Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dKFWvthLnKFFcyY6Sk93hvK_j3E.roa
File: dKFWvthLnKFFcyY6Sk93hvK_j3E.roa (raw, json)
Hash identifier: 9huI6ZRPPbgTuZONOHXhGJbTob7EnjQhQ6xGvj1Bpoc=
Subject key identifier: 74:A1:56:BE:D8:4B:9C:A1:45:73:26:3A:4A:4F:77:86:F2:BF:8F:71
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192FD4C309D41880A809F1C06A0A2524FFD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dKFWvthLnKFFcyY6Sk93hvK_j3E.roa
Signing time: Tue 05 Nov 2024 17:08:01 +0000
ROA not before: Tue 05 Nov 2024 17:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.163.23.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.153.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 12:57:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:4c:30:9d:41:88:0a:80:9f:1c:06:a0:a2:52:4f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 5 17:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74a156bed84b9ca14573263a4a4f7786f2bf8f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:52:a3:39:96:34:10:73:ca:da:72:92:0e:
11:bc:ba:9f:df:9c:d3:90:98:b0:ba:e6:a4:5f:5b:
f2:0e:40:d3:18:a6:44:f1:ca:e9:41:a6:e5:f3:6b:
4b:5e:2c:30:a5:7c:cc:ce:15:ed:8a:9d:4b:e4:fc:
c2:35:c1:9d:cb:a5:e4:45:5a:34:53:b7:da:27:67:
ec:8c:f2:ef:47:02:ee:c0:f1:df:92:67:d3:49:dd:
db:85:bb:70:8f:98:ca:78:c2:f8:fc:c5:b9:ad:a2:
9e:36:1f:cc:49:3f:5b:05:5d:e3:46:50:61:59:d2:
5a:58:28:67:21:0f:63:d4:09:f5:42:19:45:13:20:
c6:03:c5:50:76:29:e3:33:30:32:e7:13:4e:e9:a5:
81:73:c6:c4:44:2c:a3:7d:84:c6:50:be:72:82:29:
df:c6:17:77:be:8a:38:07:a2:8e:de:d5:02:6c:c9:
38:a0:eb:63:0b:3d:1d:dd:d2:a4:9d:21:ad:12:16:
4d:87:69:b3:9e:8e:b5:07:72:77:eb:60:ae:f4:e1:
52:dc:c2:f5:4e:c2:63:48:23:a1:76:9d:e1:44:fa:
65:89:79:44:f9:ff:50:a4:d0:96:d3:fe:8f:25:a1:
d6:fd:1d:b7:b5:96:83:72:14:ed:d3:62:42:07:c5:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A1:56:BE:D8:4B:9C:A1:45:73:26:3A:4A:4F:77:86:F2:BF:8F:71
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dKFWvthLnKFFcyY6Sk93hvK_j3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.163.23.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.130.153.0/24
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
31:1a:75:ef:93:90:4d:09:b4:24:f7:87:0a:c1:22:a9:c3:66:
bf:5f:4c:60:6b:d6:cc:ba:4f:60:2c:85:96:9b:9f:87:e9:77:
10:64:c1:4b:81:92:4a:79:ff:1f:aa:18:25:51:b0:13:09:70:
9d:a4:f2:87:dd:6b:02:6d:9c:4b:a7:2d:a2:2f:5a:d4:1a:de:
81:41:ac:6e:26:68:b8:ac:6f:d2:25:b3:8c:d1:d1:20:15:93:
a0:ca:8c:c5:fa:25:81:7d:c5:70:21:57:97:a7:82:d8:4d:93:
78:c7:a2:45:4b:bb:4a:b0:d7:b6:f4:83:d1:85:3b:6e:27:c5:
ca:18:d9:a7:6e:b2:cb:36:8d:41:c6:b3:45:79:70:bd:ec:a7:
4a:37:37:6f:d6:58:53:55:50:29:ff:07:8e:49:dd:e5:98:0f:
20:7c:53:bc:f7:a4:73:f7:66:60:66:6c:c7:8d:f3:f9:aa:b9:
a7:8e:da:92:65:a2:98:4f:6f:21:9e:48:e6:5a:36:e1:f4:c2:
d3:20:d3:cc:38:00:46:1f:60:d1:30:cd:af:29:64:d2:7d:b6:
79:49:bf:93:a0:51:32:d1:6c:5a:29:c1:10:25:9f:ae:18:77:
a4:a0:0c:fd:9d:a8:81:88:eb:f8:79:42:7b:42:80:d8:3f:63:
81:98:ee:e0
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZL9TDCdQYgKgJ8cBqCiUk/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA1MTcwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGExNTZiZWQ4NGI5Y2ExNDU3MzI2M2E0YTRmNzc4NmYyYmY4ZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgNSozmWNBBzytpykg4RvLqf35zT
kJiwuuakX1vyDkDTGKZE8crpQabl82tLXiwwpXzMzhXtip1L5PzCNcGdy6XkRVo0
U7faJ2fsjPLvRwLuwPHfkmfTSd3bhbtwj5jKeML4/MW5raKeNh/MST9bBV3jRlBh
WdJaWChnIQ9j1An1QhlFEyDGA8VQdinjMzAy5xNO6aWBc8bERCyjfYTGUL5yginf
xhd3voo4B6KO3tUCbMk4oOtjCz0d3dKknSGtEhZNh2mzno61B3J362Cu9OFS3ML1
TsJjSCOhdp3hRPpliXlE+f9QpNCW0/6PJaHW/R23tZaDchTt02JCB8UODQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFHShVr7YS5yhRXMmOkpPd4byv49xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEtGV3Z0aExuS0ZGY3lZNlNrOTNodktfajNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAFS
mLADBAJSmYgDBABSoxcDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ
1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgME
BMJpUAMEAdQmWAMEANWCmQMEANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqG
SIb3DQEBCwUAA4IBAQAxGnXvk5BNCbQk94cKwSKpw2a/X0xga9bMuk9gLIWWm5+H
6XcQZMFLgZJKef8fqhglUbATCXCdpPKH3WsCbZxLpy2iL1rUGt6BQaxuJmi4rG/S
JbOM0dEgFZOgyozF+iWBfcVwIVeXp4LYTZN4x6JFS7tKsNe29IPRhTtuJ8XKGNmn
brLLNo1BxrNFeXC97KdKNzdv1lhTVVAp/weOSd3lmA8gfFO896Rz92ZgZmzHjfP5
qrmnjtqSZaKYT28hnkjmWjbh9MLTINPMOABGH2DRMM2vKWTSfbZ5Sb+ToFEy0Wxa
KcEQJZ+uGHekoAz9naiBiOv4eUJ7QoDYP2OBmO7g
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:45 2025 by rpki-client