Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TnbFIKz07-FahUTb_I5Qe_v78Kc.roa
File: TnbFIKz07-FahUTb_I5Qe_v78Kc.roa (raw, json)
Hash identifier: iTw3zGbsh3t/nFvxlMytdWUUm8M5vxxOd1ccxSQOI1s=
Subject key identifier: 4E:76:C5:20:AC:F4:EF:E1:5A:85:44:DB:FC:8E:50:7B:FB:FB:F0:A7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190360AC81240DAFD39002FC0DAF0994A78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TnbFIKz07-FahUTb_I5Qe_v78Kc.roa
Signing time: Thu 20 Jun 2024 14:26:34 +0000
ROA not before: Thu 20 Jun 2024 14:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 08:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:0a:c8:12:40:da:fd:39:00:2f:c0:da:f0:99:4a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 20 14:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e76c520acf4efe15a8544dbfc8e507bfbfbf0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:eb:79:2b:bf:d2:b7:fd:0d:52:8c:19:65:
1a:49:80:24:8b:10:63:67:60:4d:47:ba:5f:96:0c:
48:ae:50:ba:4b:f0:9e:df:88:69:89:a2:50:c2:48:
57:66:36:0c:c6:e2:58:9a:b3:b2:0a:b9:26:73:53:
6e:5e:7e:e4:de:00:30:2b:d0:30:31:90:e0:14:a0:
05:a0:1e:0e:2b:38:31:a2:15:5c:0d:aa:56:2a:74:
93:bc:f5:cf:67:47:10:23:23:58:a6:2e:95:cb:b2:
4f:98:f1:e4:dc:20:5a:d0:49:9b:c1:f2:e0:3b:c2:
65:7a:4c:ac:19:39:c7:34:9b:2f:28:f3:2f:d3:f7:
65:28:00:61:03:5e:c6:ee:1d:b7:ec:1e:46:ec:00:
1e:22:fc:0d:ee:37:8c:06:8e:9f:b2:c7:32:0b:c7:
6c:1e:2a:6c:1a:8f:9d:f5:8a:58:f0:d4:1b:41:3b:
f2:cc:75:00:30:3e:2f:0a:5d:7d:a5:3b:d8:59:09:
d7:4b:05:79:66:47:6a:f2:e2:01:90:7b:9a:99:f4:
51:5e:e5:56:42:11:6a:70:04:5b:db:05:14:a8:fc:
82:fa:b8:a1:2d:9b:3d:d4:5d:30:6b:47:35:18:f7:
6a:84:16:6a:72:d6:bb:8d:cc:66:55:26:4e:f9:34:
99:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:76:C5:20:AC:F4:EF:E1:5A:85:44:DB:FC:8E:50:7B:FB:FB:F0:A7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TnbFIKz07-FahUTb_I5Qe_v78Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.225.0/24
82.153.239.0/24
89.213.43.0/24
89.213.98.0/24
89.213.145.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.32.0/19
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.58.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d2:55:2a:0d:7f:8c:7e:b0:b8:78:9b:7b:b4:78:72:87:a8:
84:e4:2a:2a:7c:52:58:c4:15:f6:c5:7f:d5:72:67:04:40:56:
6b:c5:72:72:b4:59:f9:aa:7d:b7:68:07:64:3f:f4:9d:8e:7e:
c1:1e:27:4a:52:29:45:47:79:98:76:df:1b:1a:6f:24:54:28:
94:1e:a1:3f:e4:c8:5c:00:2d:a2:37:bc:6d:3e:23:46:15:0f:
c6:f9:6d:31:65:43:29:7a:28:c1:84:6f:cc:b5:d6:d3:56:f0:
b3:d2:2d:80:95:c9:a4:ff:a4:ce:86:a5:68:fa:5d:d1:e6:7b:
2f:27:9a:dd:b8:9f:17:e6:79:f6:cf:9c:dc:2a:8c:cc:7e:1e:
c1:52:a9:51:9f:a4:00:9a:24:d2:81:c5:aa:a9:5e:14:c9:ab:
9b:97:f8:03:9a:e1:c8:a9:80:01:b4:ef:e0:bc:7b:f8:8a:9b:
7c:44:97:6b:7f:f9:34:5b:ce:ad:c4:16:c3:9b:56:64:1c:1f:
d6:c3:b5:e6:bf:4e:50:9d:b6:ca:0c:e6:2e:36:6f:ed:74:f6:
71:54:72:2d:93:50:74:4c:03:aa:68:a5:33:ce:53:ac:75:4a:
bc:a0:d3:95:04:07:ac:21:78:0d:19:a5:95:b4:d8:f9:ea:0d:
7d:cc:e4:cd
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZA2CsgSQNr9OQAvwNrwmUp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIwMTQyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc2YzUyMGFjZjRlZmUxNWE4NTQ0ZGJmYzhlNTA3YmZiZmJmMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLvreSu/0rf9DVKMGWUaSYAkixBj
Z2BNR7pflgxIrlC6S/Ce34hpiaJQwkhXZjYMxuJYmrOyCrkmc1NuXn7k3gAwK9Aw
MZDgFKAFoB4OKzgxohVcDapWKnSTvPXPZ0cQIyNYpi6Vy7JPmPHk3CBa0EmbwfLg
O8JlekysGTnHNJsvKPMv0/dlKABhA17G7h237B5G7AAeIvwN7jeMBo6fsscyC8ds
HipsGo+d9YpY8NQbQTvyzHUAMD4vCl19pTvYWQnXSwV5Zkdq8uIBkHuamfRRXuVW
QhFqcARb2wUUqPyC+rihLZs91F0wa0c1GPdqhBZqcta7jcxmVSZO+TSZowIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFE52xSCs9O/hWoVE2/yOUHv7+/CnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVG5iRklLejA3LUZhaFVUYl9JNVFlX3Y3OEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ4QMEAFKZ7wMEAFnVKwME
AFnVYgMEAFnVkQMEAFnVoTAMAwQDWdXoAwQBWdXsAwQFbbAgAwQAbbDrAwQA1YKC
AwQA1YKVAwQA1dI6AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQAx0lUq
DX+MfrC4eJt7tHhyh6iE5CoqfFJYxBX2xX/VcmcEQFZrxXJytFn5qn23aAdkP/Sd
jn7BHidKUilFR3mYdt8bGm8kVCiUHqE/5MhcAC2iN7xtPiNGFQ/G+W0xZUMpeijB
hG/MtdbTVvCz0i2Alcmk/6TOhqVo+l3R5nsvJ5rduJ8X5nn2z5zcKozMfh7BUqlR
n6QAmiTSgcWqqV4Uyaubl/gDmuHIqYABtO/gvHv4ipt8RJdrf/k0W86txBbDm1Zk
HB/Ww7Xmv05QnbbKDOYuNm/tdPZxVHItk1B0TAOqaKUzzlOsdUq8oNOVBAesIXgN
GaWVtNj56g19zOTN
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:15 2025 by rpki-client