:ed:eb:da:d0:b0:31:7e:df:38:ff:38:99:10:53:48:
73:8d:0e:b7:07:88:b8:5d:a2:2b:81:e7:ff:84:8c:71:c5:bd:
fe:55:bf:a9:bc:cb:54:07:88:50:f7:7a:fc:cd:ee:c0:77:96:
14:23:61:f7:43:2c:dc:cb:0e:b9:37:5c:e9:e0:bf:6b:ca:f6:
9c:b2:fa:ea:fe:1b:58:ab:b7:17:0d:e8:8c:78:a1:d5:02:d3:
c9:eb:79:09:65:a1:1d:8f:e1:99:8f:2f:31:2a:6a:62:8c:ec:
97:d1:0f:6b:25:b0:66:9a:4f:63:7e:d0:a7:3c:76:e6:1c:83:
23:28:b4:64:bd:98:0c:15:cb:50:7a:5f:96:36:1d:86:0b:59:
c9:e6:a8:7e:11:f2:ba:ba:a1:89:8b:e8:9c:78:79:4b:94:db:
57:ad:ac:d0:36:e0:2b:1e:4f:90:ee:8e:83:dc:f5:79:d9:ae:
b0:4b:7b:ed:c3:29:82:0d:e8:53:8d:e8:f4:5e:c1:15:bf:6a:
0a:f7:f9:06
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZVNDgmBsflvHss8b7dG8bYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI4MTQ1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRmNTNjMGZhOGZlMzZmOTFhMzFjNDY2M2M0OTJlOGVjNzQ1M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvznLiN7y8AKNkFlLc/cviU5T8uhZ
uzwAlEhDWnpH1+quCiFXfr6gK5qxVFkzUvw6fdrUGdV2atLc6eHssqXNqmQ61kc5
OnbWt8X4ZwVkAyyhahc9OnkqatSdFp1cgY/Y3jBdgu5ailCYThcgiAeSgXjxA42O
/yYDmU4LQVPteSSZdbJEVkUvx1giUb0YKwwq6uoWEjgucTIQ9UlKC3H+TJD8Yaio
/uzZuqMJXt5JT4NNt/SANrIXJW8cZoey11++fe49cPws+7MByrBGqtOtFiSNthjI
C8ASiHAI3uW8NeaQG/BGbknBQPF0wiwItLatC+5nGaLLGL83i+5X7mvVIQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDtPU8D6j+NvkaMcRmPEkujsdFPJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTzA5VHdQcVA0Mi1Sb3h4R1k4U1M2T3gwVThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAUah4AwQA
Upj4AwQAUpj7AwQAUpj+AwQAUpkiAwQAUpklAwQAUplIAwQAUpmEAwQAWdUEAwQA
WdUHAwQAWdWCAwQAWdW+AwQAWdXXAwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqGSIb3
DQEBCwUAA4IBAQB6OhkZ62cij/Keycpbhy1K3ixuRm0eSxenfuV6nUoC9Epo1EYc
E+Ahsnx4lLwxJQtMgsLzXRPGA0ft69rQsDF+3zj/OJkQU0hzjQ63B4i4XaIrgef/
hIxxxb3+Vb+pvMtUB4hQ93r8ze7Ad5YUI2H3Qyzcyw65N1zp4L9ryvacsvrq/htY
q7cXDeiMeKHVAtPJ63kJZaEdj+GZjy8xKmpijOyX0Q9rJbBmmk9jftCnPHbmHIMj
KLRkvZgMFctQel+WNh2GC1nJ5qh+EfK6uqGJi+iceHlLlNtXrazQNuArHk+Q7o6D
3PV52a6wS3vtwymCDehTjej0XsEVv2oK9/kG
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:31:59 2025 by rpki-client