Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ar8Og_fzE925FgEi91BigG705h8.roa
File: ar8Og_fzE925FgEi91BigG705h8.roa (raw, json)
Hash identifier: A1a+F8/l5QCPEWm13f1Bi7gq1Bq2/SiDZHi3W39PkSY=
Subject key identifier: 6A:BF:0E:83:F7:F3:13:DD:B9:16:01:22:F7:50:62:80:6E:F4:E6:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193AB06FF44E99386CD8B0DC15A28BB8E8E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ar8Og_fzE925FgEi91BigG705h8.roa
Signing time: Mon 09 Dec 2024 10:46:22 +0000
ROA not before: Mon 09 Dec 2024 10:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.153.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 14:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:06:ff:44:e9:93:86:cd:8b:0d:c1:5a:28:bb:8e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 10:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6abf0e83f7f313ddb9160122f75062806ef4e61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:15:c3:86:86:82:d6:eb:82:72:b9:19:da:
ae:24:f4:5e:41:eb:e2:c5:da:1f:e8:85:95:5e:2c:
65:20:09:94:64:48:e6:41:f0:bd:b2:f2:22:c2:7f:
eb:f3:23:bd:0f:5d:8b:b9:6b:bb:32:4e:76:d7:72:
be:07:d1:00:50:23:e7:1c:63:51:51:e3:66:5d:c4:
69:3b:64:77:b5:52:5c:e9:52:1b:2a:21:6b:4d:0f:
bd:5e:0e:d1:bc:46:de:72:7a:94:1e:50:b1:ea:f7:
3a:95:5f:91:e1:ef:06:e9:87:a9:3a:df:57:8d:0f:
86:8a:3e:aa:1a:fe:fc:a7:2d:04:68:ea:cc:4b:ec:
f6:53:d3:da:46:bb:c0:dd:31:b0:52:c8:70:aa:1a:
82:c5:51:91:37:4c:c6:f9:0d:0e:64:b9:e8:c5:72:
81:0f:a0:fd:25:b1:b8:c5:9d:7a:dc:7d:2b:28:31:
c8:d6:72:b3:34:72:44:69:ad:c6:3e:eb:03:b4:d7:
9b:f2:27:7b:eb:c1:13:82:1f:8b:e4:b0:50:66:6a:
da:65:35:47:ec:1c:44:c7:1d:2d:71:4f:cf:dc:9d:
2c:76:f9:d4:d8:84:d4:c4:21:69:47:6a:f5:c8:89:
a9:cf:f5:03:74:38:d4:9e:00:98:7a:f7:84:0e:bd:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BF:0E:83:F7:F3:13:DD:B9:16:01:22:F7:50:62:80:6E:F4:E6:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ar8Og_fzE925FgEi91BigG705h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.130.153.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
28:50:c5:d2:e6:e0:52:aa:75:02:fc:70:51:c7:19:d6:50:18:
6b:f6:14:6a:34:ae:a3:60:92:1d:ba:a7:69:50:c2:ab:dc:a6:
06:9c:c4:d1:b3:62:96:a5:23:49:ee:61:dc:55:71:6e:1d:85:
d1:aa:b7:01:47:46:1b:19:f1:66:9d:ba:b1:f3:cb:32:0d:91:
ed:70:96:1f:16:1d:fb:97:fb:f9:80:54:4c:76:fa:1c:92:72:
88:74:a6:2e:6f:6e:cb:5f:dc:f5:be:99:73:e7:c8:95:41:c8:
d9:0a:b5:56:3e:64:9b:82:1d:78:d4:77:d0:18:bb:f1:a0:6f:
19:36:09:45:a2:76:1b:fd:7e:9f:90:29:f3:81:cc:b1:27:36:
a3:f3:82:08:76:05:13:a4:14:36:3e:32:2a:f4:2f:9a:be:b9:
7c:68:61:0e:b0:48:81:d2:58:42:6e:f2:bd:02:33:a6:2f:27:
4d:5a:8e:90:ad:72:a1:61:50:c5:c2:e2:9c:06:84:c3:2f:b8:
b9:26:b3:93:91:ea:7e:f4:28:40:b0:f3:8a:78:5b:31:cc:1e:
fd:e7:b5:5f:13:88:0a:c6:46:f0:fc:a5:9e:20:09:21:f7:c2:
14:2d:5b:42:66:a2:07:03:31:e5:e4:7e:ed:bc:b1:07:8a:c9:
d3:1b:56:57
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZOrBv9E6ZOGzYsNwVoou46OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA5MTA0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJmMGU4M2Y3ZjMxM2RkYjkxNjAxMjJmNzUwNjI4MDZlZjRlNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoygVw4aGgtbrgnK5GdquJPReQevi
xdof6IWVXixlIAmUZEjmQfC9svIiwn/r8yO9D12LuWu7Mk5213K+B9EAUCPnHGNR
UeNmXcRpO2R3tVJc6VIbKiFrTQ+9Xg7RvEbecnqUHlCx6vc6lV+R4e8G6YepOt9X
jQ+Gij6qGv78py0EaOrMS+z2U9PaRrvA3TGwUshwqhqCxVGRN0zG+Q0OZLnoxXKB
D6D9JbG4xZ163H0rKDHI1nKzNHJEaa3GPusDtNeb8id768ETgh+L5LBQZmraZTVH
7BxExx0tcU/P3J0sdvnU2ITUxCFpR2r1yImpz/UDdDjUngCYeveEDr2aDQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFGq/DoP38xPduRYBIvdQYoBu9OYfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYXI4T2dfZnpFOTI1RmdFaTkxQmlnRzcwNWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWnAwQCWdWs
AwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAME
AW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEANWCmQMEAtXSNAMEANXa0zAMAwQA2ZFB
AwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAoUMXS5uBSqnUC/HBRxxnW
UBhr9hRqNK6jYJIduqdpUMKr3KYGnMTRs2KWpSNJ7mHcVXFuHYXRqrcBR0YbGfFm
nbqx88syDZHtcJYfFh37l/v5gFRMdvocknKIdKYub27LX9z1vplz58iVQcjZCrVW
PmSbgh141HfQGLvxoG8ZNglFonYb/X6fkCnzgcyxJzaj84IIdgUTpBQ2PjIq9C+a
vrl8aGEOsEiB0lhCbvK9AjOmLydNWo6QrXKhYVDFwuKcBoTDL7i5JrOTkep+9ChA
sPOKeFsxzB7957VfE4gKxkbw/KWeIAkh98IULVtCZqIHAzHl5H7tvLEHisnTG1ZX
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:25:39 2025 by rpki-client