Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PjntV7XP-hfufk4CwqysIsvrpUU.roa
File: PjntV7XP-hfufk4CwqysIsvrpUU.roa (raw, json)
Hash identifier: R1ZZIWmGRbw5jSBfVJRPhvHC7WQKayjiqQxGJPuH+o4=
Subject key identifier: 3E:39:ED:57:B5:CF:FA:17:EE:7E:4E:02:C2:AC:AC:22:CB:EB:A5:45
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190793A8D496E24F70CC61AC82313810771
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PjntV7XP-hfufk4CwqysIsvrpUU.roa
Signing time: Wed 03 Jul 2024 15:33:18 +0000
ROA not before: Wed 03 Jul 2024 15:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 09:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:79:3a:8d:49:6e:24:f7:0c:c6:1a:c8:23:13:81:07:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 15:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e39ed57b5cffa17ee7e4e02c2acac22cbeba545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:f4:d6:5b:a2:5e:e1:d0:7c:b2:33:28:c8:
ad:fb:49:52:b8:c5:26:fd:c6:c7:c5:80:ca:25:ea:
89:ce:17:f9:a7:95:a8:09:8c:e5:90:01:11:0a:72:
03:f1:f8:5f:41:ea:be:8d:8e:29:ba:f0:5c:fd:aa:
0d:d3:9a:a3:e3:4d:d6:30:32:e3:d6:14:0e:13:04:
f6:b1:e4:13:25:d3:bd:da:16:fd:0b:05:bb:2e:c1:
0c:81:7f:d0:91:6b:3b:70:9e:84:13:b3:c8:6c:71:
ca:67:e7:fe:4a:a2:c6:9d:12:e4:06:76:63:81:e0:
56:94:b3:f4:67:00:d9:89:36:03:7c:79:09:a4:de:
63:e3:72:32:b3:64:40:52:8e:94:c4:a9:7b:54:85:
97:3b:8f:9d:de:30:48:d6:6a:ae:6e:77:af:1d:8f:
09:3a:89:3a:9e:f4:df:ff:71:e1:0a:e4:73:44:2b:
f2:6c:6c:18:cf:7a:16:43:bd:db:12:04:8f:ad:bd:
62:ff:7b:ef:9a:1e:09:87:c2:21:82:66:9d:e5:12:
e9:97:ac:9f:7b:6e:66:17:a4:c1:f8:4a:8f:88:fd:
3c:1a:73:6e:0c:60:3e:f9:bf:dd:dc:d4:35:89:f8:
d6:77:8d:fa:b4:ed:71:44:64:28:98:f4:98:e0:f8:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:ED:57:B5:CF:FA:17:EE:7E:4E:02:C2:AC:AC:22:CB:EB:A5:45
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PjntV7XP-hfufk4CwqysIsvrpUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.27.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:0e:82:be:37:4f:7d:c1:89:d6:97:da:65:a5:89:23:06:35:
27:f4:ec:1f:3f:0b:04:ed:c7:f2:82:0e:67:09:8b:35:90:8e:
10:4b:7e:bb:93:b3:03:20:bd:9b:de:b5:d9:c4:57:e0:b1:54:
65:ea:a2:2e:ae:cf:18:be:dc:18:a4:52:91:06:32:4e:d5:1a:
c7:f6:68:62:8c:4e:d6:f8:13:a9:30:74:01:43:80:e0:7b:86:
ea:61:2e:97:cc:dd:2d:4f:f1:0d:3c:dd:d0:f2:56:ff:77:24:
60:0c:5a:60:c3:46:44:d6:23:cf:02:6c:18:08:07:be:bc:94:
d1:30:a7:06:d7:e2:62:5f:b0:f8:be:12:da:ae:10:7c:bc:a7:
eb:f8:de:6d:34:b8:d0:3f:bd:c9:5b:b3:86:6b:2b:3d:5d:51:
10:81:6b:a2:0b:c1:0d:02:6e:d8:33:1d:4d:c6:5d:fc:1b:6c:
9e:77:86:a3:60:86:de:a9:3e:de:db:e6:a1:7f:dc:d1:31:ce:
f8:2a:79:e4:d7:c0:f3:94:0d:ff:3e:96:53:ed:fb:87:76:58:
47:c6:dc:9f:bc:a2:07:05:4a:e4:fa:49:16:4d:97:20:fa:b7:
5e:9b:4d:34:58:0a:73:6c:d3:46:ac:b9:28:d8:18:a1:5d:16:
b5:a9:fc:76
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZB5Oo1JbiT3DMYayCMTgQdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzAzMTUzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5ZWQ1N2I1Y2ZmYTE3ZWU3ZTRlMDJjMmFjYWMyMmNiZWJhNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcb01luiXuHQfLIzKMit+0lSuMUm
/cbHxYDKJeqJzhf5p5WoCYzlkAERCnID8fhfQeq+jY4puvBc/aoN05qj403WMDLj
1hQOEwT2seQTJdO92hb9CwW7LsEMgX/QkWs7cJ6EE7PIbHHKZ+f+SqLGnRLkBnZj
geBWlLP0ZwDZiTYDfHkJpN5j43Iys2RAUo6UxKl7VIWXO4+d3jBI1mqubnevHY8J
Ook6nvTf/3HhCuRzRCvybGwYz3oWQ73bEgSPrb1i/3vvmh4Jh8Ihgmad5RLpl6yf
e25mF6TB+EqPiP08GnNuDGA++b/d3NQ1ifjWd436tO1xRGQomPSY4PihMQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFD457Ve1z/oX7n5OAsKsrCLL66VFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUGpudFY3WFAtaGZ1Zms0Q3dxeXNJc3ZycFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFSmLAD
BAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1YYwDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQC
WdXEAwQEWdXAAwQDWdXoAwQDbbAQAwQAbbAbAwQCbbDMAwQBuTF+AwQEwmlQAwQB
1CZYAwQA1drTAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAsDoK+N099wYnWl9pl
pYkjBjUn9OwfPwsE7cfygg5nCYs1kI4QS367k7MDIL2b3rXZxFfgsVRl6qIurs8Y
vtwYpFKRBjJO1RrH9mhijE7W+BOpMHQBQ4Dge4bqYS6XzN0tT/ENPN3Q8lb/dyRg
DFpgw0ZE1iPPAmwYCAe+vJTRMKcG1+JiX7D4vhLarhB8vKfr+N5tNLjQP73JW7OG
ays9XVEQgWuiC8ENAm7YMx1Nxl38G2yed4ajYIbeqT7e2+ahf9zRMc74Knnk18Dz
lA3/PpZT7fuHdlhHxtyfvKIHBUrk+kkWTZcg+rdem000WApzbNNGrLko2BihXRa1
qfx2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:57 2025 by rpki-client