Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZtHwlPgxdWBI8upjKg0JAgKXoA8.roa
File: ZtHwlPgxdWBI8upjKg0JAgKXoA8.roa (raw, json)
Hash identifier: n9bUyu0bENG01sUnycWLVl7SeqbNl+ErseRw4d/VnqA=
Subject key identifier: 66:D1:F0:94:F8:31:75:60:48:F2:EA:63:2A:0D:09:02:02:97:A0:0F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01917B0BE6BB3B5ADADDEB2C42392429B751
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZtHwlPgxdWBI8upjKg0JAgKXoA8.roa
Signing time: Thu 22 Aug 2024 17:04:23 +0000
ROA not before: Thu 22 Aug 2024 17:04:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 11:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7b:0b:e6:bb:3b:5a:da:dd:eb:2c:42:39:24:29:b7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 22 17:04:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66d1f094f831756048f2ea632a0d09020297a00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:03:39:67:a3:84:eb:21:a2:a8:5d:b1:73:
fb:bb:72:b3:18:28:20:ef:df:0a:83:6e:71:9a:ad:
41:4d:4d:bd:39:84:3c:3f:7a:61:d1:60:9f:12:9a:
61:54:40:80:10:05:f7:f6:d3:6e:07:c3:15:bd:5c:
c2:9a:ee:d6:0f:33:11:30:48:56:9e:80:29:77:83:
c2:6a:4c:36:ed:19:95:13:7a:f9:08:0f:e6:1b:61:
6c:3e:85:bd:41:4e:e8:e5:fb:f2:f9:fd:1b:60:e2:
3b:5d:4d:fa:c1:83:d8:e8:fb:ae:fc:c9:7e:60:7a:
f7:25:d5:46:35:ba:80:e0:39:54:ed:4f:8b:93:ce:
9e:83:60:f2:d7:bc:d0:c4:2a:27:cc:c2:e7:17:56:
dd:bd:2e:d8:00:d6:ab:d2:d1:ff:30:14:c2:f1:50:
0e:eb:ce:15:f8:8b:e7:83:0a:09:f8:6b:d2:bd:69:
70:9d:53:37:9d:c0:e3:92:cf:6c:87:39:77:a3:66:
0b:b9:0a:de:c9:f8:90:a9:bd:cb:c0:ea:e0:50:e1:
e0:e2:a9:e1:61:63:31:a7:9a:6e:ed:c6:81:8f:ee:
95:c6:b1:73:47:4a:93:e5:b7:1b:8b:29:1f:09:6a:
1e:d7:fa:9a:25:35:e9:e3:b9:f2:b7:48:fb:22:f3:
c9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D1:F0:94:F8:31:75:60:48:F2:EA:63:2A:0D:09:02:02:97:A0:0F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZtHwlPgxdWBI8upjKg0JAgKXoA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
91:fc:ea:f6:c5:12:03:2b:6b:83:b9:c4:0b:ef:34:1f:bd:41:
9f:b8:14:fa:65:cf:7b:96:43:6a:89:e5:86:a9:06:a8:57:ca:
7a:ab:bf:d5:b0:72:8a:6f:e2:7a:fd:bd:b3:a5:e5:d5:1d:08:
6c:76:09:3d:22:15:aa:d3:4d:7e:43:20:60:dd:15:13:c6:67:
14:d4:76:66:d4:e5:71:74:e7:26:e7:5e:d8:53:cd:9d:43:0c:
c0:99:38:c7:53:26:56:1b:a5:57:d0:bd:8f:c6:92:cd:23:8c:
b1:d7:52:3c:ae:d8:aa:b5:9b:26:36:a7:9f:39:40:44:42:10:
f0:e3:c0:b2:04:af:c3:87:8b:5c:f7:0c:f3:51:f1:bc:04:30:
62:29:a5:89:95:12:0f:24:c0:cb:bc:f0:9b:db:29:58:3b:bd:
13:ae:c7:17:65:db:44:f4:12:98:59:98:3a:1e:88:58:7b:a1:
c4:c4:b5:7d:48:bf:6a:00:7f:51:c3:73:79:37:49:b9:e2:a6:
85:89:bc:52:29:5f:45:69:19:9a:64:76:31:cf:98:09:01:88:
e8:b1:38:1c:25:af:32:44:7c:36:cf:f2:23:c6:a5:05:82:61:
1e:b7:f0:cf:6c:69:44:9c:b9:df:9b:a0:2f:a5:21:b3:c6:88:
e2:65:00:67
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZF7C+a7O1ra3essQjkkKbdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODIyMTcwNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQxZjA5NGY4MzE3NTYwNDhmMmVhNjMyYTBkMDkwMjAyOTdhMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVkDOWejhOshoqhdsXP7u3KzGCgg
798Kg25xmq1BTU29OYQ8P3ph0WCfEpphVECAEAX39tNuB8MVvVzCmu7WDzMRMEhW
noApd4PCakw27RmVE3r5CA/mG2FsPoW9QU7o5fvy+f0bYOI7XU36wYPY6Puu/Ml+
YHr3JdVGNbqA4DlU7U+Lk86eg2Dy17zQxConzMLnF1bdvS7YANar0tH/MBTC8VAO
684V+IvngwoJ+GvSvWlwnVM3ncDjks9shzl3o2YLuQreyfiQqb3LwOrgUOHg4qnh
YWMxp5pu7caBj+6VxrFzR0qT5bcbiykfCWoe1/qaJTXp47nyt0j7IvPJBQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFGbR8JT4MXVgSPLqYyoNCQICl6APMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWnRId2xQZ3hkV0JJOHVwaktnMEpBZ0tYb0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdVrAwQBWdVwAwQAWdV0AwQAWdV5AwQAWdWdAwQA
WdXjAwQA1YKJMAwDBAPVgpgDBADVgpowDQYJKoZIhvcNAQELBQADggEBAJH86vbF
EgMra4O5xAvvNB+9QZ+4FPplz3uWQ2qJ5YapBqhXynqrv9Wwcopv4nr9vbOl5dUd
CGx2CT0iFarTTX5DIGDdFRPGZxTUdmbU5XF05ybnXthTzZ1DDMCZOMdTJlYbpVfQ
vY/Gks0jjLHXUjyu2Kq1myY2p585QERCEPDjwLIEr8OHi1z3DPNR8bwEMGIppYmV
Eg8kwMu88JvbKVg7vROuxxdl20T0EphZmDoeiFh7ocTEtX1Iv2oAf1HDc3k3Sbni
poWJvFIpX0VpGZpkdjHPmAkBiOixOBwlrzJEfDbP8iPGpQWCYR638M9saUScud+b
oC+lIbPGiOJlAGc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:06 2025 by rpki-client