Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2Pk7pxN9mJKlPVgBwzxCLXYexA.roa
File: d2Pk7pxN9mJKlPVgBwzxCLXYexA.roa (raw, json)
Hash identifier: VUV48IshL/s+VQ/4FLsRtyiAIlFWXRol9E9wd/QNHl4=
Subject key identifier: 77:63:E4:EE:9C:4D:F6:62:4A:94:F5:60:07:0C:F1:08:B5:D8:7B:10
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D184416AA7B159E881430DFBACA8FE1D6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2Pk7pxN9mJKlPVgBwzxCLXYexA.roa
Signing time: Wed 17 Jan 2024 16:32:11 +0000
ROA not before: Wed 17 Jan 2024 16:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 81.5.156.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.152.250.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.67.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
89.213.170.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
213.152.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 11:25:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:44:16:aa:7b:15:9e:88:14:30:df:ba:ca:8f:e1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 17 16:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7763e4ee9c4df6624a94f560070cf108b5d87b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:40:63:a7:5f:88:6e:20:b6:2f:d4:0b:0d:
3e:0b:ee:59:53:29:a0:8c:16:b6:5a:00:c0:dc:12:
30:b0:b8:03:0a:e9:99:a0:bb:36:df:7c:44:db:54:
d5:e5:2c:ce:82:0e:7a:f0:4a:da:dc:6a:e6:15:74:
bc:16:84:b8:65:74:7b:db:6a:ea:bd:5e:a0:e5:c4:
e4:69:9a:3b:0d:3e:67:17:f8:50:dd:22:61:c7:1c:
ce:85:24:ba:53:bd:e1:3a:ae:d5:17:06:9f:d2:e6:
97:f9:e4:29:d1:2b:d4:e5:e5:29:dd:9e:7f:ab:93:
df:ee:8d:8b:8f:1f:f0:42:c6:17:89:af:98:fe:f6:
b8:be:73:bb:7f:ce:dc:a6:23:68:21:36:d6:a7:81:
5c:64:d6:6c:3e:43:23:40:3f:89:dd:79:67:f0:6e:
aa:63:28:28:b2:e9:65:14:c8:f4:63:4f:56:82:e2:
9b:c2:aa:70:f9:57:88:27:f2:7e:80:b9:22:dc:ea:
5f:70:e7:88:a0:37:d0:84:75:f5:c9:5f:c1:ed:35:
52:71:57:3b:fa:86:3b:16:76:6e:9b:19:8e:98:86:
eb:63:67:26:45:72:69:28:6b:32:9b:96:61:29:7f:
32:29:05:b3:ca:59:48:5e:2a:de:96:88:8f:12:af:
72:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:63:E4:EE:9C:4D:F6:62:4A:94:F5:60:07:0C:F1:08:B5:D8:7B:10
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2Pk7pxN9mJKlPVgBwzxCLXYexA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
82.152.111.0/24
82.152.250.0/24
82.152.252.0/23
82.152.255.0/24
82.153.67.0/24
82.153.73.0/24
82.153.78.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.248.0/24
82.153.250.0/24
89.213.133.0/24
89.213.135.0-89.213.138.255
89.213.141.0/24
89.213.153.0/24
89.213.163.0/24
89.213.168.0/24
89.213.170.0/24
89.213.185.0/24
