Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bd9OUvcQa_G1Kt67W1zU4CmDbrM.roa
File: bd9OUvcQa_G1Kt67W1zU4CmDbrM.roa (raw, json)
Hash identifier: PriqxaA+gyIzFyQqKvBoUbsaKCGOO6ea3LHZ9harPHg=
Subject key identifier: 6D:DF:4E:52:F7:10:6B:F1:B5:2A:DE:BB:5B:5C:D4:E0:29:83:6E:B3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143F04483D66BFBDEA69FDC17DC6376
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bd9OUvcQa_G1Kt67W1zU4CmDbrM.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f0:44:83:d6:6b:fb:de:a6:9f:dc:17:dc:63:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ddf4e52f7106bf1b52adebb5b5cd4e029836eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:78:ed:50:ef:d3:9c:e1:3d:61:d2:a6:ee:
d2:57:04:8e:81:7f:b7:09:f2:78:86:a2:67:b4:ba:
0d:7f:bb:08:5e:05:67:e3:0c:f4:16:34:d9:86:9c:
c1:c4:1e:80:a4:0c:94:e9:ac:88:9a:5e:36:9f:42:
76:ea:88:07:81:e0:32:2c:18:e9:9e:5b:69:9e:02:
f2:7d:5d:e0:21:e5:0f:32:c5:86:f3:ee:9d:68:d3:
4e:75:4e:80:37:18:d1:03:17:a8:20:f3:71:27:4c:
55:08:73:f1:76:60:68:ed:f2:e4:9f:8c:f0:7e:dd:
d6:5b:a8:29:07:76:ba:ba:d2:59:87:38:41:e7:49:
99:80:22:4b:28:d0:19:93:5a:6f:7a:68:3a:f2:2e:
9e:d0:99:f3:f0:cb:f8:76:6c:9a:66:84:62:40:ca:
b4:a0:ba:ea:73:b3:21:0e:4c:2a:74:16:38:1a:8d:
74:fe:47:9b:56:25:5f:44:92:58:f5:ac:ff:a7:65:
95:19:1b:54:13:f8:02:52:8e:e2:f3:b8:d2:fb:b2:
e2:53:2b:a0:b2:3e:b7:87:1a:5a:c5:42:20:3e:34:
91:8c:bc:bf:ec:43:3c:fc:c8:60:5c:49:69:93:75:
43:42:32:7c:2b:95:e1:e3:74:3b:a4:9f:8f:ac:a3:
db:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DF:4E:52:F7:10:6B:F1:B5:2A:DE:BB:5B:5C:D4:E0:29:83:6E:B3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bd9OUvcQa_G1Kt67W1zU4CmDbrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f1:43:83:f9:94:2e:03:5c:df:79:b4:62:28:87:9e:54:b7:
26:91:9d:7e:cf:bc:43:26:da:36:16:ce:80:28:0a:7a:6f:51:
30:31:b4:a9:b5:0a:5a:c4:5d:81:7d:ec:6e:0b:45:7c:29:a7:
21:5c:1f:df:65:a0:b6:64:69:7f:7a:8f:e7:6e:77:c4:87:ee:
1b:d8:82:12:2e:37:df:bd:1f:29:0b:6c:d8:83:07:9e:ff:a1:
39:76:f6:40:96:2e:9f:e8:7b:76:40:da:66:7c:50:c3:05:1e:
b8:40:d6:56:a7:bb:06:13:36:04:7a:e4:2f:13:1c:97:8b:9b:
e4:4d:01:cd:28:49:fe:bd:1c:f2:ac:e4:f3:9f:01:3a:e6:6b:
0b:f3:e2:52:64:20:d0:8b:73:c8:85:11:8e:99:39:9a:05:bd:
21:23:2d:b5:66:3c:f0:5a:3f:ec:3a:0f:dd:f8:43:a0:e9:b9:
84:04:fa:79:60:76:21:07:3d:cb:19:02:fa:fa:e5:52:bb:0a:
cb:5d:b2:cc:87:a8:43:e1:f5:ce:5c:67:de:8c:07:c5:cb:92:
b8:f3:c4:0a:72:21:f7:b3:0d:27:fa:04:e8:5e:1f:79:5a:02:
44:af:ae:ab:10:3e:dd:d3:2c:21:1b:dc:64:44:be:ed:0f:bd:
44:83:38:bf
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQhQ/BEg9Zr+96mn9wX3GN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRmNGU1MmY3MTA2YmYxYjUyYWRlYmI1YjVjZDRlMDI5ODM2ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUh47VDv05zhPWHSpu7SVwSOgX+3
CfJ4hqJntLoNf7sIXgVn4wz0FjTZhpzBxB6ApAyU6ayIml42n0J26ogHgeAyLBjp
nltpngLyfV3gIeUPMsWG8+6daNNOdU6ANxjRAxeoIPNxJ0xVCHPxdmBo7fLkn4zw
ft3WW6gpB3a6utJZhzhB50mZgCJLKNAZk1pvemg68i6e0Jnz8Mv4dmyaZoRiQMq0
oLrqc7MhDkwqdBY4Go10/kebViVfRJJY9az/p2WVGRtUE/gCUo7i87jS+7LiUyug
sj63hxpaxUIgPjSRjLy/7EM8/MhgXElpk3VDQjJ8K5Xh43Q7pJ+PrKPb8QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFG3fTlL3EGvxtSreu1tc1OApg26zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmQ5T1V2Y1FhX0cxS3Q2N1cxelU0Q21EYnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZIgMEAFKZJQMEAFKZRQMEAFKZSAMEAFKZTwME
AFKZhAMEAFKZ4AMEAFnVBAMEAFnVBwMEAFnVggMEAFnVvgMEAG2w9wMEAG2w+wME
ALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAIvFDg/mULgNc33m0YiiHnlS3JpGdfs+8
QybaNhbOgCgKem9RMDG0qbUKWsRdgX3sbgtFfCmnIVwf32WgtmRpf3qP5253xIfu
G9iCEi43370fKQts2IMHnv+hOXb2QJYun+h7dkDaZnxQwwUeuEDWVqe7BhM2BHrk
LxMcl4ub5E0BzShJ/r0c8qzk858BOuZrC/PiUmQg0ItzyIURjpk5mgW9ISMttWY8
8Fo/7DoP3fhDoOm5hAT6eWB2IQc9yxkC+vrlUrsKy12yzIeoQ+H1zlxn3owHxcuS
uPPECnIh97MNJ/oE6F4feVoCRK+uqxA+3dMsIRvcZES+7Q+9RIM4vw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:36 2025 by rpki-client