Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RhUIE-VQxzPP_jH33QQftJycpMk.roa
File: RhUIE-VQxzPP_jH33QQftJycpMk.roa (raw, json)
Hash identifier: qfvqFdVRo6uoBNuylTHgXNYTcyi3epoXiR8kMkfHbFM=
Subject key identifier: 46:15:08:13:E5:50:C7:33:CF:FE:31:F7:DD:04:1F:B4:9C:9C:A4:C9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F82257BDD488A210876207FC51DA38CC6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RhUIE-VQxzPP_jH33QQftJycpMk.roa
Signing time: Thu 16 May 2024 16:04:05 +0000
ROA not before: Thu 16 May 2024 16:04:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 09:04:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:82:25:7b:dd:48:8a:21:08:76:20:7f:c5:1d:a3:8c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 16 16:04:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46150813e550c733cffe31f7dd041fb49c9ca4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:51:0f:19:b6:43:2b:d4:e8:1a:ad:b1:d1:26:
15:e1:85:68:eb:af:e7:62:b0:80:a5:c1:30:34:cd:
a5:38:6b:11:f6:2d:bd:a8:ac:90:86:b0:2c:6b:8a:
6d:9f:6b:dc:78:09:16:f3:9e:a7:5b:c1:a5:83:b1:
2c:6f:7a:1b:ef:87:36:aa:5e:11:7d:73:cf:43:73:
57:aa:99:ed:da:bf:53:14:1c:4f:ce:1d:29:3d:dd:
5d:c3:8a:a9:75:e3:dc:97:14:49:f7:5d:d4:8e:f5:
a5:f0:45:42:52:60:16:b6:8c:22:0e:bb:55:0f:d1:
54:6b:08:ab:15:cd:3f:cd:94:8c:84:d9:4b:88:ea:
61:98:6d:6b:d7:ec:28:97:1d:93:08:90:98:1d:40:
1f:51:e0:fa:d1:26:87:e8:5a:ae:9b:e4:83:6f:c5:
f1:1f:64:13:89:8e:eb:56:65:b8:43:83:92:9c:33:
f5:af:63:65:89:f1:d2:09:20:2e:f0:7b:47:aa:a1:
77:59:ec:02:26:bc:78:ba:49:5e:6b:1d:62:0c:5e:
ff:93:ed:00:60:c0:c3:64:61:f1:cd:63:88:cd:16:
6d:12:0c:96:a3:5b:08:c7:15:98:db:7c:c5:1d:d6:
58:77:9b:31:53:91:27:bc:9f:15:3e:ce:f3:8b:5a:
b4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:15:08:13:E5:50:C7:33:CF:FE:31:F7:DD:04:1F:B4:9C:9C:A4:C9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RhUIE-VQxzPP_jH33QQftJycpMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.8.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.6.0/23
89.213.130.0/24
89.213.190.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
64:44:6e:6a:5f:dc:37:7b:86:d4:c6:47:34:28:c1:86:b2:ce:
03:23:ce:1b:fb:a8:62:e0:d1:02:43:45:8d:dd:59:26:c4:f5:
c4:1b:2d:4e:9e:09:3a:1e:61:3a:9f:dc:f8:18:36:c5:86:0a:
ce:8d:31:c4:1a:8b:a3:dc:c3:ce:ee:a6:31:ee:b8:e0:5d:91:
45:da:20:1d:41:90:58:84:41:99:4a:6d:05:db:5e:04:c6:38:
c0:47:d3:21:f8:f0:8c:4b:de:85:64:35:28:c7:e1:36:79:db:
f8:72:d1:59:a7:d8:e2:bb:8a:1e:4f:8b:f0:9d:18:f2:11:ad:
9e:cb:73:64:81:11:e5:20:49:cb:b1:99:1f:d0:6b:bf:d2:ec:
ee:32:62:4f:2f:d0:21:7a:7c:d6:ba:28:d0:68:30:f2:01:b4:
0a:e1:c0:7b:44:ae:b6:2c:32:f0:28:0b:0b:61:01:65:06:9f:
a8:b9:a7:9f:fb:13:5b:ad:10:46:21:2b:2e:39:fc:6f:ab:c7:
a1:80:4e:d5:27:79:24:f0:09:b0:1a:66:76:36:88:41:b5:5c:
23:cc:1a:34:20:7a:10:de:67:f8:e6:a9:48:d5:e6:3a:ae:a3:
93:f7:e9:88:8a:31:73:31:93:90:af:a5:00:02:a1:67:cc:87:
73:7f:27:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY+CJXvdSIohCHYgf8Udo4zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MTYwNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE1MDgxM2U1NTBjNzMzY2ZmZTMxZjdkZDA0MWZiNDljOWNhNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVEPGbZDK9ToGq2x0SYV4YVo66/n
YrCApcEwNM2lOGsR9i29qKyQhrAsa4ptn2vceAkW856nW8Glg7Esb3ob74c2ql4R
fXPPQ3NXqpnt2r9TFBxPzh0pPd1dw4qpdePclxRJ913UjvWl8EVCUmAWtowiDrtV
D9FUawirFc0/zZSMhNlLiOphmG1r1+wolx2TCJCYHUAfUeD60SaH6Fqum+SDb8Xx
H2QTiY7rVmW4Q4OSnDP1r2NlifHSCSAu8HtHqqF3WewCJrx4ukleax1iDF7/k+0A
YMDDZGHxzWOIzRZtEgyWo1sIxxWY23zFHdZYd5sxU5EnvJ8VPs7zi1q08QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEYVCBPlUMczz/4x990EH7ScnKTJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUmhVSUUtVlF4elBQX2pIMzNRUWZ0SnljcE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAUah4AwQA
UpgIAwQAUpj4AwQAUpj7AwQAUpj+AwQAUplFAwQAUplIAwQAUplPAwQAUpmEAwQA
UpngAwQAWdUEAwQBWdUGAwQAWdWCAwQAWdW+AwQAbbD3AwQAbbD7AwQAuTF8MA0G
CSqGSIb3DQEBCwUAA4IBAQBkRG5qX9w3e4bUxkc0KMGGss4DI84b+6hi4NECQ0WN
3VkmxPXEGy1Ongk6HmE6n9z4GDbFhgrOjTHEGouj3MPO7qYx7rjgXZFF2iAdQZBY
hEGZSm0F214ExjjAR9Mh+PCMS96FZDUox+E2edv4ctFZp9jiu4oeT4vwnRjyEa2e
y3NkgRHlIEnLsZkf0Gu/0uzuMmJPL9AhenzWuijQaDDyAbQK4cB7RK62LDLwKAsL
YQFlBp+ouaef+xNbrRBGISsuOfxvq8ehgE7VJ3kk8AmwGmZ2NohBtVwjzBo0IHoQ
3mf45qlI1eY6rqOT9+mIijFzMZOQr6UAAqFnzIdzfycP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:38 2025 by rpki-client