Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QCDiSSsiM7IiQNtAdfU5vLhHMj4.roa
File: QCDiSSsiM7IiQNtAdfU5vLhHMj4.roa (raw, json)
Hash identifier: +oAQqPlgYZJPG865BkSvvdpbz6FdMXYpdUnQ928Fzg4=
Subject key identifier: 40:20:E2:49:2B:22:33:B2:22:40:DB:40:75:F5:39:BC:B8:47:32:3E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019108E5D33F28692A992E5F7E12C5A5A2B7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QCDiSSsiM7IiQNtAdfU5vLhHMj4.roa
Signing time: Wed 31 Jul 2024 13:06:05 +0000
ROA not before: Wed 31 Jul 2024 13:06:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.178.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.63.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.130.150.0/24 maxlen: 24
213.152.43.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 12:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:e5:d3:3f:28:69:2a:99:2e:5f:7e:12:c5:a5:a2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 31 13:06:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4020e2492b2233b22240db4075f539bcb847323e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:34:9a:c4:ac:84:b5:74:6c:9f:45:fe:43:
05:53:82:42:d3:6f:91:4e:e9:94:3c:81:a5:04:d4:
c8:91:24:56:b2:ef:78:42:21:5e:e7:be:1c:4c:73:
3b:53:1c:c0:f2:2a:1a:59:1d:8c:99:89:31:0b:94:
64:45:e6:c5:db:a4:0e:64:02:3e:20:6a:a3:40:bf:
fe:0a:17:a5:77:7d:85:a9:71:5a:3f:e9:ee:78:ea:
06:bf:78:ff:5e:c6:ea:0a:2b:17:e5:7d:47:be:86:
fd:1b:d0:55:44:cd:b7:b0:52:a7:c8:97:23:ee:0f:
f7:30:03:71:c4:74:13:39:9e:38:89:68:08:2a:92:
f6:15:48:84:3d:80:b4:f8:96:81:71:b5:03:e1:b4:
52:b1:fb:e3:bc:7c:2a:a7:c5:db:1d:cf:94:ef:4e:
d7:57:e1:cd:49:bc:8a:be:a3:66:3d:1c:f4:8e:7e:
78:60:bf:dd:8b:1f:3f:c4:64:aa:ad:16:02:06:d1:
ea:d3:31:f7:3f:18:09:d1:a2:7d:98:f1:72:35:c3:
89:dd:6d:ca:6f:6c:5d:05:8d:c4:33:ef:69:2f:37:
78:69:4b:81:d1:6a:08:3b:df:e2:4f:dc:4e:a5:18:
47:74:88:db:eb:7b:65:87:0e:b8:ce:02:af:78:f7:
54:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:20:E2:49:2B:22:33:B2:22:40:DB:40:75:F5:39:BC:B8:47:32:3E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QCDiSSsiM7IiQNtAdfU5vLhHMj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0-82.152.178.255
82.153.136.0/22
82.153.243.0/24
89.213.50.0/23
89.213.56.0/22
89.213.63.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.130.150.0/24
213.152.43.0/24
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
13:2a:49:69:22:f8:a1:3c:16:55:a4:81:37:47:e9:fa:19:f3:
11:75:90:c4:7a:10:75:b5:56:2e:18:a6:74:36:4d:f0:c0:f1:
8c:e0:d8:c1:a5:72:7a:fb:72:26:7d:c7:d0:01:a3:a3:b0:a1:
a4:cc:53:a7:7a:47:25:c6:57:c6:6b:06:30:8f:1e:51:7c:46:
f8:2c:f8:67:8e:e5:6b:e5:24:59:aa:8d:6b:9b:c8:16:b4:31:
7d:c5:af:9d:a8:15:09:85:27:65:2c:a9:87:f0:aa:c5:39:f3:
43:4d:10:65:09:0f:43:6a:03:9a:82:77:75:42:e4:1e:60:8e:
8b:f4:c1:33:18:b0:21:f6:1d:ea:23:65:7b:cd:f9:a4:94:fb:
59:15:a1:c8:2d:de:78:d6:96:ff:47:09:70:39:b1:83:c6:f5:
2b:86:30:e6:d7:18:cc:01:79:25:fc:b6:8d:cb:96:3c:31:74:
23:cc:c1:4e:72:3a:45:be:c4:a9:f6:36:2e:04:8c:14:47:56:
06:e8:d8:b1:7f:48:9f:fd:95:35:15:59:4a:92:e1:ca:e0:3e:
f0:a6:c0:ff:c0:b5:ec:e1:66:b5:2e:e3:73:38:2a:45:24:e8:
ae:3a:73:10:28:3f:de:d9:8f:d1:bc:57:ec:63:13:8f:32:ef:
d9:e2:ac:05
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZEI5dM/KGkqmS5ffhLFpaK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzMxMTMwNjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIwZTI0OTJiMjIzM2IyMjI0MGRiNDA3NWY1MzliY2I4NDczMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIA0msSshLV0bJ9F/kMFU4JC02+R
TumUPIGlBNTIkSRWsu94QiFe574cTHM7UxzA8ioaWR2MmYkxC5RkRebF26QOZAI+
IGqjQL/+Cheld32FqXFaP+nueOoGv3j/XsbqCisX5X1Hvob9G9BVRM23sFKnyJcj
7g/3MANxxHQTOZ44iWgIKpL2FUiEPYC0+JaBcbUD4bRSsfvjvHwqp8XbHc+U707X
V+HNSbyKvqNmPRz0jn54YL/dix8/xGSqrRYCBtHq0zH3PxgJ0aJ9mPFyNcOJ3W3K
b2xdBY3EM+9pLzd4aUuB0WoIO9/iT9xOpRhHdIjb63tlhw64zgKvePdU1wIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFEAg4kkrIjOyIkDbQHX1Oby4RzI+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUNEaVNTc2lNN0lpUU50QWRmVTV2TGhITWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQwDAME
BFKYsAMEAFKYsgMEAlKZiAMEAFKZ8wMEAVnVMgMEAlnVOAMEAFnVPwMEAFnVkTAM
AwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AME
BFnV4AMEA22wEAMEAm2wzAMEAbkxfgMEBMJpUAMEAdQmWAMEANWClgMEANWYKwME
ANXa0wMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAEypJaSL4oTwWVaSB
N0fp+hnzEXWQxHoQdbVWLhimdDZN8MDxjODYwaVyevtyJn3H0AGjo7ChpMxTp3pH
JcZXxmsGMI8eUXxG+Cz4Z47la+UkWaqNa5vIFrQxfcWvnagVCYUnZSyph/CqxTnz
Q00QZQkPQ2oDmoJ3dULkHmCOi/TBMxiwIfYd6iNle835pJT7WRWhyC3eeNaW/0cJ
cDmxg8b1K4Yw5tcYzAF5Jfy2jcuWPDF0I8zBTnI6Rb7EqfY2LgSMFEdWBujYsX9I
n/2VNRVZSpLhyuA+8KbA/8C17OFmtS7jczgqRSTorjpzECg/3tmP0bxX7GMTjzLv
2eKsBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:53 2025 by rpki-client