Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b_x2L7bFBE8thQIxyqXK7rPLq_o.roa
File: b_x2L7bFBE8thQIxyqXK7rPLq_o.roa (raw, json)
Hash identifier: weVwTjAyq/V9BwBgzOPP3SG2G1n2Syt2xW7ZdYsHUKA=
Subject key identifier: 6F:FC:76:2F:B6:C5:04:4F:2D:85:02:31:CA:A5:CA:EE:B3:CB:AB:FA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190BC637B1CEC37A08C33F5C853CD30B2BD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b_x2L7bFBE8thQIxyqXK7rPLq_o.roa
Signing time: Tue 16 Jul 2024 16:32:34 +0000
ROA not before: Tue 16 Jul 2024 16:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.239.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 16:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:63:7b:1c:ec:37:a0:8c:33:f5:c8:53:cd:30:b2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 16 16:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ffc762fb6c5044f2d850231caa5caeeb3cbabfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:30:09:88:0b:97:cb:6c:ab:78:a9:a1:37:
f8:c2:6a:cf:b2:3b:69:30:1b:e9:1e:06:0b:f0:a6:
6d:84:3a:d5:27:ed:e9:c7:69:fe:09:ab:a8:0b:6e:
58:f2:e4:78:af:6e:3c:82:8f:bf:b7:25:1d:8f:e5:
39:1e:d6:49:45:ef:ed:a8:a9:58:8c:41:33:41:13:
40:d2:a5:da:b4:5e:9a:8f:cc:35:d4:7e:0e:6c:5f:
a8:8a:54:7f:e8:d7:bc:df:66:45:43:3e:4c:36:6d:
8e:db:40:46:c3:45:6b:52:be:00:2c:88:42:4a:86:
cd:ba:cc:c4:c2:2c:72:6f:89:fc:0f:03:fa:eb:0d:
53:10:64:75:70:81:98:68:17:4f:22:ba:24:69:12:
44:99:48:c5:3c:32:a6:27:ac:e0:74:16:f9:c0:cc:
a6:90:58:8d:c4:d4:3e:58:a1:14:42:9a:40:1c:a1:
35:3a:9a:21:2b:10:f8:29:3b:b7:b4:85:a3:6f:5b:
d5:a9:eb:8a:c6:ed:64:e0:f5:94:b4:9c:b7:9c:1e:
fd:79:73:63:58:66:4e:76:59:b0:4f:8e:93:a4:02:
a4:c5:42:55:88:3f:63:55:9a:de:f4:60:83:b9:bd:
27:7f:df:77:eb:eb:79:40:87:06:5f:f6:74:5d:c7:
e8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FC:76:2F:B6:C5:04:4F:2D:85:02:31:CA:A5:CA:EE:B3:CB:AB:FA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b_x2L7bFBE8thQIxyqXK7rPLq_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
109.176.239.0/24
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
43:8a:59:2d:b6:dd:8b:4b:3a:a8:88:c3:81:98:fc:80:fe:eb:
d1:f6:a6:9b:64:32:90:a8:f2:64:e8:b6:d5:59:50:25:e8:98:
e4:0f:55:d8:06:ed:86:4b:35:41:b6:2e:77:bc:fc:8f:8c:5f:
01:e5:79:ff:e9:84:3a:e7:d2:8d:37:07:4c:1a:47:c2:41:bd:
d8:a7:1b:13:8f:92:e5:06:1f:6a:dd:f1:0a:7d:89:4f:17:b7:
14:3d:f8:4d:9f:01:79:51:20:4f:95:29:d3:78:4b:40:f7:7d:
56:a1:dd:30:aa:e8:da:3a:b9:47:94:5a:08:03:c4:29:d9:ba:
ba:54:0f:58:ad:93:90:d3:91:76:8d:b9:fe:e6:fd:83:3a:be:
0e:34:9a:ac:4f:b0:a1:d0:8c:4a:3e:8a:6c:0d:27:1d:b7:f5:
d3:47:86:74:cc:0e:21:0e:95:0c:dd:45:75:4b:f7:30:b1:c0:
e6:31:fc:76:ec:78:27:fe:a6:e5:70:bd:58:19:1a:51:99:d1:
59:c5:eb:c4:67:9f:c3:45:7e:90:63:69:58:3e:b8:7d:63:81:
ca:5f:32:b3:7f:bc:96:c3:e3:da:e5:19:3e:38:cc:98:e9:9a:
55:91:de:21:05:81:9e:d3:7b:8a:1c:9f:cd:36:ee:40:b7:cb:
98:28:8a:33
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZC8Y3sc7DegjDP1yFPNMLK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzE2MTYzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZjNzYyZmI2YzUwNDRmMmQ4NTAyMzFjYWE1Y2FlZWIzY2JhYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArncwCYgLl8tsq3ipoTf4wmrPsjtp
MBvpHgYL8KZthDrVJ+3px2n+CauoC25Y8uR4r248go+/tyUdj+U5HtZJRe/tqKlY
jEEzQRNA0qXatF6aj8w11H4ObF+oilR/6Ne832ZFQz5MNm2O20BGw0VrUr4ALIhC
SobNuszEwixyb4n8DwP66w1TEGR1cIGYaBdPIrokaRJEmUjFPDKmJ6zgdBb5wMym
kFiNxNQ+WKEUQppAHKE1OpohKxD4KTu3tIWjb1vVqeuKxu1k4PWUtJy3nB79eXNj
WGZOdlmwT46TpAKkxUJViD9jVZre9GCDub0nf9936+t5QIcGX/Z0XcfoGwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFG/8di+2xQRPLYUCMcqlyu6zy6v6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYl94Mkw3YkZCRTh0aFFJeHlxWEs3clBMcV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFSmLAD
BAJSmYgDBAFZ1TIDBAJZ1TgwDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQE
WdXAAwQDWdXoAwQDbbAQAwQCbbDMAwQAbbDvAwQBuTF+AwQEwmlQAwQB1CZYAwQA
1drTAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBDilkttt2LSzqoiMOB
mPyA/uvR9qabZDKQqPJk6LbVWVAl6JjkD1XYBu2GSzVBti53vPyPjF8B5Xn/6YQ6
59KNNwdMGkfCQb3YpxsTj5LlBh9q3fEKfYlPF7cUPfhNnwF5USBPlSnTeEtA931W
od0wqujaOrlHlFoIA8Qp2bq6VA9YrZOQ05F2jbn+5v2DOr4ONJqsT7Ch0IxKPops
DScdt/XTR4Z0zA4hDpUM3UV1S/cwscDmMfx27Hgn/qblcL1YGRpRmdFZxevEZ5/D
RX6QY2lYPrh9Y4HKXzKzf7yWw+Pa5Rk+OMyY6ZpVkd4hBYGe03uKHJ/NNu5At8uY
KIoz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:57 2025 by rpki-client