Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OZ5Mz36Rb-F3Sj-ZJc3AIZb4sMM.roa
File: OZ5Mz36Rb-F3Sj-ZJc3AIZb4sMM.roa (raw, json)
Hash identifier: lTjCtgw6FthT00xXjLO2fNiXdXCmLRixvt2oqykFE6A=
Subject key identifier: 39:9E:4C:CF:7E:91:6F:E1:77:4A:3F:99:25:CD:C0:21:96:F8:B0:C3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019002D9ED2EB3CF89F1BAD17513BEEFE0D6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OZ5Mz36Rb-F3Sj-ZJc3AIZb4sMM.roa
Signing time: Mon 10 Jun 2024 15:52:34 +0000
ROA not before: Mon 10 Jun 2024 15:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.105.0/24 maxlen: 24
82.152.140.0/24 maxlen: 24
82.152.142.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.34.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.159.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.202.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.210.58.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 16:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:d9:ed:2e:b3:cf:89:f1:ba:d1:75:13:be:ef:e0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 10 15:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=399e4ccf7e916fe1774a3f9925cdc02196f8b0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:9e:26:90:da:69:f3:f2:37:03:19:20:21:
3b:db:64:f8:66:db:d3:50:dd:5c:54:39:d8:da:30:
ff:5b:a7:35:58:a7:93:3b:44:c2:db:d6:be:1c:e1:
e0:07:a5:f9:e2:85:91:2a:1e:59:f0:f7:a6:46:32:
72:58:1d:2a:f8:4d:31:6f:d3:8a:69:f2:1f:2d:a5:
df:ed:3c:aa:77:05:eb:db:88:6e:a9:6d:df:3a:c4:
90:a7:a5:d7:cd:9a:4a:3b:e7:ef:59:6b:85:5e:36:
6e:13:06:e1:e7:51:fd:a6:ee:7b:bf:06:a2:87:bb:
a6:a0:68:a2:ec:f2:0a:1b:15:21:05:52:4e:6f:d3:
b7:da:d9:d8:bc:38:d9:2f:b4:f2:23:9b:2e:69:08:
5f:3e:ed:36:94:80:36:7a:4a:5a:78:d8:5a:1a:85:
0f:c6:b8:a8:2e:bc:5c:ef:ea:cc:70:2b:14:8a:2c:
a6:32:b9:bb:b9:3f:4d:94:03:ef:1f:62:ee:0f:d2:
a8:be:2a:da:83:d0:02:4c:09:1a:22:94:00:cf:87:
29:64:f6:ae:be:c5:ab:9c:2f:29:b7:0f:f6:19:3f:
5e:3c:11:bc:7c:99:62:ce:6e:2c:5a:54:99:59:fb:
34:bd:b9:39:11:79:eb:45:b0:96:7d:84:9d:dd:c3:
65:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9E:4C:CF:7E:91:6F:E1:77:4A:3F:99:25:CD:C0:21:96:F8:B0:C3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OZ5Mz36Rb-F3Sj-ZJc3AIZb4sMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
81.168.50.0/24
82.152.12.0/24
82.152.105.0/24
82.152.140.0/24
82.152.142.0/24
82.152.176.0/23
82.153.34.0/23
82.153.135.0-82.153.139.255
82.153.159.0/24
82.153.201.0-82.153.202.255
