
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa
File: PWwasxo3nSsRjjcUgre86fDOBPk.roa (raw, json)
Hash identifier: CGlJ7LELLWUrlIyiOVfJFgEn0K6SWUYydnNea3842MA=
Subject key identifier: 3D:6C:1A:B3:1A:37:9D:2B:11:8E:37:14:82:B7:BC:E9:F0:CE:04:F9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019427A828B22E25A3B7E2BC19254D08CC12
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa
Signing time: Thu 02 Jan 2025 15:35:19 +0000
ROA not before: Thu 02 Jan 2025 15:35:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 77.93.138.0/23 maxlen: 24
82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
109.176.25.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.210.48.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 10:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a8:28:b2:2e:25:a3:b7:e2:bc:19:25:4d:08:cc:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 15:35:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d6c1ab31a379d2b118e371482b7bce9f0ce04f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:21:bd:7b:67:a5:a6:cc:aa:1b:22:01:ae:6f:
5a:22:18:d1:89:67:1a:18:e4:e8:9d:07:cc:a4:a7:
c6:14:57:34:ea:d3:5c:7b:02:69:27:fd:ce:e8:d6:
65:0b:a7:c1:5c:4b:90:af:28:b9:3e:36:d9:79:e3:
ca:07:90:cb:b8:e8:d4:9e:3b:e3:c2:fb:6e:e0:af:
8c:dd:23:a4:0d:8b:77:72:1e:de:7f:cb:7c:3a:56:
bc:97:b5:7b:ef:e4:b0:2f:85:21:46:d7:22:52:08:
da:67:90:d4:f1:ef:8b:1d:13:20:d8:2f:d9:bc:a9:
18:37:e8:cc:4f:22:39:80:6e:c3:f0:ed:bc:03:70:
17:b4:8b:80:eb:00:8f:88:8b:69:68:a1:2c:cc:3c:
08:40:b4:1f:2a:2d:1e:79:d8:05:63:ae:ef:83:e4:
e3:2b:c0:63:62:cd:ae:a4:4f:50:97:89:07:0f:fd:
80:7f:22:29:e9:55:da:c5:96:4a:5f:74:3f:80:42:
80:b7:82:af:3c:69:7f:2f:a1:cd:cd:fc:13:52:b3:
56:f9:49:9d:a0:85:0a:db:ae:a1:85:ae:62:61:b2:
57:b6:a3:42:d4:88:29:9b:80:5f:b7:4a:6d:4d:59:
ca:b8:87:f7:a8:57:de:87:2a:38:e8:a7:70:41:3a:
78:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6C:1A:B3:1A:37:9D:2B:11:8E:37:14:82:B7:BC:E9:F0:CE:04:F9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PWwasxo3nSsRjjcUgre86fDOBPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.138.0/23
82.152.52.0/23
82.152.55.0/24
109.176.25.0/24
213.130.150.0/24
213.210.48.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:f1:37:c5:e7:d9:e8:af:c9:4c:7f:21:a9:ef:22:56:c3:87:
d5:47:49:b9:b5:62:f5:26:c5:06:a1:54:f6:59:c1:cf:72:f5:
73:f1:30:2e:a7:41:63:72:d2:1a:35:44:af:1a:61:c4:02:e8:
2f:0b:0c:e8:cb:94:c2:9a:4c:00:fc:6f:2f:b3:ea:ba:f3:f7:
49:9f:20:c5:1d:db:af:6a:49:79:6f:6b:e5:ac:98:2d:74:37:
26:32:dd:66:1b:69:f8:ae:17:46:7e:c7:1e:5b:fb:d1:2b:42:
c9:21:19:af:e2:8f:41:d1:3a:f6:cc:2e:20:2f:db:3c:d2:bb:
e7:92:59:1b:a7:1d:28:89:34:a3:47:61:e5:f7:90:89:b4:e7:
ac:de:ea:94:8e:bd:b2:b0:25:e4:74:1f:b0:57:46:b9:11:c7:
ad:fc:b1:6a:b6:a3:27:96:90:1d:65:fb:bd:b4:05:b6:87:d9:
2d:15:e5:42:3e:6a:d4:61:87:95:79:e0:05:f6:6e:3a:d1:ee:
a8:7c:17:11:6a:fa:ba:c0:05:79:7c:e3:46:64:bb:89:e5:d6:
00:d5:93:c0:40:8e:4a:73:a9:64:24:33:54:dc:20:73:86:01:
0a:58:0a:e4:55:dc:02:c0:32:bd:cd:c4:4a:ec:f9:15:aa:32:
69:45:fa:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnqCiyLiWjt+K8GSVNCMwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTUzNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZjMWFiMzFhMzc5ZDJiMTE4ZTM3MTQ4MmI3YmNlOWYwY2UwNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniG9e2elpsyqGyIBrm9aIhjRiWca
GOTonQfMpKfGFFc06tNcewJpJ/3O6NZlC6fBXEuQryi5PjbZeePKB5DLuOjUnjvj
wvtu4K+M3SOkDYt3ch7ef8t8Ola8l7V77+SwL4UhRtciUgjaZ5DU8e+LHRMg2C/Z
vKkYN+jMTyI5gG7D8O28A3AXtIuA6wCPiItpaKEszDwIQLQfKi0eedgFY67vg+Tj
K8BjYs2upE9Ql4kHD/2AfyIp6VXaxZZKX3Q/gEKAt4KvPGl/L6HNzfwTUrNW+Umd
oIUK266hha5iYbJXtqNC1Igpm4Bft0ptTVnKuIf3qFfehyo46KdwQTp4swIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD1sGrMaN50rEY43FIK3vOnwzgT5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUFd3YXN4bzNuU3NSampjVWdyZTg2ZkRPQlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTV2KAwQB
Upg0AwQAUpg3AwQAbbAZAwQA1YKWAwQB1dIwMA0GCSqGSIb3DQEBCwUAA4IBAQCp
8TfF59nor8lMfyGp7yJWw4fVR0m5tWL1JsUGoVT2WcHPcvVz8TAup0FjctIaNUSv
GmHEAugvCwzoy5TCmkwA/G8vs+q68/dJnyDFHduvakl5b2vlrJgtdDcmMt1mG2n4
rhdGfsceW/vRK0LJIRmv4o9B0Tr2zC4gL9s80rvnklkbpx0oiTSjR2Hl95CJtOes
3uqUjr2ysCXkdB+wV0a5Ecet/LFqtqMnlpAdZfu9tAW2h9ktFeVCPmrUYYeVeeAF
9m460e6ofBcRavq6wAV5fONGZLuJ5dYA1ZPAQI5Kc6lkJDNU3CBzhgEKWArkVdwC
wDK9zcRK7PkVqjJpRfpH
-----END CERTIFICATE-----
Generated at Tue Feb 11 15:02:26 2025 by rpki-client