Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YUw4E6o_gqKu-qiMCwzxGdVC1M4.roa
File: YUw4E6o_gqKu-qiMCwzxGdVC1M4.roa (raw, json)
Hash identifier: GbWXZHnOAcXJOWtnqbZ4gUutoQE+nt+VNSYQJPsUt+A=
Subject key identifier: 61:4C:38:13:AA:3F:82:A2:AE:FA:A8:8C:0B:0C:F1:19:D5:42:D4:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191CDB824589C82CB9E152D5F14D6AEFD6F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YUw4E6o_gqKu-qiMCwzxGdVC1M4.roa
Signing time: Sat 07 Sep 2024 18:21:22 +0000
ROA not before: Sat 07 Sep 2024 18:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 14:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:b8:24:58:9c:82:cb:9e:15:2d:5f:14:d6:ae:fd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 7 18:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=614c3813aa3f82a2aefaa88c0b0cf119d542d4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:36:e3:52:74:05:4e:0c:71:fc:eb:cd:60:77:
23:2b:af:a3:47:81:13:a2:c6:f1:09:3f:96:77:9f:
7d:99:0b:d6:58:20:ca:f4:e5:d0:c9:ea:91:1f:72:
b2:43:52:59:22:9d:0a:d3:2e:e2:0a:51:bc:d1:b5:
8c:56:6b:74:99:2c:9b:ff:13:4d:af:ca:52:bb:bf:
ef:07:33:d9:6f:46:31:83:91:e2:2b:8c:9e:c7:db:
96:c9:55:7a:6d:fa:5e:b6:df:b3:e0:c5:2c:69:10:
2f:d4:c4:42:4a:cb:f1:c5:bf:d6:d2:0f:8b:c9:5e:
2e:8f:79:ba:f9:63:00:6a:29:dc:14:28:e4:8e:df:
ee:48:2f:a2:8d:1a:6e:8e:03:98:a3:3d:2d:cd:e0:
0b:d6:9d:aa:73:15:18:78:6b:2d:f6:8d:44:f8:65:
6b:3d:27:99:98:d8:a6:23:fe:0f:bd:7b:31:7f:cb:
37:84:a0:45:86:ef:f6:c7:ac:50:fe:8a:74:1a:12:
25:52:6c:de:3f:a0:1b:d8:f6:a5:cb:7b:70:13:d2:
44:dd:fd:02:69:df:54:a2:32:19:df:52:e2:38:b5:
0a:a9:c9:32:d2:bd:2e:1d:18:97:bc:27:de:d7:55:
b9:a3:e4:3c:73:c5:40:b1:8d:93:0a:97:27:f8:48:
ff:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4C:38:13:AA:3F:82:A2:AE:FA:A8:8C:0B:0C:F1:19:D5:42:D4:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YUw4E6o_gqKu-qiMCwzxGdVC1M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
10:0d:99:d1:6c:d6:81:ab:35:9e:fc:83:77:fc:a9:8d:64:85:
9e:af:32:5b:7c:ec:2c:c6:ad:d8:2e:f9:32:f8:d5:a6:94:b1:
1a:8a:68:5b:31:08:f4:e7:a3:3a:57:73:fb:10:85:f5:b7:e9:
47:ff:04:4e:a4:9f:c2:0f:68:19:3f:3c:35:2e:25:e4:60:f2:
88:07:7f:85:05:00:7c:e8:3b:f3:2e:03:35:c7:af:33:80:a7:
e3:46:5e:9c:4b:f8:0d:57:ea:74:10:45:61:05:a7:11:c6:51:
f9:a8:56:0d:4b:b5:6f:1a:2f:fd:67:4f:07:82:1f:8c:ed:bb:
bf:df:3b:d8:3b:8d:1b:8f:59:b2:72:f9:fb:3f:95:2b:aa:6b:
40:76:b2:93:6e:fc:d0:16:e1:56:48:7d:92:ba:f0:37:2b:98:
31:8a:4d:45:3b:c7:3c:61:4a:a8:6f:00:dc:88:41:22:b2:6c:
ab:79:dc:e9:36:e6:48:a7:57:d8:11:40:51:c5:7c:33:62:54:
91:df:eb:6f:5b:96:60:a2:55:47:a3:0b:26:a5:22:c0:34:1b:
df:dd:eb:4c:ef:a9:69:91:76:57:b2:3f:eb:8c:15:3e:5f:0f:
cb:99:08:86:89:75:4d:06:c6:d9:bd:c9:58:4d:29:f1:9b:9f:
65:8d:5f:76
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZHNuCRYnILLnhUtXxTWrv1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA3MTgyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRjMzgxM2FhM2Y4MmEyYWVmYWE4OGMwYjBjZjExOWQ1NDJkNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zbjUnQFTgxx/OvNYHcjK6+jR4ET
osbxCT+Wd599mQvWWCDK9OXQyeqRH3KyQ1JZIp0K0y7iClG80bWMVmt0mSyb/xNN
r8pSu7/vBzPZb0Yxg5HiK4yex9uWyVV6bfpett+z4MUsaRAv1MRCSsvxxb/W0g+L
yV4uj3m6+WMAaincFCjkjt/uSC+ijRpujgOYoz0tzeAL1p2qcxUYeGst9o1E+GVr
PSeZmNimI/4PvXsxf8s3hKBFhu/2x6xQ/op0GhIlUmzeP6Ab2Paly3twE9JE3f0C
ad9UojIZ31LiOLUKqcky0r0uHRiXvCfe11W5o+Q8c8VAsY2TCpcn+Ej/IwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGFMOBOqP4KirvqojAsM8RnVQtTOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVV3NEU2b19ncUt1LXFpTUN3enhHZFZDMU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdVrAwQBWdVwAwQAWdV0AwQAWdV5AwQA
WdWdAwQAWdXjAwQA1YKJMAwDBAPVgpgDBADVgpowDQYJKoZIhvcNAQELBQADggEB
ABANmdFs1oGrNZ78g3f8qY1khZ6vMlt87CzGrdgu+TL41aaUsRqKaFsxCPTnozpX
c/sQhfW36Uf/BE6kn8IPaBk/PDUuJeRg8ogHf4UFAHzoO/MuAzXHrzOAp+NGXpxL
+A1X6nQQRWEFpxHGUfmoVg1LtW8aL/1nTweCH4ztu7/fO9g7jRuPWbJy+fs/lSuq
a0B2spNu/NAW4VZIfZK68DcrmDGKTUU7xzxhSqhvANyIQSKybKt53Ok25kinV9gR
QFHFfDNiVJHf629blmCiVUejCyalIsA0G9/d60zvqWmRdleyP+uMFT5fD8uZCIaJ
dU0Gxtm9yVhNKfGbn2WNX3Y=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:18 2025 by rpki-client