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.202.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.58.0/24
213.218.210.0/23
Signature Algorithm: sha256WithRSAEncryption
68:dd:7f:38:5c:1a:f2:89:2b:3e:e1:a8:88:1b:24:cc:cc:9b:
bd:78:36:89:1b:aa:e5:35:ab:7c:2c:b3:9c:7d:26:50:43:f3:
ea:50:18:48:e3:93:2a:2d:1a:5f:55:ac:60:f0:b0:9d:17:9f:
95:85:6d:51:c8:69:09:5b:fc:2b:23:90:f3:41:b3:cc:f3:7d:
7b:ad:c0:22:af:b1:4b:cf:1f:bf:7f:ba:d5:bd:0d:4c:14:04:
4a:28:3c:9f:d3:0c:f0:a3:f7:e4:81:27:ad:67:c6:cd:77:f8:
34:ad:75:d8:3d:22:78:6e:44:31:61:41:db:79:2e:63:67:0a:
66:0d:0a:87:f9:ee:5a:d8:08:80:1d:d6:58:35:98:ce:1a:dc:
8c:29:e1:2f:5d:ff:07:a9:38:84:a0:24:2d:b0:0f:77:b5:7c:
9c:90:34:d6:38:65:4e:fd:d5:ac:6f:ec:c9:11:da:b8:62:b2:
5a:ef:43:2b:3a:ba:92:8e:de:9c:41:cd:d4:20:1e:53:04:d9:
ca:dd:f3:2a:47:73:2c:9d:ea:c9:2f:0d:fa:9b:6a:7c:7f:09:
94:5f:88:0d:ea:75:c6:e0:75:0e:96:00:28:5a:95:af:4a:d2:
dc:d6:c4:a0:a4:2a:9f:33:f1:da:35:62:cd:c9:ce:ad:6a:ff:
d1:38:ed:0d
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZAC2e0us8+J8brRdRO+7+DWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjEwMTU1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTllNGNjZjdlOTE2ZmUxNzc0YTNmOTkyNWNkYzAyMTk2ZjhiMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst6eJpDaafPyNwMZICE722T4ZtvT
UN1cVDnY2jD/W6c1WKeTO0TC29a+HOHgB6X54oWRKh5Z8PemRjJyWB0q+E0xb9OK
afIfLaXf7TyqdwXr24huqW3fOsSQp6XXzZpKO+fvWWuFXjZuEwbh51H9pu57vwai
h7umoGii7PIKGxUhBVJOb9O32tnYvDjZL7TyI5suaQhfPu02lIA2ekpaeNhaGoUP
xrioLrxc7+rMcCsUiiymMrm7uT9NlAPvH2LuD9Kovirag9ACTAkaIpQAz4cpZPau
vsWrnC8ptw/2GT9ePBG8fJlizm4sWlSZWfs0vbk5EXnrRbCWfYSd3cNltQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFDmeTM9+kW/hd0o/mSXNwCGW+LDDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT1o1TXozNlJiLUYzU2otWkpjM0FJWmI0c01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAl
/BsDBABRqDIDBABSmAwDBABSmGkDBABSmIwDBABSmI4DBAFSmLADBAFSmSIwDAME
AFKZhwMEAlKZiAMEAFKZnzAMAwQAUpnJAwQAUpnKAwQAUqMPMAwDBAJZ1ZQDBAVZ
1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEA22wEAMEAG2wygMEAm2wzAME
AbkxfgMEBMJpUAMEAdQmWAMEANXSOgMEAdXa0jANBgkqhkiG9w0BAQsFAAOCAQEA
aN1/OFwa8okrPuGoiBskzMybvXg2iRuq5TWrfCyznH0mUEPz6lAYSOOTKi0aX1Ws
YPCwnReflYVtUchpCVv8KyOQ80GzzPN9e63AIq+xS88fv3+61b0NTBQESig8n9MM
8KP35IEnrWfGzXf4NK112D0ieG5EMWFB23kuY2cKZg0Kh/nuWtgIgB3WWDWYzhrc
jCnhL13/B6k4hKAkLbAPd7V8nJA01jhlTv3VrG/syRHauGKyWu9DKzq6ko7enEHN
1CAeUwTZyt3zKkdzLJ3qyS8N+ptqfH8JlF+IDep1xuB1DpYAKFqVr0rS3NbEoKQq
nzPx2jVizcnOrWr/0TjtDQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:37 2025 by rpki-client