Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0XA0IcLeu7Avbk8FGSFjrtn8FY.roa
File: S0XA0IcLeu7Avbk8FGSFjrtn8FY.roa (raw, json)
Hash identifier: LmHbrLljjcvf/VuKg+Wh7GfkpDoU/IRGYUJ09VHi5nM=
Subject key identifier: 4B:45:C0:D0:87:0B:7A:EE:C0:BD:B9:3C:14:64:85:8E:BB:67:F0:56
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F7B1C08CEAC785A1D3CBFA41F288B13A3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0XA0IcLeu7Avbk8FGSFjrtn8FY.roa
Signing time: Wed 15 May 2024 07:16:25 +0000
ROA not before: Wed 15 May 2024 07:16:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.163.21.0/24 maxlen: 24
89.213.97.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 07:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:1c:08:ce:ac:78:5a:1d:3c:bf:a4:1f:28:8b:13:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 15 07:16:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b45c0d0870b7aeec0bdb93c1464858ebb67f056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:07:19:e1:6b:1f:6e:bb:3f:f3:7c:d7:0b:ee:
3b:7e:fb:1a:ea:33:61:00:b5:19:cc:f1:e5:6f:51:
42:8b:1c:58:4d:fe:a4:4c:f1:ff:fa:a5:75:4a:16:
06:13:ea:87:f8:b2:eb:73:22:08:46:4c:90:69:8b:
e9:fb:93:b9:d4:3a:d1:3b:38:7b:d0:98:92:1b:31:
9e:7b:fa:45:da:ee:f8:a1:e0:e8:3e:a5:5a:de:33:
b8:e2:18:2a:c4:8d:18:4b:9b:1b:3c:4c:6b:b1:21:
4f:6c:3c:6e:4f:a1:dd:cc:01:11:93:65:12:b4:e0:
d3:05:e5:85:4b:2a:14:1d:50:49:a7:f5:4c:2f:01:
7e:00:b5:45:fc:2a:69:bd:1c:83:47:9b:bd:84:6e:
36:00:47:6d:87:c0:c3:c2:8c:73:23:71:df:31:1d:
0b:1a:ca:f8:78:4b:c1:6e:0e:74:d7:22:8f:86:7c:
a2:04:49:ac:80:2f:eb:76:87:3c:b5:d2:5a:b6:1d:
e1:cc:19:2f:cd:49:69:75:00:35:be:30:a0:8c:75:
e7:2d:41:35:26:3c:23:a4:06:79:c2:d5:cc:53:81:
11:9a:a2:65:58:b6:3a:c9:e4:79:70:20:86:45:85:
e1:91:45:de:56:45:ad:5c:20:d0:10:95:2b:d9:9e:
55:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:45:C0:D0:87:0B:7A:EE:C0:BD:B9:3C:14:64:85:8E:BB:67:F0:56
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0XA0IcLeu7Avbk8FGSFjrtn8FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.163.21.0/24
89.213.97.0-89.213.98.255
89.213.148.0-89.213.159.255
89.213.172.0/22
109.176.16.0/21
109.176.201.0/24
109.176.253.0/24
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.210.59.0/24
213.218.210.0/23
213.218.213.0/24
213.218.227.0/24
213.218.231.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
35:fb:0b:41:7f:94:67:5b:d4:57:73:30:4f:9b:8a:53:ba:c9:
d8:86:e7:ae:1e:cb:cd:f0:a8:3c:9b:f3:d7:4f:29:03:1e:b9:
19:78:c9:e5:b8:0a:91:9a:f2:46:6d:86:6f:3a:a1:f5:4d:20:
e8:7c:ed:a9:da:56:2f:2f:f3:44:82:b7:41:05:2d:ab:0f:c8:
02:47:e5:5c:76:af:82:d2:13:ab:e4:9b:ff:85:e2:f6:6a:fd:
c4:a2:6e:13:ac:c2:e2:87:ba:0f:79:8f:07:9c:04:81:3c:ba:
ce:87:b4:91:41:b4:17:48:61:d8:50:a2:93:68:7f:73:b4:44:
b8:de:6e:70:a2:99:9d:7a:cb:3f:d6:db:53:b3:d8:ee:30:36:
6f:9a:79:f2:fc:03:51:6f:ba:77:c0:b4:8e:a2:69:17:33:bc:
70:ea:d1:08:4c:e5:87:a1:ba:08:5b:d5:77:38:bd:b0:d9:8c:
ed:9f:4f:9e:23:3e:9a:e7:a1:d3:54:87:6a:ef:ef:c6:a2:2a:
5f:e4:74:cb:7e:72:3c:c0:8b:14:c3:a9:0c:e8:c1:93:90:91:
63:3c:09:45:32:e4:fb:02:c6:38:6c:a0:02:f6:82:f0:87:9d:
64:ba:eb:aa:45:72:b6:8c:38:f0:16:18:78:e2:66:4d:9d:82:
ad:2e:a8:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY97HAjOrHhaHTy/pB8oixOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE1MDcxNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQ1YzBkMDg3MGI3YWVlYzBiZGI5M2MxNDY0ODU4ZWJiNjdmMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wcZ4Wsfbrs/83zXC+47fvsa6jNh
ALUZzPHlb1FCixxYTf6kTPH/+qV1ShYGE+qH+LLrcyIIRkyQaYvp+5O51DrROzh7
0JiSGzGee/pF2u74oeDoPqVa3jO44hgqxI0YS5sbPExrsSFPbDxuT6HdzAERk2US
tODTBeWFSyoUHVBJp/VMLwF+ALVF/CppvRyDR5u9hG42AEdth8DDwoxzI3HfMR0L
Gsr4eEvBbg501yKPhnyiBEmsgC/rdoc8tdJath3hzBkvzUlpdQA1vjCgjHXnLUE1
JjwjpAZ5wtXMU4ERmqJlWLY6yeR5cCCGRYXhkUXeVkWtXCDQEJUr2Z5VswIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFEtFwNCHC3ruwL25PBRkhY67Z/BWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUzBYQTBJY0xldTdBdmJrOEZHU0ZqcnRuOEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFS
mLADBABSmTIDBAJSmYgDBABSoxUwDAMEAFnVYQMEAFnVYjAMAwQCWdWUAwQFWdWA
AwQCWdWsAwQDbbAQAwQAbbDJAwQAbbD9AwQBuTF+AwQEwmlQAwQA1YKCAwQA1YKV
AwQA1dI7AwQB1drSAwQA1drVAwQA1drjAwQA1drnAwQA1dr5MA0GCSqGSIb3DQEB
CwUAA4IBAQA1+wtBf5RnW9RXczBPm4pTusnYhueuHsvN8Kg8m/PXTykDHrkZeMnl
uAqRmvJGbYZvOqH1TSDofO2p2lYvL/NEgrdBBS2rD8gCR+Vcdq+C0hOr5Jv/heL2
av3Eom4TrMLih7oPeY8HnASBPLrOh7SRQbQXSGHYUKKTaH9ztES43m5wopmdess/
1ttTs9juMDZvmnny/ANRb7p3wLSOomkXM7xw6tEITOWHoboIW9V3OL2w2Yztn0+e
Iz6a56HTVIdq7+/Goipf5HTLfnI8wIsUw6kM6MGTkJFjPAlFMuT7AsY4bKAC9oLw
h51kuuuqRXK2jDjwFhh44mZNnYKtLqhy
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:26 2025 by rpki-client