Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8XYeBO8rZ33EZGXjow_-XHcVhg.roa
File: _8XYeBO8rZ33EZGXjow_-XHcVhg.roa (raw, json)
Hash identifier: Xep0sAf+hZEOEHBj/yMg7fODZqKnIKhSW0RMSaJzhj0=
Subject key identifier: FF:C5:D8:78:13:BC:AD:9D:F7:11:91:97:8E:8C:3F:F9:71:DC:56:18
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01912CEBEDB8363604DD52358EB61C0A9F1F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8XYeBO8rZ33EZGXjow_-XHcVhg.roa
Signing time: Wed 07 Aug 2024 12:59:04 +0000
ROA not before: Wed 07 Aug 2024 12:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 14:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:eb:ed:b8:36:36:04:dd:52:35:8e:b6:1c:0a:9f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 12:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffc5d87813bcad9df71191978e8c3ff971dc5618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:ad:2f:6e:91:35:75:5e:07:ab:56:f1:e9:
55:16:02:70:b1:6e:98:f2:80:41:84:c9:58:d7:de:
d8:4e:7f:21:23:f9:1a:32:18:bd:d7:f0:16:91:7b:
e0:68:c3:04:e8:c3:89:df:68:38:e5:ec:9e:90:92:
35:0b:72:33:10:81:9d:3e:c5:aa:54:71:de:61:ff:
1e:9c:51:21:8c:33:62:d2:68:8f:23:df:3e:21:ec:
60:89:e1:91:4c:e1:07:7a:66:f1:1c:b2:89:a5:70:
59:20:22:5a:2f:32:42:d7:b2:50:20:c3:b3:cd:fe:
af:08:eb:4c:56:34:79:3c:14:96:18:cc:e5:89:ec:
20:a9:26:86:da:34:8d:46:d8:7d:37:1a:77:29:80:
0b:e2:23:07:2a:24:7a:3e:14:58:9f:37:58:61:2b:
ac:ef:81:57:0b:85:23:e8:a3:f2:50:e6:dd:52:e8:
bc:2c:6c:9a:e7:4a:19:2e:a8:8b:f7:3a:f5:f0:90:
c6:5a:7e:b3:18:39:91:9c:98:06:8b:51:00:59:61:
c5:96:05:04:12:ca:07:69:24:f3:16:d5:16:45:5b:
31:3e:2a:f2:26:3a:61:41:12:39:e0:7e:e1:f1:cb:
5e:66:ad:0c:2a:59:d9:d6:fe:fe:79:60:82:18:a6:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C5:D8:78:13:BC:AD:9D:F7:11:91:97:8E:8C:3F:F9:71:DC:56:18
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8XYeBO8rZ33EZGXjow_-XHcVhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
34:44:6b:89:17:1f:c2:cf:0d:99:24:3f:50:62:c1:b3:47:f4:
61:4f:07:e6:3a:7b:3e:20:12:fc:13:4c:b0:c3:78:a0:bd:b8:
7d:dd:b9:40:26:e3:34:3e:8f:9c:b8:2b:37:85:55:07:58:5f:
c9:de:2b:b0:05:fc:85:71:97:6c:67:b7:9a:c3:8d:ca:9a:91:
c6:80:10:a3:c5:19:79:02:08:75:b4:3e:c8:ad:fd:27:13:87:
8e:07:1f:9f:29:90:a4:f7:56:af:d0:8f:06:cc:b6:c3:79:37:
66:9b:73:ec:bd:2d:e4:a7:a9:bd:6e:20:70:28:26:a1:61:fd:
4d:bf:61:b0:85:c4:24:3f:f1:cd:05:ab:f0:d8:f0:b1:42:53:
25:93:64:7e:50:a3:16:63:64:bf:04:f6:91:70:39:29:cb:2f:
19:37:40:08:f9:68:42:55:4a:ee:81:e0:56:a1:f1:b2:f9:bf:
e3:3f:e1:2a:b2:42:7b:b2:03:8e:81:2a:b7:44:14:e2:99:32:
d8:75:b9:cf:90:a0:ad:17:b8:51:a5:43:30:df:71:7b:5e:8c:
e2:f8:52:7a:31:90:36:a0:2d:c1:c2:cf:f0:a9:ce:8a:03:9d:
59:89:de:37:99:93:b4:95:56:b3:a4:b0:c8:60:fd:6c:fc:32:
3b:ab:8f:46
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZEs6+24NjYE3VI1jrYcCp8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODA3MTI1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM1ZDg3ODEzYmNhZDlkZjcxMTkxOTc4ZThjM2ZmOTcxZGM1NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+etL26RNXVeB6tW8elVFgJwsW6Y
8oBBhMlY197YTn8hI/kaMhi91/AWkXvgaMME6MOJ32g45eyekJI1C3IzEIGdPsWq
VHHeYf8enFEhjDNi0miPI98+IexgieGRTOEHembxHLKJpXBZICJaLzJC17JQIMOz
zf6vCOtMVjR5PBSWGMzliewgqSaG2jSNRth9Nxp3KYAL4iMHKiR6PhRYnzdYYSus
74FXC4Uj6KPyUObdUui8LGya50oZLqiL9zr18JDGWn6zGDmRnJgGi1EAWWHFlgUE
EsoHaSTzFtUWRVsxPiryJjphQRI54H7h8cteZq0MKlnZ1v7+eWCCGKYpMQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFP/F2HgTvK2d9xGRl46MP/lx3FYYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzhYWWVCTzhyWjMzRVpHWGpvd18tWEhjVmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAFS
mLADBAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAMEBVnVgAMEAFnVpwME
AlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwDBAG5
MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQELBQAD
ggEBADREa4kXH8LPDZkkP1BiwbNH9GFPB+Y6ez4gEvwTTLDDeKC9uH3duUAm4zQ+
j5y4KzeFVQdYX8neK7AF/IVxl2xnt5rDjcqakcaAEKPFGXkCCHW0Psit/ScTh44H
H58pkKT3Vq/QjwbMtsN5N2abc+y9LeSnqb1uIHAoJqFh/U2/YbCFxCQ/8c0Fq/DY
8LFCUyWTZH5QoxZjZL8E9pFwOSnLLxk3QAj5aEJVSu6B4Fah8bL5v+M/4SqyQnuy
A46BKrdEFOKZMth1uc+QoK0XuFGlQzDfcXtejOL4UnoxkDagLcHCz/CpzooDnVmJ
3jeZk7SVVrOksMhg/Wz8Mjurj0Y=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:09 2025 by rpki-client