Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cMXJUbW_Zc442lNKKOq10ixVjRI.roa
File: cMXJUbW_Zc442lNKKOq10ixVjRI.roa (raw, json)
Hash identifier: tXtUJufF25PSw7q9Or6F31+ztN4swhyhbJdyN2/bdJA=
Subject key identifier: 70:C5:C9:51:B5:BF:65:CE:38:DA:53:4A:28:EA:B5:D2:2C:55:8D:12
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019407705676DE565654127E8A8DDC75C5F4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cMXJUbW_Zc442lNKKOq10ixVjRI.roa
Signing time: Fri 27 Dec 2024 09:26:30 +0000
ROA not before: Fri 27 Dec 2024 09:26:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Dec 2024 20:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:70:56:76:de:56:56:54:12:7e:8a:8d:dc:75:c5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 27 09:26:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70c5c951b5bf65ce38da534a28eab5d22c558d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:e2:d4:a5:1a:3e:e2:e4:91:a5:d9:91:7c:
d0:9a:2e:1f:d8:51:35:86:4e:c0:e5:57:31:a3:83:
5d:80:e3:84:20:a4:42:78:b4:52:5a:55:94:34:77:
86:35:9a:17:9d:5e:64:2e:4e:f7:32:8d:f8:b6:54:
25:1d:89:73:fc:0a:e2:f8:d7:37:0f:d8:1a:34:49:
86:de:3d:73:74:26:71:ef:8e:8f:1d:21:4d:8b:dc:
f1:d6:ed:2b:62:f2:d7:bd:92:29:cf:0f:60:68:15:
30:1c:06:d9:88:9a:04:40:f1:b9:26:91:db:d9:3d:
21:49:b1:fa:f7:1c:d6:0d:5f:4b:b1:d3:3c:0e:11:
53:bb:88:60:cd:86:ca:6a:a0:ca:0b:9b:54:84:77:
3e:89:32:66:e7:68:87:b8:0d:40:14:7d:f3:b8:9a:
8b:92:5c:d4:db:6d:1b:ea:c0:45:d3:3b:42:d7:17:
4e:b9:39:3f:e5:18:c8:94:7d:e4:da:87:f0:25:5b:
e7:d7:08:2e:0b:54:2a:d9:6e:15:6e:7e:69:d5:88:
5d:d4:4e:1a:41:54:80:06:69:d8:0a:ae:5f:af:a9:
66:d2:2e:dc:69:31:1a:0a:76:de:76:3f:41:d6:2e:
5b:39:bf:cc:cd:9b:eb:f6:0a:93:8e:bb:61:68:2f:
a3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C5:C9:51:B5:BF:65:CE:38:DA:53:4A:28:EA:B5:D2:2C:55:8D:12
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cMXJUbW_Zc442lNKKOq10ixVjRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
76:f9:e1:da:50:95:fa:c2:f0:59:92:98:b4:0c:58:da:e6:e3:
3a:df:ba:b0:4a:bb:54:de:0b:cb:33:a0:9e:27:6f:47:2e:87:
c8:77:92:bb:1d:81:58:a8:ca:c4:0b:e8:b8:b0:d0:64:fd:be:
89:b6:00:ba:d8:c9:32:58:08:0d:4f:a2:7b:a1:04:01:2c:23:
6d:cd:27:db:1c:70:ed:0f:fc:d0:ce:5c:bf:4f:3f:06:22:2a:
be:ff:ee:bd:2a:68:f9:fc:a1:02:21:a9:69:cf:ef:b8:07:6e:
3f:2e:43:d5:a4:41:c5:b4:4f:36:fc:9a:51:cc:2f:bf:3d:cd:
6e:61:b0:61:f9:a8:30:6c:75:1e:26:98:44:be:84:65:f8:a3:
f3:7c:ac:f9:ce:b3:b1:5b:03:21:28:3c:26:3a:3a:7e:30:ec:
d0:1f:40:06:17:2a:08:98:0a:90:80:11:9d:08:1f:81:bb:fb:
95:af:d1:2e:21:04:3b:2f:d7:22:67:10:df:86:1f:a9:83:04:
ae:a8:fd:11:16:2f:6f:ad:b5:e5:bb:26:42:9a:ca:60:b1:33:
09:d4:f0:3d:79:aa:59:de:64:00:de:30:f7:69:22:ae:0a:dc:
0d:39:ac:89:ec:98:b2:36:71:45:ac:d3:35:d9:58:53:11:53:
11:03:ad:41
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZQHcFZ23lZWVBJ+io3cdcX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjI3MDkyNjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM1Yzk1MWI1YmY2NWNlMzhkYTUzNGEyOGVhYjVkMjJjNTU4ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXni1KUaPuLkkaXZkXzQmi4f2FE1
hk7A5Vcxo4NdgOOEIKRCeLRSWlWUNHeGNZoXnV5kLk73Mo34tlQlHYlz/Ari+Nc3
D9gaNEmG3j1zdCZx746PHSFNi9zx1u0rYvLXvZIpzw9gaBUwHAbZiJoEQPG5JpHb
2T0hSbH69xzWDV9LsdM8DhFTu4hgzYbKaqDKC5tUhHc+iTJm52iHuA1AFH3zuJqL
klzU220b6sBF0ztC1xdOuTk/5RjIlH3k2ofwJVvn1wguC1Qq2W4Vbn5p1Yhd1E4a
QVSABmnYCq5fr6lm0i7caTEaCnbedj9B1i5bOb/MzZvr9gqTjrthaC+j3wIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFHDFyVG1v2XOONpTSijqtdIsVY0SMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY01YSlViV19aYzQ0MmxOS0tPcTEwaXhWalJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWkAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cADBABZ1dQwDAMEAlnV5AMEBFnV4AME
A22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEAtXSNAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQB2+eHa
UJX6wvBZkpi0DFja5uM637qwSrtU3gvLM6CeJ29HLofId5K7HYFYqMrEC+i4sNBk
/b6JtgC62MkyWAgNT6J7oQQBLCNtzSfbHHDtD/zQzly/Tz8GIiq+/+69Kmj5/KEC
Ialpz++4B24/LkPVpEHFtE82/JpRzC+/Pc1uYbBh+agwbHUeJphEvoRl+KPzfKz5
zrOxWwMhKDwmOjp+MOzQH0AGFyoImAqQgBGdCB+Bu/uVr9EuIQQ7L9ciZxDfhh+p
gwSuqP0RFi9vrbXluyZCmspgsTMJ1PA9eapZ3mQA3jD3aSKuCtwNOayJ7JiyNnFF
rNM12VhTEVMRA61B
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:19 2025 by rpki-client