Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YWHYBdGgSY6KAIsT-sRWsnklWd8.roa
File: YWHYBdGgSY6KAIsT-sRWsnklWd8.roa (raw, json)
Hash identifier: jNfIkX4nRC9ApnWUJ3OgnMNQsioN5n65QYhixXCWi0Q=
Subject key identifier: 61:61:D8:05:D1:A0:49:8E:8A:00:8B:13:FA:C4:56:B2:79:25:59:DF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019460F147ACF9825D0E09BDDB6B587BEA7B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YWHYBdGgSY6KAIsT-sRWsnklWd8.roa
Signing time: Mon 13 Jan 2025 18:33:32 +0000
ROA not before: Mon 13 Jan 2025 18:33:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 81.5.156.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.152.250.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.67.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
89.213.170.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
213.152.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 15:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:f1:47:ac:f9:82:5d:0e:09:bd:db:6b:58:7b:ea:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 13 18:33:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6161d805d1a0498e8a008b13fac456b2792559df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:10:7d:e3:2e:c5:05:6f:f4:8f:ec:36:b2:d5:
2e:64:09:14:a7:bc:5f:12:ae:99:c2:01:2e:fa:f0:
43:00:a1:84:52:d3:b2:1d:1c:43:c0:ee:8f:3b:d2:
a1:7d:18:e3:05:93:19:3b:17:5d:8b:a5:bb:b9:8a:
08:bf:68:60:9f:7d:28:80:33:6a:3e:06:67:99:83:
19:c8:35:bc:5a:d7:e9:4f:b5:60:ef:d9:4b:42:68:
a0:80:8d:e8:33:e8:6a:01:a6:ba:52:19:d5:1b:28:
52:89:1f:46:e1:c9:01:d2:3f:29:d5:da:1f:a7:57:
74:8b:78:3d:39:72:89:36:63:8f:13:f7:f4:da:c5:
18:c7:69:fa:2d:3d:a1:0b:3c:7d:81:f4:01:68:ed:
ad:cd:22:d4:64:9c:e0:18:57:42:4d:97:a1:71:83:
d2:5f:10:a5:ab:74:36:a4:14:32:19:41:1f:43:b2:
e9:d3:58:c2:c0:18:ae:37:08:eb:a8:45:da:2c:8a:
9f:a8:3a:a2:2b:83:08:a7:72:4d:b7:18:21:70:e8:
54:07:50:40:6c:89:d3:e7:f7:c2:be:f2:94:3f:60:
5b:2d:48:24:50:ef:9f:4c:46:bf:f1:0c:85:98:81:
44:2c:c0:c5:06:59:0d:6b:ef:3d:22:97:77:a7:2d:
7b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:61:D8:05:D1:A0:49:8E:8A:00:8B:13:FA:C4:56:B2:79:25:59:DF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YWHYBdGgSY6KAIsT-sRWsnklWd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
82.152.111.0/24
82.152.250.0/24
82.152.252.0/23
82.152.255.0/24
82.153.67.0/24
82.153.73.0/24
82.153.78.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.248.0/24
82.153.250.0/24
89.213.135.0-89.213.137.255
89.213.141.0/24
89.213.153.0/24
89.213.163.0/24
89.213.168.0/24
89.213.170.0/24
