Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/diXYwIcm5Z2yOpImc1vEjaw0kLs.roa
File: diXYwIcm5Z2yOpImc1vEjaw0kLs.roa (raw, json)
Hash identifier: BEY04jGvOoUGj5YjnNIpBRDBuby9/POPOkuxlT2oyq8=
Subject key identifier: 76:25:D8:C0:87:26:E5:9D:B2:3A:92:26:73:5B:C4:8D:AC:34:90:BB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019344828AE69377376568DDF5EB4EFE608F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/diXYwIcm5Z2yOpImc1vEjaw0kLs.roa
Signing time: Tue 19 Nov 2024 13:00:26 +0000
ROA not before: Tue 19 Nov 2024 13:00:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.225.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 13:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:82:8a:e6:93:77:37:65:68:dd:f5:eb:4e:fe:60:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 19 13:00:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7625d8c08726e59db23a9226735bc48dac3490bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d1:58:12:ac:f5:fc:b0:e0:35:a2:65:a1:e8:
d5:15:19:f6:79:c9:71:c3:89:33:87:66:a9:f5:08:
e1:74:10:0b:64:f1:54:6b:1d:cc:e0:fd:00:e6:90:
69:9e:be:67:d3:c1:8d:9a:a0:1a:98:9d:2c:d4:ee:
18:2a:64:11:29:df:4d:53:58:bd:1b:37:f8:70:c2:
10:50:4a:c8:6c:c1:9c:fc:5f:b2:04:7f:e2:1a:a7:
f2:2c:11:0e:f1:2c:3c:6a:a7:fc:49:43:07:30:7d:
f0:b0:d2:ac:77:7b:24:a5:e6:34:77:4d:d5:02:8f:
a9:35:31:32:62:39:dc:b9:bb:17:32:2f:12:82:dc:
cd:5f:3d:0a:0a:fa:b1:f4:0c:4c:3d:51:b8:d6:dd:
11:b6:1a:97:ab:9b:ad:63:8c:30:20:50:47:4b:05:
22:f3:3b:94:11:28:16:6f:a2:b9:bf:90:e2:f5:8a:
86:16:82:c5:b2:b0:dc:5e:31:32:2b:61:50:fe:98:
65:e0:09:df:06:99:9f:6b:1b:98:f4:61:93:9b:57:
0c:5b:19:b8:a2:d2:be:7e:49:cd:7e:b8:51:b1:c3:
1a:88:66:17:1d:8d:29:1a:7a:4d:c0:3f:7d:fa:6d:
97:1f:7f:92:ce:fb:0a:e9:e8:f1:fd:48:ce:39:71:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:25:D8:C0:87:26:E5:9D:B2:3A:92:26:73:5B:C4:8D:AC:34:90:BB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/diXYwIcm5Z2yOpImc1vEjaw0kLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.225.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:9f:7a:3c:c3:d6:a6:6c:dd:45:c9:12:27:fa:60:09:7f:73:
09:98:49:e2:e4:e1:91:40:31:ae:2c:1b:fe:6e:4c:4e:43:d5:
bd:b0:c0:52:b3:97:13:58:73:19:62:dc:ce:5b:59:86:3b:ba:
77:9a:5b:37:2d:a8:b4:d3:9f:ab:b4:dd:58:7d:14:bd:61:21:
b3:a7:02:c7:56:f0:41:ba:69:dd:46:04:5d:b7:ba:22:a0:44:
c9:79:c4:ae:fb:de:2f:8f:85:20:23:56:7c:12:f5:12:9e:69:
b0:57:fd:ef:2d:d0:25:73:64:bb:02:9a:99:a3:6c:f3:43:bb:
9a:0a:76:45:9c:e2:38:30:4e:c9:77:14:6d:3b:e3:ca:f7:d3:
37:83:99:5f:80:c2:8e:38:06:2b:f0:65:b8:90:08:ac:be:9f:
15:ce:ef:5c:30:7b:80:6c:0f:af:e7:b8:44:c1:2e:00:db:31:
68:8d:0c:80:f7:42:ad:0b:fc:43:8c:ae:95:7f:31:18:c2:3e:
0a:9b:55:fe:99:0e:b2:8d:67:08:57:1b:18:dc:9a:2e:5b:d7:
95:95:17:64:88:b8:96:fb:89:64:fe:7f:4e:66:50:9a:00:b2:
6f:fa:af:93:03:bd:9b:b3:62:ff:e7:c5:af:43:5e:54:fd:fe:
fb:ae:22:82
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZNEgormk3c3ZWjd9etO/mCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE5MTMwMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjI1ZDhjMDg3MjZlNTlkYjIzYTkyMjY3MzViYzQ4ZGFjMzQ5MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9FYEqz1/LDgNaJloejVFRn2eclx
w4kzh2ap9QjhdBALZPFUax3M4P0A5pBpnr5n08GNmqAamJ0s1O4YKmQRKd9NU1i9
Gzf4cMIQUErIbMGc/F+yBH/iGqfyLBEO8Sw8aqf8SUMHMH3wsNKsd3skpeY0d03V
Ao+pNTEyYjncubsXMi8SgtzNXz0KCvqx9AxMPVG41t0RthqXq5utY4wwIFBHSwUi
8zuUESgWb6K5v5Di9YqGFoLFsrDcXjEyK2FQ/phl4AnfBpmfaxuY9GGTm1cMWxm4
otK+fknNfrhRscMaiGYXHY0pGnpNwD99+m2XH3+SzvsK6ejx/UjOOXHXOwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFHYl2MCHJuWdsjqSJnNbxI2sNJC7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZGlYWXdJY201WjJ5T3BJbWMxdkVqYXcwa0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBABS
mAgDBAFSmLADBAJSmYgDBABSmeEDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAME
AW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAMEANXa0zAMAwQA2ZFBAwQA2ZFC
AwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAOn3o8w9ambN1FyRIn+mAJf3MJmEni
5OGRQDGuLBv+bkxOQ9W9sMBSs5cTWHMZYtzOW1mGO7p3mls3Lai005+rtN1YfRS9
YSGzpwLHVvBBumndRgRdt7oioETJecSu+94vj4UgI1Z8EvUSnmmwV/3vLdAlc2S7
ApqZo2zzQ7uaCnZFnOI4ME7JdxRtO+PK99M3g5lfgMKOOAYr8GW4kAisvp8Vzu9c
MHuAbA+v57hEwS4A2zFojQyA90KtC/xDjK6VfzEYwj4Km1X+mQ6yjWcIVxsY3Jou
W9eVlRdkiLiW+4lk/n9OZlCaALJv+q+TA72bs2L/58WvQ15U/f77riKC
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:44 2025 by rpki-client