Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yh5ey9vfxcEhIscOBrGd_LVOr84.roa
File: Yh5ey9vfxcEhIscOBrGd_LVOr84.roa (raw, json)
Hash identifier: 8pKMO35gg/ZffNMoY//fHX4m72zV7TV7wH0O5JjK/cs=
Subject key identifier: 62:1E:5E:CB:DB:DF:C5:C1:21:22:C7:0E:06:B1:9D:FC:B5:4E:AF:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019537677885FBDA40C1EF6C60A1027F1455
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yh5ey9vfxcEhIscOBrGd_LVOr84.roa
Signing time: Mon 24 Feb 2025 10:01:22 +0000
ROA not before: Mon 24 Feb 2025 10:01:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 12:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:67:78:85:fb:da:40:c1:ef:6c:60:a1:02:7f:14:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 24 10:01:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=621e5ecbdbdfc5c12122c70e06b19dfcb54eafce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:76:4f:67:14:6d:75:25:21:4f:3c:e3:dc:30:
c2:dd:ac:3c:c3:b2:f1:b3:dd:79:72:0c:e1:52:87:
c5:ab:48:eb:fc:77:56:12:c2:df:e4:84:4b:d9:85:
d1:48:c0:ed:13:54:f3:81:de:44:4f:f1:d4:4f:6c:
ca:c2:79:45:8e:34:ea:c5:f8:fa:a6:52:e4:25:a9:
35:c1:36:a4:4d:36:10:1e:3f:6d:b9:21:fe:9c:da:
ec:51:50:0d:b2:d7:d0:b2:71:a0:15:03:83:46:0e:
31:37:bd:db:e4:5c:2d:84:fd:3a:b5:41:ac:73:85:
5b:e8:2d:30:6b:39:04:b6:b1:af:e8:23:b4:1d:ae:
81:ed:ba:83:4e:d4:bc:e8:fa:5d:41:13:95:a6:ed:
4d:2f:dc:c4:46:d3:14:ba:18:45:01:20:6c:9d:25:
b3:e4:a9:00:e3:32:b7:4c:70:c0:f4:eb:f2:cb:dc:
d7:4a:3c:1c:bf:1c:9f:dd:8b:c4:c5:8e:ae:56:50:
37:15:5b:60:0b:90:b5:95:92:e6:f2:bd:b8:24:47:
9b:c0:7a:35:74:8c:ad:e1:1b:7a:c1:ff:4e:1e:a2:
d0:c5:44:04:22:68:78:fd:6a:cc:37:08:be:0a:d1:
51:bb:af:99:ce:f3:7f:57:e3:00:01:a7:35:7e:d6:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1E:5E:CB:DB:DF:C5:C1:21:22:C7:0E:06:B1:9D:FC:B5:4E:AF:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Yh5ey9vfxcEhIscOBrGd_LVOr84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.14.0/24
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.215.0/24
213.218.248.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:be:2b:5f:f1:66:43:90:4e:f6:17:6f:62:f1:0f:54:1b:5a:
b5:23:b7:c1:56:0f:b0:b9:ce:ed:38:7f:b2:00:f8:89:1c:26:
da:20:45:28:5a:99:3a:7d:6d:2c:1f:61:ca:12:f3:3e:be:f1:
4b:d9:da:0b:dc:8e:7d:ca:f0:6c:14:f4:df:f6:e7:03:37:2b:
1e:5e:c6:4b:7e:73:54:3c:ea:8f:eb:ec:eb:23:e3:f1:87:68:
db:ed:a9:f4:22:22:4f:24:bd:92:91:e4:5a:72:2b:6d:2b:a9:
40:06:c9:46:c5:e8:06:e7:d3:5c:0a:3f:e0:c0:ec:bf:b1:93:
f2:0b:a0:53:47:f2:aa:b0:a3:d2:bb:9e:0d:ac:63:ab:3a:fb:
01:4d:28:0c:62:4d:3a:59:96:da:a1:29:55:4b:ec:da:9c:54:
0a:3e:b5:74:92:9b:89:1d:74:55:b8:6b:19:db:e6:b3:7f:d2:
5e:b9:5c:24:b5:70:02:16:f0:46:77:3b:c7:7d:1b:76:35:6a:
d7:55:38:1f:5a:17:4a:7d:c1:96:47:3e:48:ea:8a:ea:3a:14:
8a:83:87:ba:ca:95:e0:a0:30:e9:d1:d3:5e:5f:07:0d:1f:c2:
57:22:fa:fe:e1:c6:7d:a5:f4:a5:1b:57:18:da:9d:db:aa:b9:
fc:a4:87:a2
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZU3Z3iF+9pAwe9sYKECfxRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI0MTAwMTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFlNWVjYmRiZGZjNWMxMjEyMmM3MGUwNmIxOWRmY2I1NGVhZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XZPZxRtdSUhTzzj3DDC3aw8w7Lx
s915cgzhUofFq0jr/HdWEsLf5IRL2YXRSMDtE1Tzgd5ET/HUT2zKwnlFjjTqxfj6
plLkJak1wTakTTYQHj9tuSH+nNrsUVANstfQsnGgFQODRg4xN73b5FwthP06tUGs
c4Vb6C0wazkEtrGv6CO0Ha6B7bqDTtS86PpdQROVpu1NL9zERtMUuhhFASBsnSWz
5KkA4zK3THDA9Ovyy9zXSjwcvxyf3YvExY6uVlA3FVtgC5C1lZLm8r24JEebwHo1
dIyt4Rt6wf9OHqLQxUQEImh4/WrMNwi+CtFRu6+ZzvN/V+MAAac1ftYwtwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFGIeXsvb38XBISLHDgaxnfy1Tq/OMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWWg1ZXk5dmZ4Y0VoSXNjT0JyR2RfTFZPcjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFKYCAMEAFKYgwMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBABtsA4D
BANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBADVmCsD
BALV0jQDBADV2tMDBADV2tcDBADV2vgwDAMEANmRQQMEANmRQgMEA9mRSDANBgkq
hkiG9w0BAQsFAAOCAQEAob4rX/FmQ5BO9hdvYvEPVBtatSO3wVYPsLnO7Th/sgD4
iRwm2iBFKFqZOn1tLB9hyhLzPr7xS9naC9yOfcrwbBT03/bnAzcrHl7GS35zVDzq
j+vs6yPj8Ydo2+2p9CIiTyS9kpHkWnIrbSupQAbJRsXoBufTXAo/4MDsv7GT8gug
U0fyqrCj0rueDaxjqzr7AU0oDGJNOlmW2qEpVUvs2pxUCj61dJKbiR10VbhrGdvm
s3/SXrlcJLVwAhbwRnc7x30bdjVq11U4H1oXSn3Blkc+SOqK6joUioOHusqV4KAw
6dHTXl8HDR/CVyL6/uHGfaX0pRtXGNqd26q5/KSHog==
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:08:42 2025 by rpki-client