Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e5VJWNkQVoCD36zfLWavilqlN3I.roa
File: e5VJWNkQVoCD36zfLWavilqlN3I.roa (raw, json)
Hash identifier: kRXy4FryYyzjKR0K+hb7/DVQ+R66q26/0kKOJxIfOg0=
Subject key identifier: 7B:95:49:58:D9:10:56:80:83:DF:AC:DF:2D:66:AF:8A:5A:A5:37:72
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194DB4AE78316BD4E9EED619135E1B061A7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e5VJWNkQVoCD36zfLWavilqlN3I.roa
Signing time: Thu 06 Feb 2025 12:45:06 +0000
ROA not before: Thu 06 Feb 2025 12:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.0.0/22 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.196.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 19:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:4a:e7:83:16:bd:4e:9e:ed:61:91:35:e1:b0:61:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 6 12:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b954958d910568083dfacdf2d66af8a5aa53772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:29:40:86:ef:71:9c:cc:af:dc:a0:4a:ea:dd:
c8:27:ec:c8:d9:78:50:9d:e6:a6:a2:01:21:2a:3f:
03:68:44:58:5d:43:d9:7b:ed:67:e3:cc:43:e9:dc:
67:5a:90:30:bd:0f:01:c8:f4:bc:88:15:fd:b8:0d:
2c:e8:ce:ef:3e:b2:c4:93:5a:71:c4:86:b5:11:3f:
63:a6:b7:5d:a5:a1:62:6d:97:bb:f0:6b:40:9f:fc:
89:f8:98:83:a6:e6:51:0d:aa:ee:c1:c5:68:47:9f:
54:90:32:3e:2f:cf:f4:4d:4a:cc:1a:ef:8f:60:00:
f2:de:9c:a9:9f:e7:4a:73:18:13:31:ed:b9:e4:10:
b7:0d:a9:09:a6:67:31:d1:a1:9d:d6:09:2f:5b:a8:
2c:d1:7a:d6:3f:f3:95:2f:bc:36:5d:e4:e2:80:3a:
eb:cb:4b:f6:c2:bb:b9:06:b7:57:02:7b:a2:45:46:
9d:1a:99:5c:0e:5f:e5:4d:82:7d:89:10:1f:4a:d1:
fb:d2:a9:43:15:ce:c7:dc:db:25:6f:40:ee:1e:96:
9b:d9:51:c4:ed:2b:02:9f:58:6a:e5:83:c6:c3:af:
e8:a4:ff:22:8b:35:bc:26:46:36:0e:0c:19:8a:1a:
f6:8a:e4:87:96:7f:b2:e3:5a:cb:c5:cc:b8:8a:2f:
a2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:95:49:58:D9:10:56:80:83:DF:AC:DF:2D:66:AF:8A:5A:A5:37:72
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e5VJWNkQVoCD36zfLWavilqlN3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.69.0/24
82.153.79.0/24
82.153.136.0/22
82.153.243.0/24
89.213.0.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.68.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:01:37:83:5c:12:7b:1c:9a:8d:dc:83:df:fe:e0:bb:08:2b:
69:7f:ce:70:81:fb:ed:db:75:e3:ff:3e:45:0d:e1:c3:45:2c:
53:a3:f1:4a:d6:d8:ca:76:e6:82:b2:67:18:11:a9:de:6b:b0:
d4:12:3c:11:d2:ea:70:b3:67:ef:fc:11:68:81:81:30:6c:42:
d3:20:7f:83:90:3a:dc:ae:f2:cc:d4:b1:f9:77:fa:5e:e6:44:
20:06:19:4a:93:15:f0:22:f5:07:9a:3b:b2:f1:ca:91:bf:ad:
a2:e3:43:1b:f2:16:6b:cc:96:55:64:f3:1c:4e:6a:68:80:00:
bb:ee:14:e1:44:03:1c:c5:7a:d3:09:8b:f3:a2:2b:37:71:9c:
30:8c:27:41:3e:45:ea:3a:b5:d3:7c:31:8d:fe:98:2e:cc:64:
90:9d:db:97:b0:07:f1:40:06:74:29:1d:a5:41:1f:a6:f9:e2:
44:fe:3d:2e:6f:4d:03:dd:b8:a5:d3:4d:d9:a6:54:25:e5:ec:
d9:6e:6b:5e:dc:eb:5a:af:65:90:e5:4b:87:58:7e:cd:ad:93:
4a:ff:a6:7f:1d:41:bd:68:82:ef:fd:88:3e:88:59:e4:ef:df:
96:dd:bd:2b:40:bb:6e:61:9f:d2:4e:ca:ef:ea:75:f0:3e:74:
4b:76:0a:33
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZTbSueDFr1Onu1hkTXhsGGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA2MTI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjk1NDk1OGQ5MTA1NjgwODNkZmFjZGYyZDY2YWY4YTVhYTUzNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwylAhu9xnMyv3KBK6t3IJ+zI2XhQ
neamogEhKj8DaERYXUPZe+1n48xD6dxnWpAwvQ8ByPS8iBX9uA0s6M7vPrLEk1px
xIa1ET9jprddpaFibZe78GtAn/yJ+JiDpuZRDaruwcVoR59UkDI+L8/0TUrMGu+P
YADy3pypn+dKcxgTMe255BC3DakJpmcx0aGd1gkvW6gs0XrWP/OVL7w2XeTigDrr
y0v2wru5BrdXAnuiRUadGplcDl/lTYJ9iRAfStH70qlDFc7H3Nslb0DuHpab2VHE
7SsCn1hq5YPGw6/opP8iizW8JkY2DgwZihr2iuSHln+y41rLxcy4ii+iYQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFHuVSVjZEFaAg9+s3y1mr4papTdyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZTVWSldOa1FWb0NEMzZ6ZkxXYXZpbHFsTjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFKYCAMEAVKYsAMEAFKZMgMEAFKZRQMEAFKZTwMEAlKZiAMEAFKZ8wMEAlnV
AAMEAVnVLAMEAVnVMgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQA
WdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akw
DAMEAFnVqwMEBFnVoAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQD
BARZ1eADBANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgD
BADVmCsDBALV0jQDBADV2tMwDAMEANmRQQMEANmRQgMEANmRRAMEA9mRSDANBgkq
hkiG9w0BAQsFAAOCAQEADwE3g1wSexyajdyD3/7guwgraX/OcIH77dt14/8+RQ3h
w0UsU6PxStbYynbmgrJnGBGp3muw1BI8EdLqcLNn7/wRaIGBMGxC0yB/g5A63K7y
zNSx+Xf6XuZEIAYZSpMV8CL1B5o7svHKkb+touNDG/IWa8yWVWTzHE5qaIAAu+4U
4UQDHMV60wmL86IrN3GcMIwnQT5F6jq103wxjf6YLsxkkJ3bl7AH8UAGdCkdpUEf
pvniRP49Lm9NA924pdNN2aZUJeXs2W5rXtzrWq9lkOVLh1h+za2TSv+mfx1BvWiC
7/2IPohZ5O/flt29K0C7bmGf0k7K7+p18D50S3YKMw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:42 2025 by rpki-client