Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RrRS9x3QsnaRRCY0kAJf-t0Lg1w.roa
File: RrRS9x3QsnaRRCY0kAJf-t0Lg1w.roa (raw, json)
Hash identifier: TV5i+y5I+yhRMLWcEL6xX6wzgXPjKV+TxJGhvBc+2t4=
Subject key identifier: 46:B4:52:F7:1D:D0:B2:76:91:44:26:34:90:02:5F:FA:DD:0B:83:5C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195D21906DA6C912227D95D4AF6C23BA126
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RrRS9x3QsnaRRCY0kAJf-t0Lg1w.roa
Signing time: Wed 26 Mar 2025 10:56:50 +0000
ROA not before: Wed 26 Mar 2025 10:56:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 20:20:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:19:06:da:6c:91:22:27:d9:5d:4a:f6:c2:3b:a1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 26 10:56:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46b452f71dd0b2769144263490025ffadd0b835c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1d:cc:8b:dc:aa:0c:93:e2:44:f2:6e:75:b6:
63:68:c1:4a:95:59:74:6d:a7:99:ef:95:b9:d6:71:
f1:56:e2:26:32:1f:8c:be:5f:0f:48:c2:92:72:ea:
98:3c:99:d0:0e:03:45:09:2f:8a:ad:5f:88:52:40:
82:a0:56:14:f6:ed:8d:90:f8:0c:ec:14:de:38:b4:
db:f5:a3:1e:38:fc:09:6a:3c:a4:49:02:ea:99:b7:
26:40:7e:3e:44:d4:35:05:d8:da:31:1f:8c:ed:9a:
ce:4b:4e:8e:b9:b5:31:c6:2d:56:3b:ae:f1:df:26:
0a:ce:87:29:b9:26:11:52:7d:40:82:6d:1b:ec:24:
6f:8e:30:46:06:3a:60:57:98:93:75:2b:fd:3b:90:
b4:e9:3c:2d:36:61:99:db:84:a6:18:3c:91:0a:65:
7f:e8:5d:6c:f4:77:06:55:ea:ea:56:e6:7b:d4:7c:
aa:e3:9e:47:8e:0c:70:fa:ba:15:39:21:cf:23:3e:
1a:9f:57:31:1a:f1:53:63:b7:b6:b0:80:b2:cd:1d:
a9:40:61:90:14:bd:69:b1:b9:65:82:52:03:bc:b4:
aa:40:05:d0:40:d6:2f:f7:76:f1:2b:bf:16:27:16:
d6:45:64:13:f1:74:fe:da:e4:e1:2c:df:52:68:57:
76:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B4:52:F7:1D:D0:B2:76:91:44:26:34:90:02:5F:FA:DD:0B:83:5C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RrRS9x3QsnaRRCY0kAJf-t0Lg1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
75:69:5b:ea:9f:17:bb:8a:11:15:e6:84:76:16:92:ce:67:79:
79:a4:66:e1:a2:a3:91:d7:0b:87:e0:1b:30:47:b8:da:ef:cf:
17:70:56:36:fe:a1:47:cd:be:26:6d:e5:18:79:f6:02:87:91:
a2:e1:45:32:68:29:3e:25:f7:1d:d4:9a:ac:3e:b0:c8:46:65:
31:10:bb:7f:ab:c7:c5:fc:75:20:87:80:c5:3a:b4:c5:7f:59:
6e:5b:b6:9b:92:0c:0d:e0:bc:2c:8b:5f:ad:16:ed:28:1b:ad:
de:ff:05:36:ec:03:6e:7f:8d:87:98:8a:bf:a3:14:a2:35:4b:
97:6e:5e:e8:5f:27:28:0f:5d:39:c4:dc:3a:90:03:39:1f:93:
61:bd:60:b7:62:24:1b:95:5d:12:28:c0:97:28:fa:5c:5a:4e:
3c:d4:e3:24:a1:5a:80:3e:7d:8b:be:d3:e6:52:85:e4:b3:b3:
6b:f1:07:40:be:45:2d:d5:5a:31:3d:91:7b:2f:1d:77:56:cb:
5e:a3:64:73:9c:58:b5:6d:8a:20:38:e2:27:53:36:2b:ce:81:
8e:3f:31:2b:e3:fe:ec:31:dc:35:36:7d:c4:20:ac:c8:f6:c9:
60:15:a9:54:68:b9:dc:10:8e:54:01:d2:79:bc:f2:b7:35:f5:
11:fe:79:a0
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZXSGQbabJEiJ9ldSvbCO6EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzI2MTA1NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmI0NTJmNzFkZDBiMjc2OTE0NDI2MzQ5MDAyNWZmYWRkMGI4MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox3Mi9yqDJPiRPJudbZjaMFKlVl0
baeZ75W51nHxVuImMh+Mvl8PSMKScuqYPJnQDgNFCS+KrV+IUkCCoFYU9u2NkPgM
7BTeOLTb9aMeOPwJajykSQLqmbcmQH4+RNQ1BdjaMR+M7ZrOS06OubUxxi1WO67x
3yYKzocpuSYRUn1Agm0b7CRvjjBGBjpgV5iTdSv9O5C06TwtNmGZ24SmGDyRCmV/
6F1s9HcGVerqVuZ71Hyq455Hjgxw+roVOSHPIz4an1cxGvFTY7e2sICyzR2pQGGQ
FL1psbllglIDvLSqQAXQQNYv93bxK78WJxbWRWQT8XT+2uThLN9SaFd2oQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFEa0Uvcd0LJ2kUQmNJACX/rdC4NcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnJSUzl4M1FzbmFSUkNZMGtBSmYtdDBMZzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAFKYCAMEAFKYgwMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLDAMAwQBWdUyAwQC
WdU4AwQAWdV/AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwDBABZ1ZEDBABZ1ZIw
DAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnVqTAMAwQAWdWrAwQA
WdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV
4AMEA22wEAMEAG2wwQMEAm2wzAMEAW2w8gMEAG2w/AMEAbkxfgMEALllLwMEBMJp
UAMEANQmTwMEAdQmWAMEAtWChAMEANWYKwMEAtXSNAMEANXa0wMEANXa4jAMAwQC
1dr0AwQA1dr4MAwDBADZkUEDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQELBQADggEB
AHVpW+qfF7uKERXmhHYWks5neXmkZuGio5HXC4fgGzBHuNrvzxdwVjb+oUfNviZt
5Rh59gKHkaLhRTJoKT4l9x3Umqw+sMhGZTEQu3+rx8X8dSCHgMU6tMV/WW5btpuS
DA3gvCyLX60W7Sgbrd7/BTbsA25/jYeYir+jFKI1S5duXuhfJygPXTnE3DqQAzkf
k2G9YLdiJBuVXRIowJco+lxaTjzU4yShWoA+fYu+0+ZSheSzs2vxB0C+RS3VWjE9
kXsvHXdWy16jZHOcWLVtiiA44idTNivOgY4/MSvj/uwx3DU2fcQgrMj2yWAVqVRo
udwQjlQB0nm88rc19RH+eaA=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:40:30 2025 by rpki-client