Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eOwC7OihVKBXDoth14-CUor7DZQ.roa
File: eOwC7OihVKBXDoth14-CUor7DZQ.roa (raw, json)
Hash identifier: m7gv2AiF1jFapdFeEhEDUhdpghQM43/MLJY52ZzWjbk=
Subject key identifier: 78:EC:02:EC:E8:A1:54:A0:57:0E:8B:61:D7:8F:82:52:8A:FB:0D:94
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019306B05E64B669340AF5B5E10D6915AF16
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eOwC7OihVKBXDoth14-CUor7DZQ.roa
Signing time: Thu 07 Nov 2024 12:54:01 +0000
ROA not before: Thu 07 Nov 2024 12:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.98.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 08:57:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:b0:5e:64:b6:69:34:0a:f5:b5:e1:0d:69:15:af:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 7 12:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78ec02ece8a154a0570e8b61d78f82528afb0d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:d6:e2:3d:d1:34:97:ab:c2:bd:fc:48:eb:
f8:37:74:de:dc:a2:48:a7:42:32:bf:92:c7:ee:af:
6c:ee:fa:70:5b:01:9a:ca:f2:b3:f0:65:60:ff:b0:
87:45:15:6d:04:f1:d7:db:36:c2:b0:bc:3a:80:9e:
3a:1e:dd:b6:20:09:2c:ed:f5:c6:f3:f5:33:75:94:
2a:74:26:28:7b:28:7d:fb:11:f6:af:0f:f2:51:73:
d6:a7:d0:a5:24:90:18:87:94:43:31:a0:8e:51:88:
dd:23:36:12:25:4e:0f:b1:2f:b0:3c:07:89:39:8e:
2a:7d:c2:fc:68:8c:2d:de:e9:3b:88:fa:54:4f:9a:
5a:82:08:eb:54:d9:2e:a9:f6:b3:7a:37:f3:f4:fe:
b5:21:dc:3c:9a:50:69:5d:64:25:f3:f9:97:cb:4e:
8f:eb:99:f7:ab:fe:6f:a4:80:a7:06:2b:a3:a4:07:
08:53:08:8b:9f:4c:c4:cd:f9:cd:f2:83:02:99:84:
f8:90:ac:a2:14:69:ef:53:ff:61:89:92:1e:14:53:
bd:ff:c6:b2:f1:3d:79:28:1c:f1:42:8d:57:7d:ef:
de:c2:55:60:ad:58:b8:4d:70:95:ba:f5:e1:98:b0:
8c:af:d0:63:a4:6b:5c:f4:46:1d:3b:3c:b3:57:83:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EC:02:EC:E8:A1:54:A0:57:0E:8B:61:D7:8F:82:52:8A:FB:0D:94
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/eOwC7OihVKBXDoth14-CUor7DZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.98.0/24
82.153.205.0/24
82.153.222.0/24
82.153.243.0/24
89.213.50.0/24
109.176.244.0/24
213.218.234.0/24
213.218.238.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:aa:0c:00:8e:c9:a1:37:c2:24:fc:bd:cb:1d:c7:63:27:b0:
06:b8:af:af:43:ac:29:a4:87:1e:64:44:37:66:30:ae:b2:7c:
f8:da:e6:3f:3e:31:bd:5a:e7:1b:81:9a:f3:e9:5d:61:ba:e6:
8c:b4:e7:b7:60:62:3c:4f:e0:e8:89:fb:1f:50:97:77:86:36:
f9:c0:4e:be:ba:21:2f:a9:4e:6e:a9:50:f1:a9:fe:b0:04:81:
80:9a:a0:6c:e1:33:6c:38:03:21:9d:13:37:6d:a3:a4:ab:e7:
e5:dc:7a:f7:83:6f:20:87:c6:b7:e7:0f:d4:e0:b1:a1:d1:a5:
cb:1a:ff:e4:73:e9:fc:d6:14:e7:83:df:30:b0:18:ba:a8:8e:
e1:01:e5:26:a0:f3:a2:d7:a4:c0:55:55:51:0a:48:8b:65:ce:
d9:db:14:1f:0c:8e:03:a3:ac:95:e3:34:ad:85:23:7a:9b:db:
8c:5a:31:2b:78:bd:2f:8c:fc:80:c2:7c:e5:61:1e:9d:79:37:
79:16:21:8f:b8:5a:1d:3e:e2:7f:2e:4d:3a:1f:b8:50:f9:65:
cf:60:63:b5:64:f3:e6:e7:3f:11:c6:68:42:07:7a:e4:9a:44:
d9:10:14:83:42:a6:f4:17:58:39:42:90:1b:ba:34:a5:c5:ce:
95:2a:0e:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMGsF5ktmk0CvW14Q1pFa8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA3MTI1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGVjMDJlY2U4YTE1NGEwNTcwZThiNjFkNzhmODI1MjhhZmIwZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ7W4j3RNJerwr38SOv4N3Te3KJI
p0Iyv5LH7q9s7vpwWwGayvKz8GVg/7CHRRVtBPHX2zbCsLw6gJ46Ht22IAks7fXG
8/UzdZQqdCYoeyh9+xH2rw/yUXPWp9ClJJAYh5RDMaCOUYjdIzYSJU4PsS+wPAeJ
OY4qfcL8aIwt3uk7iPpUT5paggjrVNkuqfazejfz9P61Idw8mlBpXWQl8/mXy06P
65n3q/5vpICnBiujpAcIUwiLn0zEzfnN8oMCmYT4kKyiFGnvU/9hiZIeFFO9/8ay
8T15KBzxQo1Xfe/ewlVgrVi4TXCVuvXhmLCMr9BjpGtc9EYdOzyzV4N4hQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHjsAuzooVSgVw6LYdePglKK+w2UMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZU93QzdPaWhWS0JYRG90aDE0LUNVb3I3RFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUphiAwQA
UpnNAwQAUpneAwQAUpnzAwQAWdUyAwQAbbD0AwQA1drqAwQA1druAwQA2ZFEMA0G
CSqGSIb3DQEBCwUAA4IBAQClqgwAjsmhN8Ik/L3LHcdjJ7AGuK+vQ6wppIceZEQ3
ZjCusnz42uY/PjG9WucbgZrz6V1huuaMtOe3YGI8T+DoifsfUJd3hjb5wE6+uiEv
qU5uqVDxqf6wBIGAmqBs4TNsOAMhnRM3baOkq+fl3Hr3g28gh8a35w/U4LGh0aXL
Gv/kc+n81hTng98wsBi6qI7hAeUmoPOi16TAVVVRCkiLZc7Z2xQfDI4Do6yV4zSt
hSN6m9uMWjEreL0vjPyAwnzlYR6deTd5FiGPuFodPuJ/Lk06H7hQ+WXPYGO1ZPPm
5z8RxmhCB3rkmkTZEBSDQqb0F1g5QpAbujSlxc6VKg6l
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:39 2025 by rpki-client