Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PQawe5FJugDtDhZdoIZgDNjUPnY.roa
File: PQawe5FJugDtDhZdoIZgDNjUPnY.roa (raw, json)
Hash identifier: 0fURoYD2d6sh2A7+rKeimu97Mw1Nyxxlog/mFFDSTUk=
Subject key identifier: 3D:06:B0:7B:91:49:BA:00:ED:0E:16:5D:A0:86:60:0C:D8:D4:3E:76
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019373D663C36DBB7F3B77EDC8521BA5D974
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PQawe5FJugDtDhZdoIZgDNjUPnY.roa
Signing time: Thu 28 Nov 2024 17:34:10 +0000
ROA not before: Thu 28 Nov 2024 17:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:d6:63:c3:6d:bb:7f:3b:77:ed:c8:52:1b:a5:d9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 28 17:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d06b07b9149ba00ed0e165da086600cd8d43e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:24:f3:da:28:f3:dd:ce:56:32:f8:09:8c:e7:
83:45:e5:74:f9:8c:52:4c:6c:f0:4a:30:d7:ca:71:
54:d2:f7:28:52:3e:ec:6b:c5:dc:ee:be:33:35:8d:
c6:17:f1:b6:5a:00:d1:89:f8:15:c3:b2:a4:ff:b7:
8a:68:4b:1f:96:15:57:3e:47:0c:e8:4c:d6:17:1b:
5c:c8:a3:89:7a:d9:c8:6c:d8:bc:7d:84:97:b4:66:
82:2e:ec:2f:54:7d:65:6e:bf:a3:a0:1c:4d:b9:23:
5a:df:bc:c0:59:8b:60:76:8d:2a:c7:cf:b6:8b:de:
c5:51:c0:25:09:38:a9:fe:a7:bf:9f:ab:5a:9c:90:
b2:77:7a:1f:e4:23:6d:e6:ae:e1:b7:30:d6:47:fa:
a1:e4:43:92:3b:dc:e3:29:71:9a:b8:2b:90:fe:ea:
f4:9c:1a:02:e5:1a:d5:66:95:c4:64:3a:c8:92:ce:
c9:81:c6:b5:36:3e:5a:94:92:aa:0f:7a:7f:58:d2:
aa:7d:a8:2c:09:7c:ce:97:5b:52:99:4a:f6:43:81:
18:43:a1:5a:79:58:f7:1e:78:7d:8d:43:5c:56:49:
3a:65:92:d7:70:f5:91:0b:da:f3:cd:63:55:0a:46:
15:d6:5a:25:dd:f9:24:19:3c:e3:8c:78:b4:d5:aa:
f1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:06:B0:7B:91:49:BA:00:ED:0E:16:5D:A0:86:60:0C:D8:D4:3E:76
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PQawe5FJugDtDhZdoIZgDNjUPnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:64:d9:ef:69:bd:cc:de:54:db:4a:bb:d9:ca:87:c6:26:33:
78:eb:1f:a3:3a:b6:9d:2f:23:25:a6:5a:1d:87:0b:4d:50:11:
1d:3a:55:e2:36:76:e6:8d:c1:49:97:fb:05:5f:77:a7:72:2a:
87:42:99:f3:35:f3:78:9b:4a:e9:3c:f5:48:81:27:8a:69:32:
74:d7:7b:bc:e6:1f:e9:21:cd:e2:1a:94:2a:2a:aa:3c:d3:d5:
80:48:6b:a1:08:d3:08:91:1f:63:51:7b:09:c3:81:14:dd:be:
d1:a3:34:8a:c6:79:0e:ca:75:95:df:73:b4:6c:a7:bb:47:4c:
b8:6d:43:cd:58:02:e8:5f:71:04:f5:82:d7:a4:81:03:9b:96:
90:ce:01:34:9a:cd:b0:51:96:43:53:f2:ce:0f:0a:a6:05:9a:
65:8e:42:5a:96:06:dc:d1:fd:07:e3:82:37:96:92:f2:a8:99:
ac:7e:97:ef:1d:88:c8:ee:d9:38:ce:9b:4c:e4:20:6e:57:75:
d0:4c:de:08:4e:2a:5c:19:af:23:66:3d:94:e5:0e:95:b6:7b:
0c:89:5a:45:ac:6d:08:e2:ac:53:ce:97:31:79:9e:41:d4:1e:
df:54:57:65:f2:0f:2c:ae:a1:bf:42:00:ef:48:dc:e3:24:1d:
49:01:3e:f7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNz1mPDbbt/O3ftyFIbpdl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI4MTczNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA2YjA3YjkxNDliYTAwZWQwZTE2NWRhMDg2NjAwY2Q4ZDQzZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CTz2ijz3c5WMvgJjOeDReV0+YxS
TGzwSjDXynFU0vcoUj7sa8Xc7r4zNY3GF/G2WgDRifgVw7Kk/7eKaEsflhVXPkcM
6EzWFxtcyKOJetnIbNi8fYSXtGaCLuwvVH1lbr+joBxNuSNa37zAWYtgdo0qx8+2
i97FUcAlCTip/qe/n6tanJCyd3of5CNt5q7htzDWR/qh5EOSO9zjKXGauCuQ/ur0
nBoC5RrVZpXEZDrIks7Jgca1Nj5alJKqD3p/WNKqfagsCXzOl1tSmUr2Q4EYQ6Fa
eVj3Hnh9jUNcVkk6ZZLXcPWRC9rzzWNVCkYV1lol3fkkGTzjjHi01arxdQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD0GsHuRSboA7Q4WXaCGYAzY1D52MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUFFhd2U1Rkp1Z0R0RGhaZG9JWmdETmpVUG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpiOAwQA
WdVoAwQAWdV7AwQA1CZRAwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3DQEBCwUA
A4IBAQCrZNnvab3M3lTbSrvZyofGJjN46x+jOradLyMlplodhwtNUBEdOlXiNnbm
jcFJl/sFX3enciqHQpnzNfN4m0rpPPVIgSeKaTJ013u85h/pIc3iGpQqKqo809WA
SGuhCNMIkR9jUXsJw4EU3b7RozSKxnkOynWV33O0bKe7R0y4bUPNWALoX3EE9YLX
pIEDm5aQzgE0ms2wUZZDU/LODwqmBZpljkJalgbc0f0H44I3lpLyqJmsfpfvHYjI
7tk4zptM5CBuV3XQTN4ITipcGa8jZj2U5Q6VtnsMiVpFrG0I4qxTzpcxeZ5B1B7f
VFdl8g8srqG/QgDvSNzjJB1JAT73
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:37 2025 by rpki-client