Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wiv2Nr3z7fbO1JL8psPXLDg-iss.roa
File: Wiv2Nr3z7fbO1JL8psPXLDg-iss.roa (raw, json)
Hash identifier: qfe1bFEG5OeEoU5fs99EQI99O5sBqyZ6d818aEiZ5KU=
Subject key identifier: 5A:2B:F6:36:BD:F3:ED:F6:CE:D4:92:FC:A6:C3:D7:2C:38:3E:8A:CB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01914AC218045CDA709566F574DF23962021
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wiv2Nr3z7fbO1JL8psPXLDg-iss.roa
Signing time: Tue 13 Aug 2024 08:01:59 +0000
ROA not before: Tue 13 Aug 2024 08:01:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 12:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:c2:18:04:5c:da:70:95:66:f5:74:df:23:96:20:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 13 08:01:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a2bf636bdf3edf6ced492fca6c3d72c383e8acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0e:40:1a:87:1d:48:82:13:a9:77:4a:c2:29:
88:b3:75:cb:69:dd:72:b9:b3:ef:15:9b:78:38:bf:
68:44:5e:30:ad:72:98:b8:95:fa:b7:5e:7e:d3:ae:
72:1f:05:7c:7f:3b:c8:b6:5a:38:b2:ed:f0:b3:e1:
1b:68:8e:4b:b7:2b:43:db:fb:ec:f4:6c:86:ad:cd:
b4:ff:b8:f6:03:39:77:f4:79:13:35:d8:54:7f:59:
25:f2:d7:5e:85:63:fa:8a:96:1a:9b:e9:1e:46:66:
e9:f4:3c:94:45:df:9c:7d:c9:81:9f:6b:25:2a:ef:
10:e3:82:63:aa:48:20:fc:a5:94:3c:2c:f6:b7:3c:
7e:5f:db:20:c1:c5:dc:1f:1a:32:07:4d:7c:eb:96:
a8:d8:72:4e:62:64:69:3c:d4:4b:61:66:d6:78:bb:
7c:e5:d4:27:6c:9a:9e:4e:20:96:bc:e1:b6:92:34:
55:5d:5d:c2:4b:57:75:ff:d7:97:28:b2:54:4f:ed:
02:a1:1a:b0:b3:cd:23:dc:d5:38:00:89:8e:df:59:
8f:2e:8c:1b:6a:aa:fc:7c:f0:68:53:44:80:68:3f:
e3:39:b0:fd:5f:6c:b7:4d:0a:6d:28:98:af:e5:a0:
bc:c6:1a:9f:74:ef:10:01:27:a2:92:4c:d2:84:91:
09:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2B:F6:36:BD:F3:ED:F6:CE:D4:92:FC:A6:C3:D7:2C:38:3E:8A:CB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Wiv2Nr3z7fbO1JL8psPXLDg-iss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
47:55:74:3e:19:b8:d0:70:fa:72:66:fd:85:da:ef:3a:9f:27:
e5:f9:95:72:09:60:bb:c9:5a:03:a8:2f:f0:32:2d:e5:7d:09:
0d:d5:c5:b2:d4:51:76:c9:be:73:b5:66:38:b1:24:54:10:5e:
bc:4e:47:4e:6d:34:c7:23:e5:70:e9:b3:11:cc:68:18:57:10:
2e:de:fd:23:7a:22:06:88:51:5f:2e:70:5b:59:7c:2e:00:1b:
f6:0c:54:34:48:42:11:62:65:9f:4f:3e:86:eb:36:bc:38:4c:
c6:34:9a:98:9f:e2:85:c3:98:fb:0d:7c:ff:03:22:e9:13:0b:
f0:6f:72:c3:75:f4:9a:26:23:0f:c7:be:7e:03:fe:f3:14:46:
38:b9:cb:31:9e:49:84:71:25:e6:1e:62:4f:2a:7b:a5:32:09:
a2:c0:bc:7f:76:39:25:d8:fb:4a:32:a0:c9:7f:a5:51:3a:42:
63:90:c3:8e:a5:1b:0a:71:4f:bc:c4:71:54:9c:f9:13:4b:df:
d7:9a:14:ba:30:c8:21:41:84:33:3e:a5:3b:b3:6a:1c:c2:39:
df:d5:96:42:db:e1:84:2a:d0:67:e9:f7:33:79:5d:f8:66:57:
a0:88:ed:56:5a:1f:c2:aa:99:77:a8:c4:4a:78:9e:0b:af:55:
94:ad:49:90
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZFKwhgEXNpwlWb1dN8jliAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODEzMDgwMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJiZjYzNmJkZjNlZGY2Y2VkNDkyZmNhNmMzZDcyYzM4M2U4YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg5AGocdSIITqXdKwimIs3XLad1y
ubPvFZt4OL9oRF4wrXKYuJX6t15+065yHwV8fzvItlo4su3ws+EbaI5LtytD2/vs
9GyGrc20/7j2Azl39HkTNdhUf1kl8tdehWP6ipYam+keRmbp9DyURd+cfcmBn2sl
Ku8Q44Jjqkgg/KWUPCz2tzx+X9sgwcXcHxoyB01865ao2HJOYmRpPNRLYWbWeLt8
5dQnbJqeTiCWvOG2kjRVXV3CS1d1/9eXKLJUT+0CoRqws80j3NU4AImO31mPLowb
aqr8fPBoU0SAaD/jObD9X2y3TQptKJiv5aC8xhqfdO8QASeikkzShJEJzQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFFor9ja98+32ztSS/KbD1yw4PorLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV2l2Mk5yM3o3ZmJPMUpMOHBzUFhMRGctaXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAFS
mLADBAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAMEBVnVgAMEAFnVpwME
AlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwDBAG5
MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQELBQAD
ggEBAEdVdD4ZuNBw+nJm/YXa7zqfJ+X5lXIJYLvJWgOoL/AyLeV9CQ3VxbLUUXbJ
vnO1ZjixJFQQXrxOR05tNMcj5XDpsxHMaBhXEC7e/SN6IgaIUV8ucFtZfC4AG/YM
VDRIQhFiZZ9PPobrNrw4TMY0mpif4oXDmPsNfP8DIukTC/BvcsN19JomIw/Hvn4D
/vMURji5yzGeSYRxJeYeYk8qe6UyCaLAvH92OSXY+0oyoMl/pVE6QmOQw46lGwpx
T7zEcVSc+RNL39eaFLowyCFBhDM+pTuzahzCOd/VlkLb4YQq0Gfp9zN5XfhmV6CI
7VZaH8KqmXeoxEp4nguvVZStSZA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:06 2025 by rpki-client