Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WuUYNSJXLDbdhxFQzZMZej-tTmE.roa
File: WuUYNSJXLDbdhxFQzZMZej-tTmE.roa (raw, json)
Hash identifier: AeerpeHKHteVmCrYUSPiXXVnFjtkACnwFAvsJLM9VaQ=
Subject key identifier: 5A:E5:18:35:22:57:2C:36:DD:87:11:50:CD:93:19:7A:3F:AD:4E:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194F5D150049BA14FA5FD49B74A1550889C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WuUYNSJXLDbdhxFQzZMZej-tTmE.roa
Signing time: Tue 11 Feb 2025 16:22:02 +0000
ROA not before: Tue 11 Feb 2025 16:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.156.0/24 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 09:45:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f5:d1:50:04:9b:a1:4f:a5:fd:49:b7:4a:15:50:88:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 11 16:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ae5183522572c36dd871150cd93197a3fad4e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8c:91:6c:2c:76:10:e7:b8:2d:d7:87:c6:81:
e9:76:61:cf:b9:53:ab:7b:50:b3:b5:1b:b1:a4:9a:
3b:e8:a9:d3:bc:94:d1:86:96:08:f8:65:16:b3:4e:
c5:b6:88:c9:03:b7:1d:15:52:c9:7f:f1:d1:c9:ae:
3e:6f:c1:25:9c:41:56:3e:9c:ef:97:9a:21:50:d1:
d8:ec:71:7d:70:21:6f:5f:80:9e:b2:52:eb:4f:9a:
96:d6:5e:d0:92:62:ba:31:fb:2a:9b:b8:d0:b9:07:
d6:d2:85:2e:1e:80:fc:5c:1e:40:67:67:7e:4b:0a:
9c:a8:74:f9:6e:00:aa:b5:12:9a:7e:86:34:cc:ff:
ca:75:19:23:51:1a:a0:bf:62:79:5e:ba:14:9f:e7:
b5:43:b8:de:3e:28:15:db:2d:39:95:2e:22:76:da:
b5:4e:80:f1:b7:19:11:4c:77:ef:d0:e7:f5:21:b9:
8e:d1:36:c5:87:d1:31:4a:1e:c4:4e:72:04:5a:78:
40:92:19:a0:bb:68:1f:dd:9e:56:b4:14:e6:ae:a3:
0d:64:56:da:64:cc:02:9b:dc:a8:c9:15:8d:b8:6a:
a4:b2:89:e4:22:fb:16:ba:89:a2:b1:95:63:9f:0a:
b5:e7:cf:31:1c:dd:41:30:2e:d4:c2:ab:94:34:4b:
96:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E5:18:35:22:57:2C:36:DD:87:11:50:CD:93:19:7A:3F:AD:4E:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WuUYNSJXLDbdhxFQzZMZej-tTmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.156.0/24
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
81:51:16:3a:21:da:08:13:68:3e:ab:fd:47:5f:c1:5e:d0:af:
ff:3d:d7:ef:a2:33:dc:ea:ea:af:66:ff:52:06:0b:56:05:58:
c8:63:eb:94:c7:59:36:c3:e0:d3:6b:ac:67:52:86:7d:4e:bb:
fb:3f:76:a2:e2:8a:f9:e9:f8:80:19:0a:23:b8:6e:17:88:9f:
73:ac:54:7e:32:c2:10:f5:d3:80:99:c2:3c:79:78:12:e4:1a:
d0:02:35:e0:23:b8:4a:48:fe:df:73:4a:d6:e4:55:55:a7:33:
48:61:76:fa:2d:6d:a0:06:c9:4d:42:92:68:f8:b5:11:da:31:
52:38:28:92:e4:ed:6c:54:f3:34:86:61:66:a8:94:80:04:42:
c2:b0:be:67:21:49:24:9f:4b:72:e2:30:e5:fc:95:aa:9e:50:
ed:28:d3:18:e5:0a:86:4f:85:5f:15:1b:de:cf:ef:8a:32:87:
c5:0f:cd:6d:8a:95:ba:c8:15:a8:dd:28:d9:dc:4e:3d:69:ac:
cd:a1:65:cf:e4:db:ce:60:ce:65:ec:21:17:33:d8:f3:21:b2:
74:c2:7d:90:71:26:0d:eb:4b:d2:8a:64:5b:64:86:d1:f5:5e:
f0:ab:46:d0:db:ee:b1:55:d5:06:a9:a6:21:40:b7:db:9a:f6:
24:98:b4:cd
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZT10VAEm6FPpf1Jt0oVUIicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjExMTYyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWU1MTgzNTIyNTcyYzM2ZGQ4NzExNTBjZDkzMTk3YTNmYWQ0ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYyRbCx2EOe4LdeHxoHpdmHPuVOr
e1CztRuxpJo76KnTvJTRhpYI+GUWs07FtojJA7cdFVLJf/HRya4+b8ElnEFWPpzv
l5ohUNHY7HF9cCFvX4CeslLrT5qW1l7QkmK6Mfsqm7jQuQfW0oUuHoD8XB5AZ2d+
SwqcqHT5bgCqtRKafoY0zP/KdRkjURqgv2J5XroUn+e1Q7jePigV2y05lS4idtq1
ToDxtxkRTHfv0Of1IbmO0TbFh9ExSh7ETnIEWnhAkhmgu2gf3Z5WtBTmrqMNZFba
ZMwCm9yoyRWNuGqksonkIvsWuomisZVjnwq1588xHN1BMC7UwquUNEuWFwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFFrlGDUiVyw23YcRUM2TGXo/rU5hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV3VVWU5TSlhMRGJkaHhGUXpaTVplai10VG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnV
OAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQD
BAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnVoAMEAFnV
tQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwD
BAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBADVgpwDBADVmCsDBALV0jQD
BADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAgVEW
OiHaCBNoPqv9R1/BXtCv/z3X76Iz3Orqr2b/UgYLVgVYyGPrlMdZNsPg02usZ1KG
fU67+z92ouKK+en4gBkKI7huF4ifc6xUfjLCEPXTgJnCPHl4EuQa0AI14CO4Skj+
33NK1uRVVaczSGF2+i1toAbJTUKSaPi1EdoxUjgokuTtbFTzNIZhZqiUgARCwrC+
ZyFJJJ9LcuIw5fyVqp5Q7SjTGOUKhk+FXxUb3s/vijKHxQ/NbYqVusgVqN0o2dxO
PWmszaFlz+TbzmDOZewhFzPY8yGydMJ9kHEmDetL0opkW2SG0fVe8KtG0NvusVXV
BqmmIUC325r2JJi0zQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:18:04 2025 by rpki-client