Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UIsp9aBY2HMFifmCx99mbYggl9s.roa
File: UIsp9aBY2HMFifmCx99mbYggl9s.roa (raw, json)
Hash identifier: tVsH9Kd8krPKE1OnjBs2gV8MnB4sDf7BaH8YH5Cpugc=
Subject key identifier: 50:8B:29:F5:A0:58:D8:73:05:89:F9:82:C7:DF:66:6D:88:20:97:DB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421440F055852F87DF87BCADB28EE7F6E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UIsp9aBY2HMFifmCx99mbYggl9s.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210542
IP address blocks: 82.152.49.0/24 maxlen: 24
82.153.228.0/23 maxlen: 24
213.218.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 15:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0f:05:58:52:f8:7d:f8:7b:ca:db:28:ee:7f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=508b29f5a058d8730589f982c7df666d882097db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:1a:43:73:a5:36:c8:24:8d:cb:89:98:85:
53:6a:5b:5c:25:12:80:88:55:df:10:9b:8e:75:c7:
42:35:e5:67:35:42:8c:c8:f7:8d:49:4a:76:1d:23:
35:7a:06:7b:62:f7:c0:68:65:89:74:c8:64:d7:f9:
3e:e2:3d:d3:47:01:04:f7:61:e6:63:37:67:0f:6f:
fd:9b:7a:3b:18:ac:5d:67:97:62:e2:0a:af:75:01:
cc:cd:57:47:68:d3:78:32:cf:86:8d:28:b6:1c:70:
28:db:40:04:66:41:99:e4:8d:29:f7:7c:12:6a:a8:
1c:ae:b8:75:3e:b6:ab:2c:43:44:b1:fe:c5:62:c7:
fa:f9:24:c3:55:7a:06:91:0b:ab:68:ae:42:b9:b7:
45:b2:7d:b5:ce:a6:38:80:54:d7:27:fb:dc:e0:a3:
e6:5b:ee:a6:fe:cc:d5:69:71:49:0d:f6:bf:55:b5:
36:7e:7e:84:3a:9f:9e:12:35:75:12:ab:ff:4b:82:
c0:f0:16:6c:2e:a5:8d:37:01:9b:46:9e:11:67:47:
ee:85:ea:bf:82:11:8b:d0:ad:7c:03:49:ac:13:7f:
a6:30:3a:8e:47:1d:e7:b5:9d:25:59:4c:89:f8:be:
77:91:a1:8f:14:d7:14:1f:d0:6f:b7:76:2f:63:bf:
17:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8B:29:F5:A0:58:D8:73:05:89:F9:82:C7:DF:66:6D:88:20:97:DB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UIsp9aBY2HMFifmCx99mbYggl9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.49.0/24
82.153.228.0/23
213.218.237.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:a3:6b:3b:87:ce:e9:5a:c0:c9:76:52:16:a4:5c:ab:db:85:
c8:20:2d:17:70:91:9b:93:42:8a:82:94:e0:e6:19:b3:9e:3e:
f2:56:46:d2:c9:49:e0:87:9d:cb:f5:1a:88:aa:50:6e:52:bc:
e6:93:c5:d7:d4:e8:a7:77:60:9c:93:dc:61:f9:66:b2:3c:ef:
8a:e4:a4:df:ea:00:36:d9:dc:a1:36:60:27:2e:5d:70:d0:14:
0d:26:2b:23:3c:f3:54:28:5e:65:f3:c5:7d:3e:15:ef:c4:67:
72:86:c6:22:ef:46:1d:9e:66:bf:ae:25:a6:15:c2:ab:6b:72:
2e:93:a0:92:0b:2a:4d:48:b4:c8:c7:90:ca:fd:3a:1d:80:89:
62:b2:28:c4:47:d6:7a:65:ff:43:c3:a6:e0:31:01:37:4d:a4:
70:5b:eb:cb:45:9d:b9:67:15:05:a6:79:3c:39:a1:1c:a2:5b:
bb:e8:0a:84:32:fd:81:c0:6b:14:6d:4d:eb:2a:5b:1a:04:85:
1f:7a:30:b7:58:4f:c5:4e:7f:16:b8:73:22:50:57:11:ac:a1:
a3:c1:53:e9:5f:d6:89:b2:c5:dd:d4:b7:1f:1b:6f:02:f8:97:
df:3d:d5:ac:79:88:21:97:52:b0:8c:b1:84:5c:26:4f:01:68:
ba:5d:43:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRA8FWFL4ffh7ytso7n9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhiMjlmNWEwNThkODczMDU4OWY5ODJjN2RmNjY2ZDg4MjA5N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnQaQ3OlNsgkjcuJmIVTaltcJRKA
iFXfEJuOdcdCNeVnNUKMyPeNSUp2HSM1egZ7YvfAaGWJdMhk1/k+4j3TRwEE92Hm
YzdnD2/9m3o7GKxdZ5di4gqvdQHMzVdHaNN4Ms+GjSi2HHAo20AEZkGZ5I0p93wS
aqgcrrh1PrarLENEsf7FYsf6+STDVXoGkQuraK5CubdFsn21zqY4gFTXJ/vc4KPm
W+6m/szVaXFJDfa/VbU2fn6EOp+eEjV1Eqv/S4LA8BZsLqWNNwGbRp4RZ0fuheq/
ghGL0K18A0msE3+mMDqORx3ntZ0lWUyJ+L53kaGPFNcUH9Bvt3YvY78XXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFCLKfWgWNhzBYn5gsffZm2IIJfbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVUlzcDlhQlkySE1GaWZtQ3g5OW1iWWdnbDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpgxAwQB
UpnkAwQA1drtMA0GCSqGSIb3DQEBCwUAA4IBAQBfo2s7h87pWsDJdlIWpFyr24XI
IC0XcJGbk0KKgpTg5hmznj7yVkbSyUngh53L9RqIqlBuUrzmk8XX1Oind2Cck9xh
+WayPO+K5KTf6gA22dyhNmAnLl1w0BQNJisjPPNUKF5l88V9PhXvxGdyhsYi70Yd
nma/riWmFcKra3Iuk6CSCypNSLTIx5DK/TodgIlisijER9Z6Zf9Dw6bgMQE3TaRw
W+vLRZ25ZxUFpnk8OaEcolu76AqEMv2BwGsUbU3rKlsaBIUfejC3WE/FTn8WuHMi
UFcRrKGjwVPpX9aJssXd1LcfG28C+JffPdWseYghl1KwjLGEXCZPAWi6XUON
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:52:00 2025 by rpki-client