89.213.188.0/23
109.176.209.0/24
109.176.211.0/24
109.176.216.0/21
109.176.249.0/24
185.49.125.0/24
213.152.61.0-213.152.62.255
Signature Algorithm: sha256WithRSAEncryption
84:23:9b:16:dc:bd:ee:ac:46:cb:45:f9:aa:fa:b9:e7:67:af:
d4:0d:dd:a9:2a:2d:41:4c:6d:fd:ae:f6:58:33:57:84:67:67:
9f:13:3c:39:3c:0d:46:77:bc:17:7c:5c:f9:b8:53:61:8d:34:
f3:7d:d1:f7:5c:e2:68:c0:54:5a:e6:33:98:2d:c3:eb:28:5c:
bf:84:5c:56:03:83:4d:a7:d9:ec:39:cd:0e:5f:92:09:e7:ca:
28:f3:e2:bb:86:cb:3d:f3:db:cd:a6:c4:75:6f:1f:76:97:25:
47:11:b2:06:04:42:ab:40:ce:24:4b:bf:ea:69:cc:5c:fe:16:
c7:f3:13:b0:d6:05:1b:8e:f5:be:cc:7a:56:8f:2c:62:29:b1:
5d:51:f3:27:33:ef:ac:42:82:8e:f4:9d:16:c8:c9:a5:88:00:
83:38:59:2d:93:c5:3a:bf:72:ec:4f:38:e5:11:c2:67:c3:ae:
cb:56:f0:9f:b1:4c:3f:43:96:70:a7:d8:80:d8:9b:3d:6b:a7:
89:67:62:b3:b3:29:b0:1c:ba:0a:cf:ca:df:17:2b:62:a6:a9:
23:72:75:45:5b:2f:2b:8a:ed:a9:a7:26:33:52:ab:ef:9e:82:
e7:c9:9c:c3:37:76:0f:3f:eb:86:e5:ca:c4:9b:0f:38:e3:47:
2f:f7:d7:83
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZRg8Ues+YJdDgm922tYe+p7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTEzMTgzMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTYxZDgwNWQxYTA0OThlOGEwMDhiMTNmYWM0NTZiMjc5MjU1OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRB94y7FBW/0j+w2stUuZAkUp7xf
Eq6ZwgEu+vBDAKGEUtOyHRxDwO6PO9KhfRjjBZMZOxddi6W7uYoIv2hgn30ogDNq
PgZnmYMZyDW8WtfpT7Vg79lLQmiggI3oM+hqAaa6UhnVGyhSiR9G4ckB0j8p1dof
p1d0i3g9OXKJNmOPE/f02sUYx2n6LT2hCzx9gfQBaO2tzSLUZJzgGFdCTZehcYPS
XxClq3Q2pBQyGUEfQ7Lp01jCwBiuNwjrqEXaLIqfqDqiK4MIp3JNtxghcOhUB1BA
bInT5/fCvvKUP2BbLUgkUO+fTEa/8QyFmIFELMDFBlkNa+89Ipd3py17rwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFGFh2AXRoEmOigCLE/rEVrJ5JVnfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVdIWUJkR2dTWTZLQUlzVC1zUldzbmtsV2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBABR
BZwDBABRqCkDBABSmG8DBABSmPoDBAFSmPwDBABSmP8DBABSmUMDBABSmUkDBABS
mU4DBABSmYkwDAMEAFKZiwMEAFKZjAMEAFKZ3QMEAFKZ3wMEAFKZ8AMEAFKZ+AME
AFKZ+jAMAwQAWdWHAwQBWdWIAwQAWdWNAwQAWdWZAwQAWdWjAwQAWdWoAwQAWdWq
AwQBWdW8AwQAbbDRAwQAbbDTAwQDbbDYAwQAbbD5AwQAuTF9MAwDBADVmD0DBADV
mD4wDQYJKoZIhvcNAQELBQADggEBAIQjmxbcve6sRstF+ar6uednr9QN3akqLUFM
bf2u9lgzV4RnZ58TPDk8DUZ3vBd8XPm4U2GNNPN90fdc4mjAVFrmM5gtw+soXL+E
XFYDg02n2ew5zQ5fkgnnyijz4ruGyz3z282mxHVvH3aXJUcRsgYEQqtAziRLv+pp
zFz+FsfzE7DWBRuO9b7MelaPLGIpsV1R8ycz76xCgo70nRbIyaWIAIM4WS2TxTq/
cuxPOOURwmfDrstW8J+xTD9DlnCn2IDYmz1rp4lnYrOzKbAcugrPyt8XK2KmqSNy
dUVbLyuK7amnJjNSq++egufJnMM3dg8/64blysSbDzjjRy/314M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:21 2025 by rpki-client