Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X1OI0epfEa-I0OsHHFJ8n05EsiA.roa
File: X1OI0epfEa-I0OsHHFJ8n05EsiA.roa (raw, json)
Hash identifier: 24KR6SQAa7hW9pkCVcOtJzj9zpi0kVmOlq8E44q+n9k=
Subject key identifier: 5F:53:88:D1:EA:5F:11:AF:88:D0:EB:07:1C:52:7C:9F:4E:44:B2:20
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01938859DC4636CCD3D534DB72124C0E6C85
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X1OI0epfEa-I0OsHHFJ8n05EsiA.roa
Signing time: Mon 02 Dec 2024 17:10:10 +0000
ROA not before: Mon 02 Dec 2024 17:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.253.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.251.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 09:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:59:dc:46:36:cc:d3:d5:34:db:72:12:4c:0e:6c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 2 17:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5388d1ea5f11af88d0eb071c527c9f4e44b220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:12:9e:7a:9a:a7:f5:45:45:96:d5:0a:b6:b4:
29:e0:8f:70:79:83:dd:10:b6:45:2a:45:67:37:7a:
40:89:3e:98:24:18:f1:c9:12:cc:e5:b1:74:f2:53:
b8:ee:74:41:d9:07:23:0a:d1:f4:b5:bc:9b:1e:3f:
58:fa:c8:47:70:d8:d6:41:91:a1:b3:5c:f8:c7:62:
61:da:0d:28:8e:b2:c3:12:c4:2f:aa:56:a1:e8:cd:
04:40:cb:95:eb:b4:b2:d0:64:26:5a:fb:e3:3e:0f:
9a:89:3b:4f:c8:7b:89:78:a4:f8:e3:04:f1:b3:b1:
fc:0c:4a:8f:d6:18:ad:29:9d:b1:3f:5e:17:6e:a2:
e6:18:bc:fb:5e:96:c2:e3:e3:e2:be:1a:39:59:0b:
74:a2:0f:90:7a:80:e0:2f:90:46:7b:64:60:7a:45:
7c:0e:5e:31:4e:d9:0b:c4:8e:0b:7a:d8:92:7f:e2:
c4:33:09:ed:04:56:d8:6f:2c:91:45:37:74:43:05:
0e:f7:6e:73:7c:bc:49:a0:2a:4d:de:d7:6d:15:50:
62:98:dc:2e:79:9f:ef:6c:16:7c:d2:15:35:7f:a5:
b2:34:7a:e0:9e:9e:bf:96:27:20:83:7d:3b:31:4c:
d2:4f:74:a4:ca:fd:c3:a3:cc:c7:e0:2d:46:c6:37:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:53:88:D1:EA:5F:11:AF:88:D0:EB:07:1C:52:7C:9F:4E:44:B2:20
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X1OI0epfEa-I0OsHHFJ8n05EsiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
109.176.253.0/24
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.210.0/23
213.218.251.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:e1:60:7d:7e:7d:e0:10:79:0b:a3:40:54:73:a5:54:51:39:
57:0d:be:2d:6e:30:83:d8:2a:c0:0a:ac:6c:49:9a:8f:24:16:
82:c1:88:cc:75:80:e8:70:c5:fc:1c:c7:d3:30:23:be:7c:8d:
40:c7:0a:be:7b:15:c4:9a:6b:eb:ec:e8:e3:9a:fc:b1:44:35:
a0:48:df:4a:11:dd:ea:c4:43:ee:38:53:5b:63:2d:c3:ab:37:
33:b8:1e:bc:93:ad:b9:ad:62:80:41:fc:55:dc:e8:d5:75:29:
04:40:20:83:7a:fe:6e:48:e0:0f:65:45:67:b0:29:66:68:71:
91:d7:46:72:95:10:16:b5:2d:e8:b6:85:a9:61:61:fd:16:73:
bd:42:a0:c1:be:3f:4f:bf:0d:cf:37:79:6d:80:30:ac:83:66:
06:76:72:cf:00:36:4f:d2:b6:f8:11:d4:e9:d1:d5:1d:f6:5b:
1b:0b:01:60:41:03:92:da:82:95:5f:d9:be:29:a9:2b:ab:ca:
eb:31:1f:a3:99:1f:32:c9:04:c4:fe:af:0f:23:a5:a2:03:34:
98:66:27:d5:68:2a:02:90:af:38:0d:b8:52:0c:6a:8b:52:41:
d5:2b:d8:8d:92:c0:25:f0:9b:29:0c:cd:a8:42:85:14:75:d1:
41:8a:4a:57
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZOIWdxGNszT1TTbchJMDmyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAyMTcxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUzODhkMWVhNWYxMWFmODhkMGViMDcxYzUyN2M5ZjRlNDRiMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RKeepqn9UVFltUKtrQp4I9weYPd
ELZFKkVnN3pAiT6YJBjxyRLM5bF08lO47nRB2QcjCtH0tbybHj9Y+shHcNjWQZGh
s1z4x2Jh2g0ojrLDEsQvqlah6M0EQMuV67Sy0GQmWvvjPg+aiTtPyHuJeKT44wTx
s7H8DEqP1hitKZ2xP14XbqLmGLz7XpbC4+Pivho5WQt0og+QeoDgL5BGe2RgekV8
Dl4xTtkLxI4LetiSf+LEMwntBFbYbyyRRTd0QwUO925zfLxJoCpN3tdtFVBimNwu
eZ/vbBZ80hU1f6WyNHrgnp6/licgg307MUzST3Skyv3Do8zH4C1Gxje5JQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFF9TiNHqXxGviNDrBxxSfJ9ORLIgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWDFPSTBlcGZFYS1JME9zSEhGSjhuMDVFc2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABR
qH4DBABSmAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAME
Am2wzAMEAW2w8gMEAG2w/QMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAMEAdXa0gME
ANXa+zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAd4WB9
fn3gEHkLo0BUc6VUUTlXDb4tbjCD2CrACqxsSZqPJBaCwYjMdYDocMX8HMfTMCO+
fI1Axwq+exXEmmvr7OjjmvyxRDWgSN9KEd3qxEPuOFNbYy3DqzczuB68k625rWKA
QfxV3OjVdSkEQCCDev5uSOAPZUVnsClmaHGR10ZylRAWtS3otoWpYWH9FnO9QqDB
vj9Pvw3PN3ltgDCsg2YGdnLPADZP0rb4EdTp0dUd9lsbCwFgQQOS2oKVX9m+Kakr
q8rrMR+jmR8yyQTE/q8PI6WiAzSYZifVaCoCkK84DbhSDGqLUkHVK9iNksAl8Jsp
DM2oQoUUddFBikpX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:01 2025 by rpki-client