Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WXji3xixWWy4fzOAkDj12UtOHcE.roa
File: WXji3xixWWy4fzOAkDj12UtOHcE.roa (raw, json)
Hash identifier: y6nTZv1uPp6XXzE0SpiRe+Z90iMEFnWZfxtmDzOFAwc=
Subject key identifier: 59:78:E2:DF:18:B1:59:6C:B8:7F:33:80:90:38:F5:D9:4B:4E:1D:C1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019053BBBDDA526CCB52821FE8616DBCB749
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WXji3xixWWy4fzOAkDj12UtOHcE.roa
Signing time: Wed 26 Jun 2024 08:48:51 +0000
ROA not before: Wed 26 Jun 2024 08:48:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
109.176.239.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 16:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:bb:bd:da:52:6c:cb:52:82:1f:e8:61:6d:bc:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 26 08:48:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5978e2df18b1596cb87f33809038f5d94b4e1dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:87:06:8c:b5:29:c0:58:e9:35:d0:30:e1:
15:e8:47:23:ba:16:b2:ed:25:6d:35:2c:b6:57:64:
e6:67:af:21:6b:4a:80:d9:c2:de:a4:21:e9:b0:69:
f9:b0:56:a7:92:9e:bd:7a:09:4b:3b:a8:56:c4:5a:
95:d3:e6:15:d5:fd:2b:71:1e:7c:fe:7e:3c:5b:43:
e9:12:41:98:3a:22:50:cf:6d:55:cd:03:61:07:15:
23:c3:80:81:05:13:9f:ad:54:44:9d:09:de:3c:87:
1e:ba:f5:40:2f:27:48:03:68:bf:f4:fe:c0:44:06:
d6:96:6a:93:55:43:4e:58:66:e4:e4:d8:fc:90:fa:
a8:c3:a4:05:c1:2c:bf:84:9c:af:dd:b2:c1:51:fe:
88:5d:c6:5d:f3:3b:cf:03:ee:4a:3e:3a:d0:43:85:
be:f8:3e:1f:9d:bd:4a:f1:b1:a6:04:b8:d5:51:c4:
85:e9:1c:0e:2e:bf:ba:52:c4:f1:da:3d:1b:21:f2:
91:97:0d:67:70:77:30:6e:7a:e1:17:8a:15:56:f0:
fd:07:73:fa:d2:32:3a:32:04:2a:67:89:02:98:bf:
08:f7:e8:13:32:74:1d:21:3e:9c:dd:92:98:75:9b:
a8:13:de:05:fd:8f:9e:e4:90:34:d1:2b:8e:e7:0b:
72:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:78:E2:DF:18:B1:59:6C:B8:7F:33:80:90:38:F5:D9:4B:4E:1D:C1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WXji3xixWWy4fzOAkDj12UtOHcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
89.213.43.0/24
89.213.99.0/24
89.213.131.0/24
109.176.200.0/24
109.176.239.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
27:62:bf:03:e8:6b:ec:12:ef:8f:df:a0:7c:1e:10:20:36:d7:
59:78:ae:f8:dc:8d:ad:a5:98:ca:5b:8c:03:88:e5:ad:d9:f0:
18:0e:a8:98:e0:a8:de:86:f6:49:51:95:34:a7:5a:81:28:a0:
9d:e4:4a:73:64:c1:51:01:e8:5c:07:e7:06:aa:c7:fc:7a:08:
6d:71:09:78:b7:38:34:3f:11:e1:74:43:d7:08:1e:d6:05:94:
48:b6:ee:c7:87:0b:ca:9d:22:43:8d:e7:8a:49:1c:aa:0a:99:
97:28:81:aa:d7:bc:28:b3:9e:bb:c3:ca:83:86:03:15:5f:a4:
25:70:93:c7:d5:92:a1:40:e3:9a:ab:59:76:a0:d4:4d:66:d7:
0c:ed:cb:49:60:19:cd:52:b0:d2:98:8a:40:49:0f:2c:36:da:
58:e9:cb:6e:5f:84:58:fb:15:bf:65:89:82:fd:35:b7:2e:89:
df:7f:86:d1:cb:33:a8:82:e5:23:9a:fd:a7:9b:78:55:28:7f:
79:e2:14:86:12:2f:cb:99:54:d0:22:4d:43:27:2d:10:2d:0a:
5e:c1:09:b7:8d:fb:65:23:f5:fd:63:c4:cc:d1:54:d3:3e:27:
93:dd:75:bf:99:4f:2d:88:6e:7e:c8:a5:9b:2a:7f:c6:21:12:
79:ee:7e:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZBTu73aUmzLUoIf6GFtvLdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjI2MDg0ODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc4ZTJkZjE4YjE1OTZjYjg3ZjMzODA5MDM4ZjVkOTRiNGUxZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNSHBoy1KcBY6TXQMOEV6Ecjuhay
7SVtNSy2V2TmZ68ha0qA2cLepCHpsGn5sFankp69eglLO6hWxFqV0+YV1f0rcR58
/n48W0PpEkGYOiJQz21VzQNhBxUjw4CBBROfrVREnQnePIceuvVALydIA2i/9P7A
RAbWlmqTVUNOWGbk5Nj8kPqow6QFwSy/hJyv3bLBUf6IXcZd8zvPA+5KPjrQQ4W+
+D4fnb1K8bGmBLjVUcSF6RwOLr+6UsTx2j0bIfKRlw1ncHcwbnrhF4oVVvD9B3P6
0jI6MgQqZ4kCmL8I9+gTMnQdIT6c3ZKYdZuoE94F/Y+e5JA00SuO5wtyJwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFl44t8YsVlsuH8zgJA49dlLTh3BMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV1hqaTN4aXhXV3k0ZnpPQWtEajEyVXRPSGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUpnhAwQA
WdUrAwQAWdVjAwQAWdWDAwQAbbDIAwQAbbDvAwQA1YKbAwQA1drVAwQA1drhAwQA
1drjMA0GCSqGSIb3DQEBCwUAA4IBAQAnYr8D6GvsEu+P36B8HhAgNtdZeK743I2t
pZjKW4wDiOWt2fAYDqiY4KjehvZJUZU0p1qBKKCd5EpzZMFRAehcB+cGqsf8eght
cQl4tzg0PxHhdEPXCB7WBZRItu7HhwvKnSJDjeeKSRyqCpmXKIGq17wos567w8qD
hgMVX6QlcJPH1ZKhQOOaq1l2oNRNZtcM7ctJYBnNUrDSmIpASQ8sNtpY6ctuX4RY
+xW/ZYmC/TW3Lonff4bRyzOoguUjmv2nm3hVKH954hSGEi/LmVTQIk1DJy0QLQpe
wQm3jftlI/X9Y8TM0VTTPieT3XW/mU8tiG5+yKWbKn/GIRJ57n51
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:23 2025 by rpki-client