Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XNqYgXS3JGwp3V0dkq8wIx3Tm3M.roa
File: XNqYgXS3JGwp3V0dkq8wIx3Tm3M.roa (raw, json)
Hash identifier: lJNRtYl9KWB3eJRnV24wL+Uwt/bH0hBfrRaYXnYJA+s=
Subject key identifier: 5C:DA:98:81:74:B7:24:6C:29:DD:5D:1D:92:AF:30:23:1D:D3:9B:73
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019053B8BFCD752729187EE8043CF7596480
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XNqYgXS3JGwp3V0dkq8wIx3Tm3M.roa
Signing time: Wed 26 Jun 2024 08:45:34 +0000
ROA not before: Wed 26 Jun 2024 08:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197537
IP address blocks: 82.152.176.0/24 maxlen: 24
89.213.206.0/23 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.214.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
89.213.228.0/22 maxlen: 24
194.105.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 12:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:b8:bf:cd:75:27:29:18:7e:e8:04:3c:f7:59:64:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 26 08:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cda988174b7246c29dd5d1d92af30231dd39b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:59:85:71:bb:9c:25:43:f9:11:b4:b9:11:a8:
20:77:a7:a6:d7:b0:c0:e2:35:cb:28:fa:50:cc:b8:
72:3f:85:ed:9a:5b:e1:67:ec:6f:d2:af:a4:62:dd:
7c:8d:e7:8f:f2:fb:3b:15:f4:c7:21:b3:b7:ed:0d:
a2:90:e7:5b:2d:5b:e9:5d:bc:c6:12:04:6b:b7:68:
c4:5c:46:cf:a6:82:fa:ca:aa:59:47:fc:82:b4:a4:
22:cc:a4:64:70:fa:14:0b:3c:6a:8b:41:eb:46:d5:
f8:e2:e7:76:9c:7b:37:0e:3c:0e:0e:dd:01:57:f3:
2e:db:f1:80:a6:ef:37:37:d9:86:82:fb:06:49:8c:
a1:75:3a:3f:fb:a3:48:09:94:67:60:a1:2a:58:eb:
c2:ff:7a:9a:0b:9c:40:b4:a0:c0:7a:00:0b:ca:79:
e0:38:0e:04:dc:fb:41:61:67:1e:33:a1:bf:78:ac:
7e:62:68:b4:c6:17:09:1d:02:d6:c1:12:51:20:ed:
a7:68:49:d7:ca:1b:21:df:01:55:e9:46:01:d3:79:
f8:5c:43:af:97:6a:b1:d7:6b:64:6b:1a:e0:ff:46:
7a:b2:3d:53:90:4f:24:cd:79:9a:5f:1b:72:8e:28:
d9:b6:f6:a2:54:33:e7:af:3e:ab:e1:00:4b:76:76:
b5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DA:98:81:74:B7:24:6C:29:DD:5D:1D:92:AF:30:23:1D:D3:9B:73
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XNqYgXS3JGwp3V0dkq8wIx3Tm3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/24
89.213.206.0/23
89.213.212.0/24
89.213.214.0/23
89.213.228.0/22
194.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:f6:5c:de:ce:05:ac:49:48:12:a6:0d:11:37:5a:82:df:1c:
c9:d0:60:3d:0d:f6:6e:34:fe:62:31:3f:b7:e8:cd:19:3e:2a:
d4:f5:6e:db:cb:3c:f8:f8:fb:dc:89:70:9c:0c:1e:75:01:77:
d7:ba:bd:73:07:83:2d:84:fc:d1:a4:f0:c4:91:1c:8f:9a:3c:
0a:7f:0f:f1:33:9b:fe:14:44:d1:a1:c6:37:1a:59:ac:9f:ad:
52:8a:6e:35:48:26:46:9f:30:05:32:7c:9e:13:53:0d:b2:34:
a7:39:c9:26:1b:c3:68:dc:47:fe:a4:e6:79:b6:2d:08:80:e7:
26:04:47:52:5d:13:ff:e5:8e:87:02:4d:a0:0a:7d:36:7f:e6:
4e:15:8f:5f:31:72:96:56:5f:2c:ba:71:bd:85:91:a1:30:be:
01:8d:ab:b6:e1:bb:7c:49:c0:fe:4d:be:ea:75:f6:33:7b:aa:
ea:0a:4b:91:a5:28:f8:b8:0e:90:2c:c9:be:b9:51:46:0d:50:
5d:70:2c:32:17:96:7b:8a:e4:ea:7c:ef:af:b1:6d:a2:5e:a0:
ac:7a:eb:c8:90:dd:93:2a:d3:df:e6:b6:03:f3:49:2a:92:09:
a2:4d:35:cf:14:77:d6:73:b6:af:75:a5:9c:0e:97:dc:1f:07:
29:06:f9:28
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBTuL/NdScpGH7oBDz3WWSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjI2MDg0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RhOTg4MTc0YjcyNDZjMjlkZDVkMWQ5MmFmMzAyMzFkZDM5YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1mFcbucJUP5EbS5Eaggd6em17DA
4jXLKPpQzLhyP4XtmlvhZ+xv0q+kYt18jeeP8vs7FfTHIbO37Q2ikOdbLVvpXbzG
EgRrt2jEXEbPpoL6yqpZR/yCtKQizKRkcPoUCzxqi0HrRtX44ud2nHs3DjwODt0B
V/Mu2/GApu83N9mGgvsGSYyhdTo/+6NICZRnYKEqWOvC/3qaC5xAtKDAegALynng
OA4E3PtBYWceM6G/eKx+Ymi0xhcJHQLWwRJRIO2naEnXyhsh3wFV6UYB03n4XEOv
l2qx12tkaxrg/0Z6sj1TkE8kzXmaXxtyjijZtvaiVDPnrz6r4QBLdna1UQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFzamIF0tyRsKd1dHZKvMCMd05tzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWE5xWWdYUzNKR3dwM1YwZGtxOHdJeDNUbTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpiwAwQB
WdXOAwQAWdXUAwQBWdXWAwQCWdXkAwQCwmlMMA0GCSqGSIb3DQEBCwUAA4IBAQBf
9lzezgWsSUgSpg0RN1qC3xzJ0GA9DfZuNP5iMT+36M0ZPirU9W7byzz4+PvciXCc
DB51AXfXur1zB4MthPzRpPDEkRyPmjwKfw/xM5v+FETRocY3Glmsn61Sim41SCZG
nzAFMnyeE1MNsjSnOckmG8No3Ef+pOZ5ti0IgOcmBEdSXRP/5Y6HAk2gCn02f+ZO
FY9fMXKWVl8sunG9hZGhML4Bjau24bt8ScD+Tb7qdfYze6rqCkuRpSj4uA6QLMm+
uVFGDVBdcCwyF5Z7iuTqfO+vsW2iXqCseuvIkN2TKtPf5rYD80kqkgmiTTXPFHfW
c7avdaWcDpfcHwcpBvko
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:51 2025 by rpki-client