Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/amaeUAWlpZ2qFHF9Fy7Hp0qVnfE.roa
File: amaeUAWlpZ2qFHF9Fy7Hp0qVnfE.roa (raw, json)
Hash identifier: Cq9CyHFrTCHmqg2JeT83AMaZOrXntUtHa58zHhUvVrk=
Subject key identifier: 6A:66:9E:50:05:A5:A5:9D:AA:14:71:7D:17:2E:C7:A7:4A:95:9D:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191DC23F2C89EBB32E59252E045952B494F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/amaeUAWlpZ2qFHF9Fy7Hp0qVnfE.roa
Signing time: Tue 10 Sep 2024 13:33:48 +0000
ROA not before: Tue 10 Sep 2024 13:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.178.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.205.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:23:f2:c8:9e:bb:32:e5:92:52:e0:45:95:2b:49:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 10 13:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a669e5005a5a59daa14717d172ec7a74a959df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9c:a4:f3:c3:43:a2:12:78:a3:0d:ac:b6:83:
ed:a0:b1:ce:55:73:6e:3d:9a:bd:6e:12:d6:46:ac:
99:c0:d2:26:ae:1a:00:f7:76:57:89:4c:19:63:7e:
2b:41:5d:39:7c:ed:f9:2d:d2:29:14:90:7f:85:5a:
21:a3:09:0b:4d:a7:19:70:74:5b:a8:40:37:30:ab:
b5:e8:36:d2:88:99:92:06:6f:93:45:3f:b1:9d:89:
21:59:81:78:46:f1:23:96:c9:d4:16:2c:7a:f7:b8:
f3:c1:90:32:39:80:67:78:38:7d:d1:9f:9f:47:a3:
55:8d:c3:bb:8a:c8:4b:43:dd:42:74:e3:c1:98:7a:
fd:9a:3c:44:9a:19:73:8e:06:d6:95:7e:96:2f:7b:
b5:9f:0e:11:9f:23:2e:e5:2a:10:13:c6:4b:9b:90:
7e:da:4a:ea:19:f0:c3:0a:11:82:9b:cf:4c:13:61:
57:1b:dd:59:35:1a:d6:f7:30:93:e0:8c:ee:b5:0c:
d7:a3:80:82:c5:87:37:69:6e:85:f4:4b:8d:3e:70:
f1:6d:3b:5a:45:99:f9:76:eb:a1:bd:ec:93:ed:70:
94:7c:5c:9a:ed:31:4e:4a:88:99:e6:41:91:fc:d8:
db:c4:e6:ce:1c:56:4c:03:36:ba:4b:bc:d9:14:06:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:66:9E:50:05:A5:A5:9D:AA:14:71:7D:17:2E:C7:A7:4A:95:9D:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/amaeUAWlpZ2qFHF9Fy7Hp0qVnfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0-82.152.178.255
82.153.136.0/22
82.153.205.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:f8:7b:e3:dc:21:3e:bc:db:a4:bc:54:02:56:ec:2f:4b:a8:
2b:ae:ee:da:dc:42:61:02:64:34:4b:5c:c5:97:cd:c3:a7:cd:
71:90:c2:48:01:59:70:c7:0f:b3:cd:a0:98:02:73:70:42:22:
bd:2d:7e:ca:e3:64:af:47:35:11:b8:3e:ac:5e:ca:8c:d4:75:
6a:ae:81:5b:1d:b9:46:db:d1:4f:61:7f:4f:ad:d1:3d:7d:2c:
74:00:1b:9c:fd:8e:e7:d2:8e:31:f6:ba:18:46:56:0b:b8:0b:
64:e8:5f:b8:86:3e:4d:38:02:9c:bb:2a:f9:55:43:dd:50:e6:
72:8f:36:68:48:7d:bd:b1:e5:0b:4c:d7:d5:cb:fb:05:66:e4:
3c:f0:dd:da:52:cf:fc:f3:38:b6:48:90:87:95:d0:60:37:af:
49:32:12:50:9b:89:f4:99:46:8a:90:3e:a6:2c:27:60:bb:13:
f1:f2:97:79:56:d8:8b:e5:51:51:c2:6a:72:e0:39:c5:c0:60:
45:7c:af:f4:07:f2:17:ea:d4:f8:4f:b2:cd:d0:85:c0:7e:c3:
a7:1b:91:4d:63:c6:b0:a9:1b:26:15:07:41:dc:ca:48:99:89:
d9:4c:27:0f:66:69:03:a1:74:18:85:9a:ab:6b:6f:79:39:5a:
76:42:89:e9
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZHcI/LInrsy5ZJS4EWVK0lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTEwMTMzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY2OWU1MDA1YTVhNTlkYWExNDcxN2QxNzJlYzdhNzRhOTU5ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5yk88NDohJ4ow2stoPtoLHOVXNu
PZq9bhLWRqyZwNImrhoA93ZXiUwZY34rQV05fO35LdIpFJB/hVohowkLTacZcHRb
qEA3MKu16DbSiJmSBm+TRT+xnYkhWYF4RvEjlsnUFix697jzwZAyOYBneDh90Z+f
R6NVjcO7ishLQ91CdOPBmHr9mjxEmhlzjgbWlX6WL3u1nw4RnyMu5SoQE8ZLm5B+
2krqGfDDChGCm89ME2FXG91ZNRrW9zCT4IzutQzXo4CCxYc3aW6F9EuNPnDxbTta
RZn5duuhveyT7XCUfFya7TFOSoiZ5kGR/NjbxObOHFZMAza6S7zZFAaDWQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFGpmnlAFpaWdqhRxfRcux6dKlZ3xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYW1hZVVBV2xwWjJxRkhGOUZ5N0hwMHFWbmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgwDAME
BFKYsAMEAFKYsgMEAlKZiAMEAFKZzQMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnVOAME
AFnVgQMEAFnVkTAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ
1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAG2wwQMEAm2wzAMEAW2w8gMEAbkxfgME
BMJpUAMEAdQmWAMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEB
CwUAA4IBAQBb+Hvj3CE+vNukvFQCVuwvS6grru7a3EJhAmQ0S1zFl83Dp81xkMJI
AVlwxw+zzaCYAnNwQiK9LX7K42SvRzURuD6sXsqM1HVqroFbHblG29FPYX9PrdE9
fSx0ABuc/Y7n0o4x9roYRlYLuAtk6F+4hj5NOAKcuyr5VUPdUOZyjzZoSH29seUL
TNfVy/sFZuQ88N3aUs/88zi2SJCHldBgN69JMhJQm4n0mUaKkD6mLCdguxPx8pd5
VtiL5VFRwmpy4DnFwGBFfK/0B/IX6tT4T7LN0IXAfsOnG5FNY8awqRsmFQdB3MpI
mYnZTCcPZmkDoXQYhZqra295OVp2Qonp
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:27 2025 by rpki-client