Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TwP873OxcG2f4s_9T8Y9D7wCUJc.roa
File: TwP873OxcG2f4s_9T8Y9D7wCUJc.roa (raw, json)
Hash identifier: Kgi9tU8yBWE1WHw6bW4mTZ/fpapepbDb5FHJPy4Z/Yk=
Subject key identifier: 4F:03:FC:EF:73:B1:70:6D:9F:E2:CF:FD:4F:C6:3D:0F:BC:02:50:97
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB93F949529D12462EBED933A2C4A1F29
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TwP873OxcG2f4s_9T8Y9D7wCUJc.roa
Signing time: Mon 27 May 2024 08:51:42 +0000
ROA not before: Mon 27 May 2024 08:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.248.0/23 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 07:58:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:3f:94:95:29:d1:24:62:eb:ed:93:3a:2c:4a:1f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 08:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f03fcef73b1706d9fe2cffd4fc63d0fbc025097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4c:78:24:4b:27:f7:3c:4a:95:1b:04:63:df:
ec:c5:bf:cb:7b:b8:46:5e:56:b5:6d:ab:69:8d:e0:
a2:b6:e8:53:07:ef:b8:7d:b4:35:78:1d:65:68:6e:
75:a0:7b:f1:16:6a:43:db:32:b6:8e:75:b8:32:84:
c7:f9:14:82:5e:7a:45:0e:7c:07:4b:3a:fe:dd:82:
e9:9e:f9:6b:87:b8:9f:dd:fa:fd:a2:f9:de:cb:50:
36:cd:1c:81:6b:83:d6:12:77:3a:e4:97:3e:9e:b7:
a3:c2:27:37:29:ea:0b:02:ba:70:2f:91:3c:cf:14:
69:93:7a:b2:06:98:1e:3c:e5:f1:fd:06:a4:eb:94:
de:d7:42:56:b5:c7:8c:f1:b9:ab:f2:13:ff:15:8f:
a9:1b:b0:38:c9:bd:5e:3c:47:6a:51:30:a7:08:11:
42:6c:7e:65:ae:be:c0:98:d5:72:ef:24:39:9c:83:
3c:0c:df:6e:d3:4e:92:c7:0c:21:09:70:72:86:94:
6d:51:e0:61:cf:d8:00:51:0d:39:4c:db:b0:b0:d2:
ea:0e:db:b2:bd:9e:44:3d:87:07:4d:92:4b:82:07:
6d:3a:6a:6a:8e:dd:fc:88:22:3b:6f:91:37:83:66:
f7:18:48:b0:00:a4:c0:f7:3d:b9:9d:4f:b1:fa:f6:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:03:FC:EF:73:B1:70:6D:9F:E2:CF:FD:4F:C6:3D:0F:BC:02:50:97
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TwP873OxcG2f4s_9T8Y9D7wCUJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
89.213.248.0/23
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:b0:09:6d:e9:4f:40:4e:a0:bd:2a:42:45:e1:29:f3:90:82:
81:59:85:0d:da:1a:2b:39:07:7f:81:db:ef:8d:fb:17:fa:4a:
6d:8a:b0:a5:78:44:c6:04:b4:98:10:ec:67:b0:03:51:e7:3b:
fb:0b:95:d7:11:3e:f1:c9:45:f8:dc:da:61:de:f2:17:1b:27:
97:11:f6:d0:ec:30:dc:98:bb:6d:de:88:3c:99:a4:53:a6:3b:
c1:ca:aa:3c:96:ae:1e:6e:69:16:e8:74:25:23:e4:1b:84:db:
f4:a3:5e:e1:55:fc:86:74:be:1b:3b:e5:c1:bc:10:e4:46:44:
9f:38:78:cd:fe:e9:39:91:e1:8b:32:54:42:48:0a:f4:ce:59:
00:2e:ba:f6:52:f0:df:0b:d4:63:f1:be:e6:1c:71:3a:07:6c:
84:f9:69:2c:7f:a9:d3:94:e6:e2:8f:6c:48:18:b9:e0:7c:38:
e4:38:a7:28:0c:f6:72:73:5c:ea:31:61:1b:39:c6:78:9f:27:
b3:fc:34:e7:d8:7b:66:33:07:44:7c:78:dd:16:63:06:f8:35:
14:7a:41:f4:9a:24:e8:ea:1a:2a:be:22:8c:e9:09:7e:3e:e6:
b4:6c:46:74:d7:6c:c2:c8:a3:dd:99:a2:c0:ca:43:80:de:97:
2d:8d:05:ac
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY+5P5SVKdEkYuvtkzosSh8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MDg1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAzZmNlZjczYjE3MDZkOWZlMmNmZmQ0ZmM2M2QwZmJjMDI1MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0x4JEsn9zxKlRsEY9/sxb/Le7hG
Xla1batpjeCituhTB++4fbQ1eB1laG51oHvxFmpD2zK2jnW4MoTH+RSCXnpFDnwH
Szr+3YLpnvlrh7if3fr9ovney1A2zRyBa4PWEnc65Jc+nrejwic3KeoLArpwL5E8
zxRpk3qyBpgePOXx/Qak65Te10JWtceM8bmr8hP/FY+pG7A4yb1ePEdqUTCnCBFC
bH5lrr7AmNVy7yQ5nIM8DN9u006SxwwhCXByhpRtUeBhz9gAUQ05TNuwsNLqDtuy
vZ5EPYcHTZJLggdtOmpqjt38iCI7b5E3g2b3GEiwAKTA9z25nU+x+vZJVwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFE8D/O9zsXBtn+LP/U/GPQ+8AlCXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVHdQODczT3hjRzJmNHNfOVQ4WTlEN3dDVUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBUpiwAwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEAVnV
+AMEA22wEAMEAbkxfgMEBMJpUAMEAdQmWAMEAdXa0jANBgkqhkiG9w0BAQsFAAOC
AQEAirAJbelPQE6gvSpCReEp85CCgVmFDdoaKzkHf4Hb7437F/pKbYqwpXhExgS0
mBDsZ7ADUec7+wuV1xE+8clF+NzaYd7yFxsnlxH20Oww3Ji7bd6IPJmkU6Y7wcqq
PJauHm5pFuh0JSPkG4Tb9KNe4VX8hnS+GzvlwbwQ5EZEnzh4zf7pOZHhizJUQkgK
9M5ZAC669lLw3wvUY/G+5hxxOgdshPlpLH+p05Tm4o9sSBi54Hw45DinKAz2cnNc
6jFhGznGeJ8ns/w059h7ZjMHRHx43RZjBvg1FHpB9Jok6OoaKr4ijOkJfj7mtGxG
dNdswsij3ZmiwMpDgN6XLY0FrA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:14 2025 by rpki-client