Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_K12i1ZYEWMkhW9PUntMp0bJHkI.roa
File: _K12i1ZYEWMkhW9PUntMp0bJHkI.roa (raw, json)
Hash identifier: y1wjKw7+Xn0BTQeW3n46lTFSLDG4dxsQEEgKlJ/p9sw=
Subject key identifier: FC:AD:76:8B:56:58:11:63:24:85:6F:4F:52:7B:4C:A7:46:C9:1E:42
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2FB259C66AFC576020D8F1C1E5753221
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_K12i1ZYEWMkhW9PUntMp0bJHkI.roa
Signing time: Tue 30 Apr 2024 15:49:28 +0000
ROA not before: Tue 30 Apr 2024 15:49:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.138.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 18:26:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:b2:59:c6:6a:fc:57:60:20:d8:f1:c1:e5:75:32:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 15:49:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcad768b5658116324856f4f527b4ca746c91e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c4:55:8a:42:12:36:99:a0:77:8b:92:f6:76:
5c:13:0d:dd:db:00:a9:0b:bc:f9:72:64:d8:a3:22:
51:a2:fb:53:1b:44:f1:4e:98:dd:8c:f6:4b:7e:2d:
aa:3b:05:a9:10:fd:1e:12:7a:7d:0f:2d:ef:40:67:
3a:f2:02:93:55:f0:ce:ae:60:1a:cc:77:6d:fd:43:
16:71:c4:80:56:aa:d4:9c:c3:d4:a2:ed:62:43:77:
af:4b:36:0d:84:aa:e2:31:a7:f2:ab:05:77:cd:fc:
cd:0e:2a:fa:14:27:92:ce:5a:11:2f:9f:f2:9e:69:
60:4b:8d:70:a8:4e:95:47:85:ae:19:2e:44:9f:dd:
b8:77:53:16:ec:ae:3a:40:58:bc:55:4d:d0:76:08:
74:30:de:d5:97:86:a4:6a:0c:c5:30:24:af:ce:5b:
57:ed:5a:9c:07:c9:50:0a:63:8c:6c:bf:ff:4c:92:
8d:e0:d6:fe:0c:1a:f1:dd:1c:da:5e:66:e9:56:a0:
ed:4c:33:aa:30:ee:2a:cc:16:e8:0b:7d:5b:57:df:
0d:8e:93:3b:b9:88:8a:13:77:b5:1b:01:fe:16:ed:
07:2b:45:3f:ae:d8:5b:fa:ff:4b:16:9b:1c:b8:65:
31:76:c8:69:3d:75:84:9d:cc:20:78:08:db:01:2f:
63:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AD:76:8B:56:58:11:63:24:85:6F:4F:52:7B:4C:A7:46:C9:1E:42
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_K12i1ZYEWMkhW9PUntMp0bJHkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
89.213.133.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
213.130.138.0/24
213.130.149.0/24
213.218.209.0-213.218.211.255
213.218.213.0/24
213.218.234.0/24
Signature Algorithm: sha256WithRSAEncryption
35:08:66:8b:d1:c5:13:44:00:f6:b1:14:4b:cf:e2:7e:b4:cc:
06:24:a8:54:3b:24:bb:40:05:84:e6:b7:ac:97:cc:89:02:42:
0a:d3:14:54:e3:08:a5:fc:d0:c7:c7:b9:fd:f4:9a:63:4a:f5:
5e:fe:e3:e8:50:64:24:0e:da:81:43:b9:7e:ed:63:27:c7:38:
b2:ba:15:47:ae:d0:19:bc:37:7c:33:db:92:3f:d8:10:33:bc:
36:38:cd:fc:d5:d4:47:8e:66:6d:42:61:3a:5c:46:24:e5:e1:
cc:e9:01:da:75:c2:4c:fa:fd:f4:d4:fc:3f:85:61:57:ef:df:
e8:62:fc:a2:e1:29:05:8d:f0:64:f1:2b:3d:d5:61:e1:10:f1:
5c:3d:9f:92:4c:86:03:ff:3b:c0:44:6d:2c:76:38:98:e4:50:
19:61:83:d3:6f:44:c2:2b:14:85:56:4c:3e:9b:20:bf:96:b3:
c4:3b:25:53:99:b1:4c:b1:8d:97:29:f1:94:b4:eb:d6:2c:25:
c8:dc:c4:1c:5f:59:35:25:ce:1e:ec:3d:74:18:e7:7f:a2:db:
a7:01:50:72:9a:e1:d8:c1:4c:b2:c7:3f:1a:f4:13:d6:2d:fb:
b1:18:77:1f:89:f5:98:93:05:05:bf:80:77:0e:33:00:27:ef:
a1:12:b0:8f
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY8vslnGavxXYCDY8cHldTIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTU0OTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FkNzY4YjU2NTgxMTYzMjQ4NTZmNGY1MjdiNGNhNzQ2YzkxZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MRVikISNpmgd4uS9nZcEw3d2wCp
C7z5cmTYoyJRovtTG0TxTpjdjPZLfi2qOwWpEP0eEnp9Dy3vQGc68gKTVfDOrmAa
zHdt/UMWccSAVqrUnMPUou1iQ3evSzYNhKriMafyqwV3zfzNDir6FCeSzloRL5/y
nmlgS41wqE6VR4WuGS5En924d1MW7K46QFi8VU3Qdgh0MN7Vl4akagzFMCSvzltX
7VqcB8lQCmOMbL//TJKN4Nb+DBrx3RzaXmbpVqDtTDOqMO4qzBboC31bV98NjpM7
uYiKE3e1GwH+Fu0HK0U/rthb+v9LFpscuGUxdshpPXWEncwgeAjbAS9jEwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPytdotWWBFjJIVvT1J7TKdGyR5CMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX0sxMmkxWllFV01raFc5UFVudE1wMGJKSGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAVKYsAME
AlKZiAMEAFKZ9QMEAFnVhTAMAwQCWdWUAwQFWdWAAwQCWdWsAwQAWdW0AwQDbbAQ
AwQBuTF+AwQEwmlQAwQA1YKKAwQA1YKVMAwDBADV2tEDBALV2tADBADV2tUDBADV
2uowDQYJKoZIhvcNAQELBQADggEBADUIZovRxRNEAPaxFEvP4n60zAYkqFQ7JLtA
BYTmt6yXzIkCQgrTFFTjCKX80MfHuf30mmNK9V7+4+hQZCQO2oFDuX7tYyfHOLK6
FUeu0Bm8N3wz25I/2BAzvDY4zfzV1EeOZm1CYTpcRiTl4czpAdp1wkz6/fTU/D+F
YVfv3+hi/KLhKQWN8GTxKz3VYeEQ8Vw9n5JMhgP/O8BEbSx2OJjkUBlhg9NvRMIr
FIVWTD6bIL+Ws8Q7JVOZsUyxjZcp8ZS069YsJcjcxBxfWTUlzh7sPXQY53+i26cB
UHKa4djBTLLHPxr0E9Yt+7EYdx+J9ZiTBQW/gHcOMwAn76ESsI8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:40:56 2025 by rpki-client