Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFGpt_73XMjewFn5Gjuu_ssRM00.roa
File: OFGpt_73XMjewFn5Gjuu_ssRM00.roa (raw, json)
Hash identifier: q910j/RHRbljyzh5q745yrnspA7wIfuf5uVoHkrBtAA=
Subject key identifier: 38:51:A9:B7:FE:F7:5C:C8:DE:C0:59:F9:1A:3B:AE:FE:CB:11:33:4D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FF38FF2224F24BF8BEAD0AF20584B2C7E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFGpt_73XMjewFn5Gjuu_ssRM00.roa
Signing time: Fri 07 Jun 2024 16:37:28 +0000
ROA not before: Fri 07 Jun 2024 16:37:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.35.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.205.0/24 maxlen: 24
82.153.226.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 07:53:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:8f:f2:22:4f:24:bf:8b:ea:d0:af:20:58:4b:2c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 7 16:37:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3851a9b7fef75cc8dec059f91a3baefecb11334d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:18:ea:c6:d7:21:22:c8:44:fc:35:61:3e:
f4:9a:7c:1a:72:4e:c2:c4:60:b9:6e:db:24:9e:ab:
c8:b3:65:62:ce:e1:e9:11:72:bb:cc:d8:95:a5:0b:
42:0d:37:bf:00:e0:a2:85:3d:61:40:e3:b3:77:f5:
a9:7d:5d:97:e2:03:1c:b3:9f:47:ad:ca:cb:90:0f:
86:f8:78:16:49:11:94:7e:23:a7:42:f7:c0:71:69:
4d:b4:38:41:68:83:a2:2a:79:38:75:17:36:6a:41:
aa:f6:ba:c9:a2:73:1c:c1:21:93:b0:0d:0e:e0:0e:
9a:14:ec:9d:db:90:8b:1e:b7:4a:5a:46:4d:6b:c6:
60:6c:33:77:90:b4:39:d4:89:3a:36:f9:f0:35:00:
84:4a:d9:09:3d:57:6b:cb:61:ce:dc:ac:39:eb:09:
67:d1:b1:ba:42:e7:e4:c0:73:45:ab:bd:b3:51:31:
38:97:02:33:ec:33:d1:e6:35:b5:b2:fa:a4:d8:43:
c3:45:e5:28:2e:6a:76:8c:9d:50:4b:87:25:f6:61:
85:d0:d1:9b:9b:e3:94:fb:f2:28:c3:ee:8d:50:9d:
a0:a9:86:6d:0c:b6:e5:40:42:9e:f4:00:ef:9b:68:
73:b1:14:b9:b4:f4:e4:5a:e5:e2:ff:c4:29:9a:78:
51:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:51:A9:B7:FE:F7:5C:C8:DE:C0:59:F9:1A:3B:AE:FE:CB:11:33:4D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFGpt_73XMjewFn5Gjuu_ssRM00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.50.0/24
82.152.176.0/23
82.153.35.0/24
82.153.136.0/22
82.153.205.0/24
82.153.226.0/24
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6e:36:b1:b9:40:b0:fb:a8:7b:d0:80:3d:20:07:50:f5:6e:
ad:56:eb:e4:65:eb:77:2d:ba:38:3f:e9:11:e2:85:f3:4d:c1:
c3:cf:aa:ee:d2:fc:09:97:ba:ba:36:2d:81:62:d5:bb:f1:d1:
2b:b9:2f:26:11:7a:c7:28:52:99:47:d9:92:34:06:5d:83:ec:
ac:7c:d9:7c:0b:b9:be:16:ca:13:5e:85:ab:9f:29:0d:9b:c7:
7e:f1:f2:18:22:b6:d8:5d:79:bb:58:c2:e9:4f:d6:d5:d5:39:
87:8b:7b:fa:79:41:d8:43:df:ce:c9:69:28:15:4f:10:6b:c8:
82:7d:bd:42:a0:c9:99:96:f7:0f:d4:e7:24:64:db:0a:31:74:
d7:03:dd:d1:0e:38:6c:56:17:c2:10:56:a0:c6:f2:97:cb:d8:
17:16:09:4d:69:d7:b1:dc:af:b8:37:ac:33:c1:3f:9d:e2:c4:
2b:72:f4:ba:97:71:81:cd:86:4b:7e:d3:cd:f8:c5:01:0b:32:
d9:a9:f4:93:0e:69:a4:59:ae:c6:ae:fe:4e:0a:3d:f9:b1:2c:
fb:e3:ed:92:9b:c5:a1:62:47:30:fa:d6:4c:1e:dc:c2:5c:1b:
0f:cf:57:82:4f:a3:18:e3:04:4f:77:b5:a3:e6:4f:cc:4d:fe:
57:a6:e0:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY/zj/IiTyS/i+rQryBYSyx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA3MTYzNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUxYTliN2ZlZjc1Y2M4ZGVjMDU5ZjkxYTNiYWVmZWNiMTEzMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6QY6sbXISLIRPw1YT70mnwack7C
xGC5btsknqvIs2VizuHpEXK7zNiVpQtCDTe/AOCihT1hQOOzd/WpfV2X4gMcs59H
rcrLkA+G+HgWSRGUfiOnQvfAcWlNtDhBaIOiKnk4dRc2akGq9rrJonMcwSGTsA0O
4A6aFOyd25CLHrdKWkZNa8ZgbDN3kLQ51Ik6NvnwNQCEStkJPVdry2HO3Kw56wln
0bG6QufkwHNFq72zUTE4lwIz7DPR5jW1svqk2EPDReUoLmp2jJ1QS4cl9mGF0NGb
m+OU+/Iow+6NUJ2gqYZtDLblQEKe9ADvm2hzsRS5tPTkWuXi/8QpmnhRdwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDhRqbf+91zI3sBZ+Ro7rv7LETNNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT0ZHcHRfNzNYTWpld0ZuNUdqdXVfc3NSTTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAl
/BsDBABPY0wDBABRqDIDBAFSmLADBABSmSMDBAJSmYgDBABSmc0DBABSmeIDBABS
ow8wDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQEWdXAAwQDWdXoAwQDbbAQ
AwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQB1drSAwQA1druMA0GCSqGSIb3DQEB
CwUAA4IBAQB+bjaxuUCw+6h70IA9IAdQ9W6tVuvkZet3Lbo4P+kR4oXzTcHDz6ru
0vwJl7q6Ni2BYtW78dEruS8mEXrHKFKZR9mSNAZdg+ysfNl8C7m+FsoTXoWrnykN
m8d+8fIYIrbYXXm7WMLpT9bV1TmHi3v6eUHYQ9/OyWkoFU8Qa8iCfb1CoMmZlvcP
1OckZNsKMXTXA93RDjhsVhfCEFagxvKXy9gXFglNadex3K+4N6wzwT+d4sQrcvS6
l3GBzYZLftPN+MUBCzLZqfSTDmmkWa7Grv5OCj35sSz74+2Sm8WhYkcw+tZMHtzC
XBsPz1eCT6MY4wRPd7Wj5k/MTf5XpuCT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:11 2025 by rpki-client