Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RqfJ7R_u6072eC6t0nHCzNvYWJY.roa
File: RqfJ7R_u6072eC6t0nHCzNvYWJY.roa (raw, json)
Hash identifier: Ex2Fnz54kIwDEmBKeZhB93z+KCMU0iTSfWeeZrf8DxU=
Subject key identifier: 46:A7:C9:ED:1F:EE:EB:4E:F6:78:2E:AD:D2:71:C2:CC:DB:D8:58:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019464A746CDC2F43B8A2A3B01DBEEBA0A61
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RqfJ7R_u6072eC6t0nHCzNvYWJY.roa
Signing time: Tue 14 Jan 2025 11:51:11 +0000
ROA not before: Tue 14 Jan 2025 11:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 19:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:a7:46:cd:c2:f4:3b:8a:2a:3b:01:db:ee:ba:0a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 14 11:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a7c9ed1feeeb4ef6782eadd271c2ccdbd85896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:d4:31:6c:b4:3c:bf:81:ef:6c:81:ea:78:
e2:12:25:70:1c:f9:29:4c:45:3c:cf:35:8b:db:6a:
21:07:ea:57:56:8f:09:0f:db:18:e4:a5:ca:a0:0f:
e3:49:6b:57:cc:ba:14:ae:3f:3c:b3:f2:df:2c:ea:
59:ba:57:11:8f:d3:54:76:77:9b:aa:69:30:46:71:
36:9d:a4:6b:06:9b:19:ec:26:71:12:26:fb:4b:ac:
e1:d2:d1:c4:61:3d:2e:7d:d1:3d:48:fc:70:1b:5a:
c3:ae:18:48:23:2c:a2:8f:fd:56:cd:3b:2b:2d:72:
8f:f3:39:cd:0e:db:ab:09:8b:40:3e:45:f9:ca:bd:
31:ca:7f:b6:74:be:2c:72:56:cc:83:55:0e:82:d9:
ab:1c:5c:a0:ff:93:9b:d7:fa:06:a7:61:62:20:cb:
d7:8f:2a:fc:e0:2e:f4:1b:b8:92:3d:c9:02:96:bd:
a3:7c:9c:8a:d1:5d:86:fc:4a:df:7d:ed:41:87:9c:
8b:4c:c2:d7:1c:f2:6e:be:12:cd:21:c9:aa:97:ad:
3c:51:6d:e5:7e:4d:95:44:19:14:c7:c4:08:f6:a0:
ee:97:ea:c4:d1:c2:9b:85:0a:ed:75:51:16:15:a5:
08:a6:03:14:aa:30:63:b3:ba:9b:d0:7b:42:6c:36:
2c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A7:C9:ED:1F:EE:EB:4E:F6:78:2E:AD:D2:71:C2:CC:DB:D8:58:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RqfJ7R_u6072eC6t0nHCzNvYWJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.210.0/23
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
62:a1:ca:3d:3f:52:9c:eb:f5:37:02:65:3a:22:4e:c2:f2:0e:
84:f0:1e:f3:ef:86:ea:e8:a1:98:5d:c8:b7:17:fa:02:d0:a5:
a1:12:d4:77:66:8f:cd:b6:af:55:3e:72:55:2e:e5:4c:74:32:
47:51:30:2c:c1:cd:68:8e:a7:6a:45:a4:67:8e:93:58:c0:a0:
2f:2f:e9:10:37:6a:7b:1e:26:08:86:74:b2:54:a2:0c:87:cc:
5b:03:dd:56:e8:e1:64:7f:d9:16:04:83:d4:55:9d:82:a5:1b:
aa:a4:a8:6f:ba:b6:35:f2:04:49:6e:ca:c5:30:86:d9:a9:77:
f2:90:1e:a4:56:89:32:ef:68:34:ed:f6:e8:11:2c:32:d7:e4:
fa:9b:69:ef:0c:02:59:df:a3:45:9a:c4:7d:ba:39:67:bc:d6:
d8:c4:b6:4f:6b:35:08:2b:82:09:39:41:dc:31:e4:66:48:9b:
56:44:2f:2c:7b:79:af:f1:de:08:90:52:6a:9e:12:91:54:65:
84:ba:a2:85:db:b9:ea:f4:1f:f4:cc:d5:71:f2:48:78:72:b9:
5c:ec:5c:86:8e:db:fc:d0:b3:95:5d:a0:a5:b4:7e:4e:21:e1:
d5:31:53:d4:c8:b1:19:f2:4f:99:17:9c:b7:7e:11:7e:f1:03:
cc:e7:cb:53
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZRkp0bNwvQ7iio7AdvuugphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTE0MTE1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE3YzllZDFmZWVlYjRlZjY3ODJlYWRkMjcxYzJjY2RiZDg1ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswfUMWy0PL+B72yB6njiEiVwHPkp
TEU8zzWL22ohB+pXVo8JD9sY5KXKoA/jSWtXzLoUrj88s/LfLOpZulcRj9NUdneb
qmkwRnE2naRrBpsZ7CZxEib7S6zh0tHEYT0ufdE9SPxwG1rDrhhIIyyij/1WzTsr
LXKP8znNDturCYtAPkX5yr0xyn+2dL4sclbMg1UOgtmrHFyg/5Ob1/oGp2FiIMvX
jyr84C70G7iSPckClr2jfJyK0V2G/Erffe1Bh5yLTMLXHPJuvhLNIcmql608UW3l
fk2VRBkUx8QI9qDul+rE0cKbhQrtdVEWFaUIpgMUqjBjs7qb0HtCbDYsPQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFEanye0f7utO9ngurdJxwszb2FiWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnFmSjdSX3U2MDcyZUM2dDBuSEN6TnZZV0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BABSmAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQD
BABZ1YsDBABZ1Y8wDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQA
WdWkAwQAWdWnAwQAWdWpMAwDBABZ1asDBARZ1aADBABZ1bUDBABZ1b8wDAMEAlnV
xAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQBbbDyAwQBuTF+AwQE
wmlQAwQA1CZPAwQB1CZYAwQA1ZgrAwQC1dI0AwQB1drSMAwDBADZkUEDBADZkUID
BAPZkUgwDQYJKoZIhvcNAQELBQADggEBAGKhyj0/Upzr9TcCZToiTsLyDoTwHvPv
hurooZhdyLcX+gLQpaES1Hdmj822r1U+clUu5Ux0MkdRMCzBzWiOp2pFpGeOk1jA
oC8v6RA3anseJgiGdLJUogyHzFsD3Vbo4WR/2RYEg9RVnYKlG6qkqG+6tjXyBElu
ysUwhtmpd/KQHqRWiTLvaDTt9ugRLDLX5Pqbae8MAlnfo0WaxH26OWe81tjEtk9r
NQgrggk5Qdwx5GZIm1ZELyx7ea/x3giQUmqeEpFUZYS6ooXbuer0H/TM1XHySHhy
uVzsXIaO2/zQs5VdoKW0fk4h4dUxU9TIsRnyT5kXnLd+EX7xA8zny1M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:52 2025 by rpki-client