Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UR3h55braW_qxfq4-ofBCihdBmc.roa
File: UR3h55braW_qxfq4-ofBCihdBmc.roa (raw, json)
Hash identifier: 5UZVfmmHDv4cB6ifKXATswhwFSuFgVzKmbY09rKDpDg=
Subject key identifier: 51:1D:E1:E7:96:EB:69:6F:EA:C5:FA:B8:FA:87:C1:0A:28:5D:06:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190359FAB144920F5D213535537FC31A1E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UR3h55braW_qxfq4-ofBCihdBmc.roa
Signing time: Thu 20 Jun 2024 12:29:34 +0000
ROA not before: Thu 20 Jun 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 14:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:9f:ab:14:49:20:f5:d2:13:53:55:37:fc:31:a1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 20 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=511de1e796eb696feac5fab8fa87c10a285d0667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:09:eb:7c:02:c9:a3:8a:64:2b:b7:27:bb:66:
9f:36:4d:3e:67:a8:a1:5a:d0:5b:61:a2:6f:d7:0c:
ab:59:86:e9:a8:19:1d:b6:ee:04:d4:ad:9f:66:89:
40:98:56:ae:7a:ad:09:49:a3:83:99:12:83:e9:ec:
92:3e:97:f8:8a:50:d2:91:6a:64:c7:4e:0e:48:41:
e0:f2:80:e2:8b:c5:10:e6:4a:01:e8:1d:09:74:ff:
8b:fb:44:3e:05:75:50:ec:c4:44:7f:0c:f9:0e:66:
0a:85:2a:7f:ea:25:5e:0b:cc:d6:6f:8a:1c:ed:e5:
74:6d:68:d8:c3:02:8e:03:88:ee:15:0d:46:4c:68:
bb:36:f8:23:ff:6f:cf:5a:65:70:75:a1:40:d3:3d:
bb:f0:35:f6:bb:64:ad:d5:dc:e1:ef:5a:ca:ff:db:
bc:a5:89:6e:4a:76:f3:16:6f:f0:a5:6e:37:73:fe:
e3:52:ca:3a:5a:a9:bf:3b:a7:73:92:73:7b:0c:57:
cc:01:fc:d5:e3:3e:93:a3:ee:dd:57:71:f6:67:d6:
34:f2:60:b8:9b:34:f4:dd:1b:19:3d:69:75:5c:4f:
21:4a:8e:5b:17:d2:cb:cb:5c:a9:00:e4:9b:4c:74:
b5:15:cf:31:2e:fe:4b:59:61:86:35:a0:71:40:6c:
41:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1D:E1:E7:96:EB:69:6F:EA:C5:FA:B8:FA:87:C1:0A:28:5D:06:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UR3h55braW_qxfq4-ofBCihdBmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0/23
82.152.98.0/24
82.152.131.0/24
82.153.55.0/24
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
82.153.207.0/24
82.163.0.0/24
89.213.197.0/24
109.176.193.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.63.0/24
213.218.211.0/24
213.218.224.0/24
213.218.233.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
47:54:77:63:08:cc:fd:b0:65:95:55:4c:93:ca:b1:46:85:09:
00:4e:23:26:17:bb:51:18:95:6e:55:d9:cc:92:1f:57:b2:12:
7e:06:ab:71:14:71:0f:94:08:9a:f8:9d:f9:0f:26:8b:8e:4c:
87:d3:f8:47:a4:f7:48:04:1a:73:41:45:25:1d:d6:50:62:1f:
79:ce:af:32:ce:f6:6a:0c:e7:81:ca:83:32:dc:36:bb:20:08:
2b:48:a0:52:2f:6f:19:26:7a:fe:6c:ae:0a:70:cb:bf:c5:5c:
f0:73:04:09:1a:6a:09:9c:7e:e5:d7:49:b2:f2:b7:41:8f:58:
4d:3b:6e:b7:a8:cd:88:25:a7:eb:ef:18:f0:d6:8b:cc:da:f0:
37:41:51:f7:fc:91:53:2d:2d:2d:fd:98:77:77:29:b2:de:53:
da:3c:a0:b0:c1:f2:b3:c2:ed:0a:f6:84:97:73:15:6a:f7:ed:
e8:9e:c2:1b:3c:d3:0b:4f:0a:7b:aa:5f:0d:ff:42:71:68:3b:
16:61:12:a7:aa:21:b7:f1:0b:5f:ae:e4:42:f4:e8:e5:d6:a2:
a3:9b:b6:9f:41:84:d4:bd:50:66:ea:16:7e:bc:6a:56:83:b6:
45:91:1e:29:3b:60:8e:9e:92:b1:73:e1:e6:09:8a:07:70:23:
2c:86:50:cb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZA1n6sUSSD10hNTVTf8MaHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIwMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFkZTFlNzk2ZWI2OTZmZWFjNWZhYjhmYTg3YzEwYTI4NWQwNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgnrfALJo4pkK7cnu2afNk0+Z6ih
WtBbYaJv1wyrWYbpqBkdtu4E1K2fZolAmFaueq0JSaODmRKD6eySPpf4ilDSkWpk
x04OSEHg8oDii8UQ5koB6B0JdP+L+0Q+BXVQ7MREfwz5DmYKhSp/6iVeC8zWb4oc
7eV0bWjYwwKOA4juFQ1GTGi7Nvgj/2/PWmVwdaFA0z278DX2u2St1dzh71rK/9u8
pYluSnbzFm/wpW43c/7jUso6Wqm/O6dzknN7DFfMAfzV4z6To+7dV3H2Z9Y08mC4
mzT03RsZPWl1XE8hSo5bF9LLy1ypAOSbTHS1Fc8xLv5LWWGGNaBxQGxB5QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFEd4eeW62lv6sX6uPqHwQooXQZnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVVIzaDU1YnJhV19xeGZxNC1vZkJDaWhkQm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABR
qHoDBAFSmAQDBABSmGIDBABSmIMDBABSmTcDBABSmZkDBABSmZwDBABSmcgDBABS
mc8DBABSowADBABZ1cUDBABtsMEwDAMEAG2w5QMEAG2w5gMEAG2w9AMEANQmTwME
AdWClgMEANXSPwMEANXa0wMEANXa4AMEANXa6QMEANXa+TANBgkqhkiG9w0BAQsF
AAOCAQEAR1R3YwjM/bBllVVMk8qxRoUJAE4jJhe7URiVblXZzJIfV7ISfgarcRRx
D5QImvid+Q8mi45Mh9P4R6T3SAQac0FFJR3WUGIfec6vMs72agzngcqDMtw2uyAI
K0igUi9vGSZ6/myuCnDLv8Vc8HMECRpqCZx+5ddJsvK3QY9YTTtut6jNiCWn6+8Y
8NaLzNrwN0FR9/yRUy0tLf2Yd3cpst5T2jygsMHys8LtCvaEl3MVavft6J7CGzzT
C08Ke6pfDf9CcWg7FmESp6oht/ELX67kQvTo5daio5u2n0GE1L1QZuoWfrxqVoO2
RZEeKTtgjp6SsXPh5gmKB3AjLIZQyw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:13 2025 by rpki-client