Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tsfiz9ZzZ50zKcFGYClXpImkXjM.roa
File: Tsfiz9ZzZ50zKcFGYClXpImkXjM.roa (raw, json)
Hash identifier: KAZtyZmyclLe5p5xyA1C0O+Quok23RQONU1VucVmlaU=
Subject key identifier: 4E:C7:E2:CF:D6:73:67:9D:33:29:C1:46:60:29:57:A4:89:A4:5E:33
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143D5A2F35DDBFC5E1598098555B4F4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tsfiz9ZzZ50zKcFGYClXpImkXjM.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 77.93.137.0/24 maxlen: 24
77.93.149.0/24 maxlen: 24
80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.108.0/23 maxlen: 24
89.213.110.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.194.0/23 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.240.0/23 maxlen: 24
89.213.249.0/24 maxlen: 24
89.213.250.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d5:a2:f3:5d:db:fc:5e:15:98:09:85:55:b4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ec7e2cfd673679d3329c146602957a489a45e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:25:46:65:62:e8:5f:8b:1d:3f:a6:e9:76:48:
39:4a:b5:8a:71:26:a5:05:47:6f:3b:96:e7:b8:07:
42:ee:42:37:94:63:e1:7e:bd:98:38:d0:9f:ca:75:
62:e7:73:72:33:86:8e:34:b8:49:92:6a:bd:53:75:
7c:11:ed:87:fc:63:23:38:6a:d8:e1:c5:c6:da:a4:
15:f4:4f:b0:fd:d6:1f:45:3f:4e:91:d6:a3:f8:c6:
9c:8e:d8:e3:84:3d:0c:6b:90:8f:9b:26:af:6e:8a:
9f:f7:20:bc:ce:3e:ca:02:1d:18:92:17:e5:cb:37:
72:23:da:4c:e8:78:84:6f:20:1a:ac:35:e5:10:9e:
87:f8:1d:47:92:eb:a1:ac:0b:1e:4c:bf:3f:dd:af:
dc:09:db:94:ef:2f:79:df:66:4f:c9:e9:3f:1e:68:
21:17:74:1e:c5:27:bb:fc:80:63:e8:ef:c0:23:9a:
d3:33:f5:9e:9a:cd:de:f1:27:d0:7d:a5:a5:18:15:
67:1c:74:63:89:bc:82:ee:e3:41:4e:3e:4c:bd:14:
19:52:33:b2:df:56:f8:a8:be:ef:0e:fe:18:46:af:
fe:27:76:0c:f7:9e:32:e6:cb:89:88:74:8e:a3:7b:
30:f7:3f:e2:d2:b5:fd:9b:b2:86:da:e7:13:a1:65:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:E2:CF:D6:73:67:9D:33:29:C1:46:60:29:57:A4:89:A4:5E:33
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tsfiz9ZzZ50zKcFGYClXpImkXjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.137.0/24
77.93.149.0/24
80.240.88.0/21
81.168.122.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.19.0/24
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.108.0-89.213.110.255
89.213.122.0/24
89.213.126.0/24
89.213.147.0/24
89.213.194.0/23
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.240.0/23
89.213.249.0-89.213.250.255
109.176.230.0/24
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f1:54:3b:1a:82:fc:11:22:80:e7:f0:f6:93:05:c3:4e:cc:
53:3d:ff:55:93:0c:fd:90:a4:57:40:ad:87:3f:b6:12:ef:95:
05:47:5d:23:23:d6:e8:3f:d7:1a:ef:16:bd:70:31:9c:36:cf:
2b:b7:6f:3f:60:4a:dc:5c:27:0f:0d:61:45:a1:de:96:a8:0b:
14:6c:8c:0d:c2:75:0a:29:48:ad:0c:b4:6b:1d:fc:a7:e9:7c:
f9:e3:98:4a:17:9c:40:60:92:5e:83:cf:66:ad:f0:d8:8c:f1:
dc:63:47:be:e5:68:d5:fd:49:52:f8:54:7e:3c:ad:51:ec:60:
67:a3:ae:9e:68:b5:c1:fe:26:bb:ce:52:37:2c:05:5e:35:f4:
a2:a3:1d:c7:b9:10:11:17:74:26:8f:52:76:2b:e5:02:ae:28:
94:71:cc:12:c3:59:ac:be:4b:de:79:fd:e1:09:a1:12:3c:6f:
36:7f:80:44:21:ce:b7:e8:60:3f:7d:df:b2:0f:47:37:14:3b:
e9:ee:68:62:3b:05:6f:81:59:19:b9:cb:32:c4:1d:8e:fa:c5:
9e:20:64:35:f8:5a:84:9b:8c:46:ec:c7:e2:9d:43:40:4e:43:
3b:63:0d:56:38:3b:8b:f0:a9:fd:17:38:b2:d2:c5:59:38:6a:
29:1d:aa:31
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZQhQ9Wi813b/F4VmAmFVbT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM3ZTJjZmQ2NzM2NzlkMzMyOWMxNDY2MDI5NTdhNDg5YTQ1ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSVGZWLoX4sdP6bpdkg5SrWKcSal
BUdvO5bnuAdC7kI3lGPhfr2YONCfynVi53NyM4aONLhJkmq9U3V8Ee2H/GMjOGrY
4cXG2qQV9E+w/dYfRT9Okdaj+MacjtjjhD0Ma5CPmyavboqf9yC8zj7KAh0Ykhfl
yzdyI9pM6HiEbyAarDXlEJ6H+B1HkuuhrAseTL8/3a/cCduU7y9532ZPyek/Hmgh
F3QexSe7/IBj6O/AI5rTM/Wems3e8SfQfaWlGBVnHHRjibyC7uNBTj5MvRQZUjOy
31b4qL7vDv4YRq/+J3YM954y5suJiHSOo3sw9z/i0rX9m7KG2ucToWXO/wIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFE7H4s/Wc2edMynBRmApV6SJpF4zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVHNmaXo5WnpaNTB6S2NGR1lDbFhwSW1rWGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBABN
XYkDBABNXZUDBANQ8FgDBABRqHoDBABSmIMDBAFSmK4DBAJSmdADBABSoxMDBANS
oxgDBABZ1ToDBAFZ1TwwDAMEAlnVbAMEAFnVbgMEAFnVegMEAFnVfgMEAFnVkwME
AVnVwjAMAwQBWdXGAwQBWdXMAwQAWdXkAwQBWdXwMAwDBABZ1fkDBABZ1foDBABt
sOYDBADV0hADBADV0hIDBADV0iEDBADV0jMDBADV2twDBADZkJcwDQYJKoZIhvcN
AQELBQADggEBADTxVDsagvwRIoDn8PaTBcNOzFM9/1WTDP2QpFdArYc/thLvlQVH
XSMj1ug/1xrvFr1wMZw2zyu3bz9gStxcJw8NYUWh3paoCxRsjA3CdQopSK0MtGsd
/KfpfPnjmEoXnEBgkl6Dz2at8NiM8dxjR77laNX9SVL4VH48rVHsYGejrp5otcH+
JrvOUjcsBV419KKjHce5EBEXdCaPUnYr5QKuKJRxzBLDWay+S955/eEJoRI8bzZ/
gEQhzrfoYD9937IPRzcUO+nuaGI7BW+BWRm5yzLEHY76xZ4gZDX4WoSbjEbsx+Kd
Q0BOQztjDVY4O4vwqf0XOLLSxVk4aikdqjE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:40 2025 by rpki-client