Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e_iv9HMS-C7697JuMEt8y_NhqfM.roa
File: e_iv9HMS-C7697JuMEt8y_NhqfM.roa (raw, json)
Hash identifier: nH8pwWWquFM7Bsbj3UnMj84AbvjK9qsVkLDYFU3KF9w=
Subject key identifier: 7B:F8:AF:F4:73:12:F8:2E:FA:F7:B2:6E:30:4B:7C:CB:F3:61:A9:F3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F724FD6AB2A3B9F65D6DD75266F8F60D2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e_iv9HMS-C7697JuMEt8y_NhqfM.roa
Signing time: Mon 13 May 2024 14:16:25 +0000
ROA not before: Mon 13 May 2024 14:16:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 270158
IP address blocks: 82.152.133.0/24 maxlen: 24
82.152.138.0/24 maxlen: 24
82.152.139.0/24 maxlen: 24
82.153.2.0/24 maxlen: 24
82.153.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:4f:d6:ab:2a:3b:9f:65:d6:dd:75:26:6f:8f:60:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 13 14:16:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bf8aff47312f82efaf7b26e304b7ccbf361a9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:e0:5b:03:68:4a:d1:87:df:a1:a3:c0:07:
41:51:e0:02:2c:b7:56:9f:2a:0d:98:8a:93:3b:6d:
be:64:bf:74:af:b6:86:0e:8c:93:f4:60:62:49:b8:
1c:47:69:37:c0:1e:60:f2:0f:16:63:a0:83:b3:4f:
11:4d:03:0f:74:e2:10:a3:9c:e0:3f:62:5f:26:d0:
4a:7f:88:c9:fb:53:5e:6b:5f:7d:4a:c9:85:a2:2a:
45:3b:f5:3d:ea:9c:3f:90:a6:3f:2b:17:08:48:ff:
01:77:dc:bb:dd:df:99:c5:5f:4f:02:2b:4f:4f:b4:
c1:f4:e7:8e:c0:a2:91:e3:7a:10:34:92:6f:ec:34:
f5:95:6d:9d:7c:d3:e6:1c:00:b3:a7:d3:9c:64:bd:
86:27:da:af:b6:aa:70:19:29:99:41:88:06:c8:65:
18:bc:71:91:52:bb:77:15:eb:3b:d9:6b:d9:84:87:
a8:0d:f5:1f:14:72:21:76:d9:ab:b0:b8:54:42:46:
8c:03:41:60:d1:22:0f:2d:55:5c:dd:92:c3:01:f5:
71:8b:0a:e9:c9:a0:cb:27:c8:27:7f:78:79:26:34:
35:de:57:2d:93:8d:14:aa:ca:60:ec:92:e4:cc:b3:
f9:59:fd:18:d0:55:e2:d4:ed:fa:b5:29:b9:65:6a:
58:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F8:AF:F4:73:12:F8:2E:FA:F7:B2:6E:30:4B:7C:CB:F3:61:A9:F3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/e_iv9HMS-C7697JuMEt8y_NhqfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.133.0/24
82.152.138.0/23
82.153.2.0/23
Signature Algorithm: sha256WithRSAEncryption
76:ba:39:80:97:a1:7e:aa:c0:8b:3b:78:bd:e7:e3:31:68:2d:
35:c9:4a:fd:45:d5:47:ad:65:4f:3c:79:81:96:a4:4d:18:96:
18:e4:f0:9f:52:eb:98:d7:07:28:88:f3:35:57:f8:85:1b:74:
8d:73:41:93:a7:a1:65:1e:1c:bf:16:4f:9d:73:64:32:32:98:
67:69:22:3b:6e:3e:3d:d0:3a:ca:22:c8:2f:c8:f7:77:1c:16:
e1:01:81:1c:a7:36:fe:7c:ea:21:1f:89:44:03:de:20:3e:a7:
17:ee:f8:d1:81:e6:7e:76:e8:3e:e2:33:65:e3:30:77:d2:51:
3a:86:6b:06:84:a9:0b:55:a0:81:49:97:9e:19:bf:39:98:1d:
da:02:84:c2:76:fb:78:e0:d2:5c:8c:fe:8c:5a:99:bf:c1:af:
1c:01:93:3a:13:82:6a:02:52:93:84:09:06:49:20:51:de:f8:
6e:39:1d:f3:ad:8f:90:5a:fb:18:0f:d5:c6:54:c6:ab:74:9c:
29:cd:ff:2a:51:34:36:d5:53:f6:28:9f:0d:8e:ba:8d:2b:ce:
76:44:60:fe:82:4d:b0:f2:2d:22:72:79:ed:08:e3:27:cd:9a:
35:e8:ba:4a:bb:86:e3:be:7d:19:9e:d2:69:c2:50:47:9c:cd:
44:f1:3f:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9yT9arKjufZdbddSZvj2DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTEzMTQxNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY4YWZmNDczMTJmODJlZmFmN2IyNmUzMDRiN2NjYmYzNjFhOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSngWwNoStGH36GjwAdBUeACLLdW
nyoNmIqTO22+ZL90r7aGDoyT9GBiSbgcR2k3wB5g8g8WY6CDs08RTQMPdOIQo5zg
P2JfJtBKf4jJ+1Nea199SsmFoipFO/U96pw/kKY/KxcISP8Bd9y73d+ZxV9PAitP
T7TB9OeOwKKR43oQNJJv7DT1lW2dfNPmHACzp9OcZL2GJ9qvtqpwGSmZQYgGyGUY
vHGRUrt3Fes72WvZhIeoDfUfFHIhdtmrsLhUQkaMA0Fg0SIPLVVc3ZLDAfVxiwrp
yaDLJ8gnf3h5JjQ13lctk40Uqspg7JLkzLP5Wf0Y0FXi1O36tSm5ZWpYsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHv4r/RzEvgu+veybjBLfMvzYanzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZV9pdjlITVMtQzc2OTdKdU1FdDh5X05ocWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiFAwQB
UpiKAwQBUpkCMA0GCSqGSIb3DQEBCwUAA4IBAQB2ujmAl6F+qsCLO3i95+MxaC01
yUr9RdVHrWVPPHmBlqRNGJYY5PCfUuuY1wcoiPM1V/iFG3SNc0GTp6FlHhy/Fk+d
c2QyMphnaSI7bj490DrKIsgvyPd3HBbhAYEcpzb+fOohH4lEA94gPqcX7vjRgeZ+
dug+4jNl4zB30lE6hmsGhKkLVaCBSZeeGb85mB3aAoTCdvt44NJcjP6MWpm/wa8c
AZM6E4JqAlKThAkGSSBR3vhuOR3zrY+QWvsYD9XGVMardJwpzf8qUTQ21VP2KJ8N
jrqNK852RGD+gk2w8i0icnntCOMnzZo16LpKu4bjvn0ZntJpwlBHnM1E8T9n
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:25 2025 by rpki-client