Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aXmbb6iYmoK8kL8fdgLM65eRZB8.roa
File: aXmbb6iYmoK8kL8fdgLM65eRZB8.roa (raw, json)
Hash identifier: b2E/6Hc/oB2RcH0ByW2w2+bPAx0BRJdMAe0oLW07cPI=
Subject key identifier: 69:79:9B:6F:A8:98:9A:82:BC:90:BF:1F:76:02:CC:EB:97:91:64:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB3C8A85D01FADE1889654F7FD788C682
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aXmbb6iYmoK8kL8fdgLM65eRZB8.roa
Signing time: Sun 26 May 2024 07:23:42 +0000
ROA not before: Sun 26 May 2024 07:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.153.152.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:c8:a8:5d:01:fa:de:18:89:65:4f:7f:d7:88:c6:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 07:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69799b6fa8989a82bc90bf1f7602cceb9791641f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:86:14:44:57:5f:e5:35:64:3d:9a:69:fb:
b6:88:d9:8c:30:50:e5:97:a5:6e:8d:c3:17:e0:ac:
d9:90:06:83:5e:e7:c2:1f:5d:2e:37:0c:8f:f0:6b:
01:e0:25:5c:a4:50:62:9e:17:80:0c:8c:45:2a:09:
a7:fc:c4:f6:c4:c6:94:4d:f7:05:ce:0a:12:89:aa:
13:5e:47:15:0a:b2:3f:ac:ea:b8:4c:1f:e0:a8:a4:
35:87:25:bc:d7:65:60:40:f0:b9:06:42:cf:83:47:
5d:77:e6:bb:bd:23:af:01:f0:8e:ec:91:49:d0:02:
ba:92:53:ec:3f:d3:ca:8c:15:b4:a8:85:08:00:8d:
60:fb:b8:21:e6:af:e7:c2:bd:ca:fc:14:ca:65:e8:
d5:50:83:2d:83:b9:6a:25:f9:11:74:c7:6f:c2:f0:
c1:4a:ad:7f:7a:e2:81:85:70:91:13:f6:a9:83:48:
6b:1e:c7:da:cd:d5:1a:2e:82:d5:e5:73:f5:76:6e:
aa:98:0a:7e:c8:31:2d:83:09:52:d0:84:7c:b3:d1:
44:8b:52:e3:e7:3c:4a:a5:0e:88:e5:95:60:20:71:
cb:85:9c:ca:a6:fc:e9:86:71:ff:d6:58:13:54:a5:
3e:53:03:b8:c4:1f:91:33:ea:43:ae:12:4d:3a:13:
5c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:79:9B:6F:A8:98:9A:82:BC:90:BF:1F:76:02:CC:EB:97:91:64:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aXmbb6iYmoK8kL8fdgLM65eRZB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.152.0/24
82.153.225.0/24
89.213.43.0/24
89.213.145.0/24
89.213.161.0/24
109.176.32.0/19
Signature Algorithm: sha256WithRSAEncryption
13:b7:38:34:2a:7e:93:01:62:22:ec:86:62:d9:1e:80:a9:bd:
bf:26:6a:13:2c:18:7a:44:68:ba:2a:43:7d:aa:ff:af:a0:6e:
54:1e:e8:af:5a:46:fe:8c:e0:b1:b0:62:55:c6:fb:6a:2f:3b:
50:78:25:60:12:a2:9f:c8:82:59:4e:11:1e:f7:07:01:9e:9a:
57:48:85:5c:ee:fc:fe:dc:ca:ff:e5:6a:f6:c6:e7:7e:7f:c6:
47:3f:14:bf:3d:a6:61:ed:60:83:2f:f8:d2:a4:eb:74:37:8a:
41:34:ce:f8:98:0b:1b:a1:0e:36:b5:5e:5a:96:4e:55:a3:6e:
2b:f3:fe:5e:4b:46:e8:55:51:36:61:d5:41:7f:89:10:85:2b:
0f:57:c2:50:cc:ee:cd:36:a6:ee:1b:f0:60:9a:6b:bc:2e:b0:
37:f8:b0:d4:d6:60:4d:5e:cf:ab:5e:be:f6:58:b8:85:31:fb:
67:22:bc:9a:b3:03:c8:26:d7:26:35:3c:2a:28:ea:b4:59:9f:
cb:94:5b:a7:a9:4a:3b:55:f4:66:96:97:b9:1a:40:93:3c:d2:
77:76:64:07:ab:a0:77:76:66:12:b7:c3:16:e9:60:c1:f7:23:
81:77:43:dd:4d:c8:98:f9:e0:15:d3:7f:88:b9:1f:8f:17:67:
87:c7:54:88
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY+zyKhdAfreGIllT3/XiMaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI2MDcyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5OWI2ZmE4OTg5YTgyYmM5MGJmMWY3NjAyY2NlYjk3OTE2NDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+uGFERXX+U1ZD2aafu2iNmMMFDl
l6VujcMX4KzZkAaDXufCH10uNwyP8GsB4CVcpFBinheADIxFKgmn/MT2xMaUTfcF
zgoSiaoTXkcVCrI/rOq4TB/gqKQ1hyW812VgQPC5BkLPg0ddd+a7vSOvAfCO7JFJ
0AK6klPsP9PKjBW0qIUIAI1g+7gh5q/nwr3K/BTKZejVUIMtg7lqJfkRdMdvwvDB
Sq1/euKBhXCRE/apg0hrHsfazdUaLoLV5XP1dm6qmAp+yDEtgwlS0IR8s9FEi1Lj
5zxKpQ6I5ZVgIHHLhZzKpvzphnH/1lgTVKU+UwO4xB+RM+pDrhJNOhNc8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGl5m2+omJqCvJC/H3YCzOuXkWQfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYVhtYmI2aVltb0s4a0w4ZmRnTE02NWVSWkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpmYAwQA
UpnhAwQAWdUrAwQAWdWRAwQAWdWhAwQFbbAgMA0GCSqGSIb3DQEBCwUAA4IBAQAT
tzg0Kn6TAWIi7IZi2R6Aqb2/JmoTLBh6RGi6KkN9qv+voG5UHuivWkb+jOCxsGJV
xvtqLztQeCVgEqKfyIJZThEe9wcBnppXSIVc7vz+3Mr/5Wr2xud+f8ZHPxS/PaZh
7WCDL/jSpOt0N4pBNM74mAsboQ42tV5alk5Vo24r8/5eS0boVVE2YdVBf4kQhSsP
V8JQzO7NNqbuG/Bgmmu8LrA3+LDU1mBNXs+rXr72WLiFMftnIryaswPIJtcmNTwq
KOq0WZ/LlFunqUo7VfRmlpe5GkCTPNJ3dmQHq6B3dmYSt8MW6WDB9yOBd0PdTciY
+eAV03+IuR+PF2eHx1SI
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:03 2025 by rpki-client