Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RFjGDwyZpTCbHIt0mHFEr5xd8AA.roa
File: RFjGDwyZpTCbHIt0mHFEr5xd8AA.roa (raw, json)
Hash identifier: +52KD+LEMr+sJGVcW6moiR1Hy4fMP5r9uNVZjPA2I8M=
Subject key identifier: 44:58:C6:0F:0C:99:A5:30:9B:1C:8B:74:98:71:44:AF:9C:5D:F0:00
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192F43B5351BD1B92837D3895F9FF894E9D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RFjGDwyZpTCbHIt0mHFEr5xd8AA.roa
Signing time: Sun 03 Nov 2024 22:53:01 +0000
ROA not before: Sun 03 Nov 2024 22:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.163.23.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.238.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 11:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f4:3b:53:51:bd:1b:92:83:7d:38:95:f9:ff:89:4e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 3 22:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4458c60f0c99a5309b1c8b74987144af9c5df000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:ec:db:ea:5f:de:76:d2:3b:89:ce:25:99:
5e:00:7c:31:bd:54:a4:28:ed:46:f7:75:b6:4b:cf:
74:55:54:e5:48:8e:20:cb:16:de:79:65:1e:34:4d:
7d:30:d4:51:e9:6d:fc:b4:c9:79:8c:1a:00:4c:fd:
c3:40:8a:65:db:3a:d0:1c:c5:73:00:2e:c9:ac:8f:
8a:40:22:e9:3e:5d:5c:a8:8a:1b:1a:f6:4c:21:f9:
58:fb:c3:fd:f0:d7:75:b9:88:fc:78:79:17:e3:2c:
c5:1c:fd:d9:55:13:af:42:e0:08:44:37:7e:0c:3d:
21:73:18:6b:86:ef:d4:0d:ea:0b:2e:fd:62:3d:8a:
df:25:1f:07:9b:d8:59:8c:d2:2e:8b:97:1c:81:a9:
60:da:e2:e6:bf:76:8c:5e:72:39:8e:e0:02:37:2d:
44:4d:49:24:8c:ae:45:40:fa:26:a5:db:c8:ef:fd:
4c:4a:40:9b:19:55:46:81:ef:c8:07:c7:32:93:5b:
cc:e1:f4:d7:93:c5:6a:7f:95:a8:45:75:82:1e:f3:
5c:04:d6:5b:7c:14:0e:12:19:e4:b9:c8:2a:90:09:
48:7b:0c:b6:d2:74:7c:31:66:9f:8e:2c:3f:1b:f9:
0d:25:93:50:7b:75:80:25:5a:8f:9a:52:12:5a:78:
bd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:58:C6:0F:0C:99:A5:30:9B:1C:8B:74:98:71:44:AF:9C:5D:F0:00
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RFjGDwyZpTCbHIt0mHFEr5xd8AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.163.23.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
89.213.249.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:d4:ae:63:71:37:ac:5d:5d:77:68:47:c5:5f:e1:07:b8:b2:
9b:26:ea:33:5d:28:eb:1c:58:ef:ff:48:01:b2:0b:e1:3a:e0:
7f:2c:5f:d2:88:6d:27:88:d5:7c:5c:4b:18:88:fa:7c:0c:5a:
17:75:72:42:bd:75:31:ad:23:c2:39:ae:e3:51:b3:fb:6b:3f:
46:2d:93:d9:d8:7a:c2:ef:e7:68:32:47:4d:79:90:85:7e:00:
5b:40:40:f3:e8:2c:04:62:29:2a:18:79:5b:d0:e2:4e:4a:fa:
60:1f:35:17:d2:67:85:d2:f3:26:35:07:d5:1f:23:a5:ec:b6:
fc:3c:b2:8e:07:02:7a:49:0d:00:f9:9e:0c:59:10:90:09:a0:
ad:db:5b:76:08:87:bc:82:a2:cc:11:61:14:f4:49:72:84:e1:
3e:eb:8d:56:7d:f6:0e:c4:71:e4:3e:1c:58:21:a3:df:2f:41:
f1:d0:11:59:0c:4b:9f:24:5f:3e:09:25:26:7a:8f:e4:6c:c0:
41:df:80:d2:e7:04:1a:e2:36:c5:71:e8:c4:98:d1:9b:fa:65:
0c:09:ac:40:c8:26:1f:5f:31:10:5d:05:e1:c4:f7:b9:28:37:
fc:88:2b:b3:03:38:cf:35:cd:e7:69:b9:1e:10:be:49:f8:53:
1d:19:83:02
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZL0O1NRvRuSg304lfn/iU6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTAzMjI1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU4YzYwZjBjOTlhNTMwOWIxYzhiNzQ5ODcxNDRhZjljNWRmMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Ls2+pf3nbSO4nOJZleAHwxvVSk
KO1G93W2S890VVTlSI4gyxbeeWUeNE19MNRR6W38tMl5jBoATP3DQIpl2zrQHMVz
AC7JrI+KQCLpPl1cqIobGvZMIflY+8P98Nd1uYj8eHkX4yzFHP3ZVROvQuAIRDd+
DD0hcxhrhu/UDeoLLv1iPYrfJR8Hm9hZjNIui5ccgalg2uLmv3aMXnI5juACNy1E
TUkkjK5FQPompdvI7/1MSkCbGVVGge/IB8cyk1vM4fTXk8Vqf5WoRXWCHvNcBNZb
fBQOEhnkucgqkAlIewy20nR8MWafjiw/G/kNJZNQe3WAJVqPmlISWni9RwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFERYxg8MmaUwmxyLdJhxRK+cXfAAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUkZqR0R3eVpwVENiSEl0MG1IRkVyNXhkOEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAFS
mLADBAJSmYgDBABSoxcDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ
1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEAFnV+QMEA22wEAMEAm2wzAMEAW2w8gME
AbkxfgMEBMJpUAMEAdQmWAMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqG
SIb3DQEBCwUAA4IBAQBK1K5jcTesXV13aEfFX+EHuLKbJuozXSjrHFjv/0gBsgvh
OuB/LF/SiG0niNV8XEsYiPp8DFoXdXJCvXUxrSPCOa7jUbP7az9GLZPZ2HrC7+do
MkdNeZCFfgBbQEDz6CwEYikqGHlb0OJOSvpgHzUX0meF0vMmNQfVHyOl7Lb8PLKO
BwJ6SQ0A+Z4MWRCQCaCt21t2CIe8gqLMEWEU9ElyhOE+641WffYOxHHkPhxYIaPf
L0Hx0BFZDEufJF8+CSUmeo/kbMBB34DS5wQa4jbFcejEmNGb+mUMCaxAyCYfXzEQ
XQXhxPe5KDf8iCuzAzjPNc3nabkeEL5J+FMdGYMC
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:21 2025 by rpki-client