Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bLGOnlrC_er8Zd0CIaI9MyBfZ0c.roa
File: bLGOnlrC_er8Zd0CIaI9MyBfZ0c.roa (raw, json)
Hash identifier: jAU46ikwq+TL45cXnE0Gdlwabec3rBBmXptJVd7Zivs=
Subject key identifier: 6C:B1:8E:9E:5A:C2:FD:EA:FC:65:DD:02:21:A2:3D:33:20:5F:67:47
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FDDC4B7B24F1A4C61AC155011E9F8095F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bLGOnlrC_er8Zd0CIaI9MyBfZ0c.roa
Signing time: Mon 03 Jun 2024 11:03:27 +0000
ROA not before: Mon 03 Jun 2024 11:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 07:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:c4:b7:b2:4f:1a:4c:61:ac:15:50:11:e9:f8:09:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 3 11:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb18e9e5ac2fdeafc65dd0221a23d33205f6747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:de:3d:a3:1a:a9:99:9f:d7:7a:87:2e:15:1e:
38:4a:2c:b6:ee:b7:4e:87:19:90:22:7c:e4:6f:40:
bf:a3:8d:b7:d3:57:e5:cd:af:6b:f8:4b:69:c9:88:
fe:e2:42:d9:3d:25:f5:cc:43:0a:e5:ba:14:5e:38:
4d:02:33:18:db:7c:33:f0:5b:89:23:01:6e:e3:4f:
7b:7e:21:90:c8:f9:9c:c9:0b:86:35:f5:c5:ca:a1:
64:97:6c:fe:81:96:a0:f0:17:93:94:bf:f5:c5:83:
e9:0d:19:65:77:c5:3e:04:28:aa:d2:fe:26:3c:8b:
3f:f1:01:22:1b:87:2e:e8:26:0c:3d:e2:5d:a9:ff:
20:0d:2b:78:41:ed:1f:2c:ac:5d:09:55:9c:47:0b:
55:07:02:a6:95:b6:c9:e5:df:c4:f1:b4:e8:21:eb:
6a:a5:b5:d1:81:12:31:86:e6:e5:9e:3d:a2:cf:82:
13:b0:ba:c5:d5:d5:7a:de:5f:b8:51:79:08:2f:3f:
c4:88:3b:f1:50:cb:aa:77:46:13:ec:75:99:7a:7d:
4d:2e:1e:49:15:0d:d3:37:82:d7:b4:f9:c0:c9:71:
73:b1:69:e4:2e:8a:7c:21:50:f2:90:80:32:08:ba:
e3:8e:d5:03:90:d3:d2:ac:b1:5a:e6:47:d5:cf:53:
2c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B1:8E:9E:5A:C2:FD:EA:FC:65:DD:02:21:A2:3D:33:20:5F:67:47
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bLGOnlrC_er8Zd0CIaI9MyBfZ0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.238.0/23
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
60:86:70:d2:c1:21:f7:31:71:2c:dc:06:2c:6a:5b:7c:bc:61:
9d:9c:af:99:9a:4f:d8:16:e3:ed:44:b9:e8:36:8b:5d:5a:32:
93:11:05:3f:d5:9c:8e:94:4a:44:78:ed:a4:1c:21:a4:98:dc:
2d:6c:5f:30:f8:b6:9e:3a:dc:82:e2:1b:1f:e8:05:0c:48:bc:
3b:23:18:26:9e:e2:81:e3:a2:41:69:3f:a0:99:b4:d7:8e:66:
d1:91:b2:6d:16:12:cf:f9:af:a5:a6:62:d7:ff:99:1a:24:75:
e7:5d:4c:b1:62:69:18:20:74:e2:b8:44:b4:da:1a:e1:ef:1f:
0b:9d:00:af:56:0f:91:58:e6:01:a9:8d:03:8e:e1:26:a0:9e:
ce:cb:00:58:b2:84:a6:9f:4c:7a:22:65:55:64:bd:29:65:39:
91:30:ea:c3:9f:46:ae:65:ab:17:13:24:fc:31:41:40:dd:7c:
3c:e5:31:14:f6:1c:bc:b4:7d:d5:ec:a0:5d:7e:c8:86:dc:5b:
e0:3c:54:c7:33:99:69:fd:c3:8b:04:18:96:c5:34:cf:59:7b:
ac:93:d1:85:ea:c8:d4:90:60:dc:05:58:c0:f6:73:5c:45:fe:
cc:7a:58:f3:74:fe:b2:0d:e3:a5:33:2a:09:fe:50:6c:66:4c:
5d:19:c6:b4
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY/dxLeyTxpMYawVUBHp+AlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjAzMTEwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2IxOGU5ZTVhYzJmZGVhZmM2NWRkMDIyMWEyM2QzMzIwNWY2NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t49oxqpmZ/XeocuFR44Siy27rdO
hxmQInzkb0C/o42301flza9r+EtpyYj+4kLZPSX1zEMK5boUXjhNAjMY23wz8FuJ
IwFu4097fiGQyPmcyQuGNfXFyqFkl2z+gZag8BeTlL/1xYPpDRlld8U+BCiq0v4m
PIs/8QEiG4cu6CYMPeJdqf8gDSt4Qe0fLKxdCVWcRwtVBwKmlbbJ5d/E8bToIetq
pbXRgRIxhublnj2iz4ITsLrF1dV63l+4UXkILz/EiDvxUMuqd0YT7HWZen1NLh5J
FQ3TN4LXtPnAyXFzsWnkLop8IVDykIAyCLrjjtUDkNPSrLFa5kfVz1MsFQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFGyxjp5awv3q/GXdAiGiPTMgX2dHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYkxHT25sckNfZXI4WmQwQ0lhSTlNeUJmWjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBUpiwAwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEA22w
EAMEAbkxfgMEBMJpUAMEAdQmWAMEAdXa0gMEAdXa7gMEANmRRDANBgkqhkiG9w0B
AQsFAAOCAQEAYIZw0sEh9zFxLNwGLGpbfLxhnZyvmZpP2Bbj7US56DaLXVoykxEF
P9WcjpRKRHjtpBwhpJjcLWxfMPi2njrcguIbH+gFDEi8OyMYJp7igeOiQWk/oJm0
145m0ZGybRYSz/mvpaZi1/+ZGiR1511MsWJpGCB04rhEtNoa4e8fC50Ar1YPkVjm
AamNA47hJqCezssAWLKEpp9MeiJlVWS9KWU5kTDqw59GrmWrFxMk/DFBQN18POUx
FPYcvLR91eygXX7Ihtxb4DxUxzOZaf3DiwQYlsU0z1l7rJPRherI1JBg3AVYwPZz
XEX+zHpY83T+sg3jpTMqCf5QbGZMXRnGtA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:26 2025 by rpki-client