89.213.188.0/23
109.176.209.0/24
109.176.211.0/24
109.176.216.0/21
109.176.249.0/24
185.49.125.0/24
213.152.61.0-213.152.62.255
Signature Algorithm: sha256WithRSAEncryption
79:a2:b4:f5:aa:f4:8b:60:cb:ce:1e:dc:5c:27:63:6e:6a:f6:
27:93:e4:54:c3:24:65:2d:39:34:d3:79:a4:f7:61:9d:ff:84:
f9:73:a2:27:5b:40:66:fb:2e:72:c9:e2:bd:30:f9:ea:2f:ac:
db:d6:80:e6:77:86:69:92:89:2a:9b:ef:e7:d3:20:25:0f:17:
27:64:31:5f:de:98:34:a3:77:2d:d5:75:84:65:85:2b:bf:5b:
1b:cc:10:9d:e6:ab:f0:45:ad:0a:69:e5:5e:ed:c9:78:89:03:
5a:f0:f8:05:36:25:89:96:87:f8:9f:45:22:54:59:be:7c:cd:
a5:f2:0d:09:de:c3:ea:c6:79:65:b0:03:6d:74:da:71:bf:51:
08:bf:9a:e1:6f:e2:cc:8a:ea:cf:fa:f9:16:59:2e:44:cf:8b:
d3:dd:97:8c:d3:b0:dd:fb:53:db:c5:f6:cf:fd:21:91:f4:89:
62:eb:fd:9d:0f:12:fc:aa:fa:46:9a:47:0c:9a:08:ba:6f:b2:
15:64:52:8d:2f:25:b4:fc:64:83:4a:81:78:62:d7:5a:66:ed:
d2:bf:52:3d:96:9a:51:43:75:ef:6e:c4:96:c6:f1:5d:57:58:
7f:82:d6:39:53:a8:b0:69:7e:c3:be:a7:2e:dc:f9:39:4b:8b:
e4:73:40:92
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAY0YRBaqexWeiBQw37rKj+HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTE3MTYzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYzZTRlZTljNGRmNjYyNGE5NGY1NjAwNzBjZjEwOGI1ZDg3YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNRAY6dfiG4gti/UCw0+C+5ZUymg
jBa2WgDA3BIwsLgDCumZoLs233xE21TV5SzOgg568Era3GrmFXS8FoS4ZXR722rq
vV6g5cTkaZo7DT5nF/hQ3SJhxxzOhSS6U73hOq7VFwaf0uaX+eQp0SvU5eUp3Z5/
q5Pf7o2Ljx/wQsYXia+Y/va4vnO7f87cpiNoITbWp4FcZNZsPkMjQD+J3Xln8G6q
YygosullFMj0Y09WguKbwqpw+VeIJ/J+gLki3OpfcOeIoDfQhHX1yV/B7TVScVc7
+oY7FnZumxmOmIbrY2cmRXJpKGsym5ZhKX8yKQWzyllIXireloiPEq9ypQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFHdj5O6cTfZiSpT1YAcM8Qi12HsQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZDJQazdweE45bUpLbFBWZ0J3enhDTFhZZXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABR
BZwDBABRqCkDBABSmG8DBABSmPoDBAFSmPwDBABSmP8DBABSmUMDBABSmUkDBABS
mU4DBABSmYkwDAMEAFKZiwMEAFKZjAMEAFKZ3QMEAFKZ3wMEAFKZ8AMEAFKZ+AME
AFKZ+gMEAFnVhTAMAwQAWdWHAwQAWdWKAwQAWdWNAwQAWdWZAwQAWdWjAwQAWdWo
AwQAWdWqAwQAWdW5AwQBWdW8AwQAbbDRAwQAbbDTAwQDbbDYAwQAbbD5AwQAuTF9
MAwDBADVmD0DBADVmD4wDQYJKoZIhvcNAQELBQADggEBAHmitPWq9Itgy84e3Fwn
Y25q9ieT5FTDJGUtOTTTeaT3YZ3/hPlzoidbQGb7LnLJ4r0w+eovrNvWgOZ3hmmS
iSqb7+fTICUPFydkMV/emDSjdy3VdYRlhSu/WxvMEJ3mq/BFrQpp5V7tyXiJA1rw
+AU2JYmWh/ifRSJUWb58zaXyDQnew+rGeWWwA2102nG/UQi/muFv4syK6s/6+RZZ
LkTPi9Pdl4zTsN37U9vF9s/9IZH0iWLr/Z0PEvyq+kaaRwyaCLpvshVkUo0vJbT8
ZINKgXhi11pm7dK/Uj2WmlFDde9uxJbG8V1XWH+C1jlTqLBpfsO+py7c+TlLi+Rz
QJI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:26 2025 by rpki-client