Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f6fTMYKYiNLMzX0L67lBnM3GoYQ.roa
File: f6fTMYKYiNLMzX0L67lBnM3GoYQ.roa (raw, json)
Hash identifier: qUmwHMi9w+DFutbSGTp9RhMDY0lhipzy+r62BqKp4F0=
Subject key identifier: 7F:A7:D3:31:82:98:88:D2:CC:CD:7D:0B:EB:B9:41:9C:CD:C6:A1:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192331F673907075226A4483723891E6390
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f6fTMYKYiNLMzX0L67lBnM3GoYQ.roa
Signing time: Fri 27 Sep 2024 10:55:48 +0000
ROA not before: Fri 27 Sep 2024 10:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 13:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:1f:67:39:07:07:52:26:a4:48:37:23:89:1e:63:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 27 10:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fa7d331829888d2cccd7d0bebb9419ccdc6a184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:17:6c:8f:52:2b:32:7e:df:d1:8d:7b:bf:
cf:48:7b:d6:78:7b:bc:c9:ff:2e:21:41:cd:a0:c1:
31:39:11:41:95:ce:73:33:de:b3:58:5a:db:70:57:
c9:8f:10:99:65:21:d7:b9:e3:ff:b2:a6:a8:29:43:
70:f3:9f:ac:36:ec:e4:e5:f6:46:75:f8:66:ef:5b:
95:a4:e2:d5:36:ca:65:3d:6b:5a:52:45:a4:76:dd:
68:7e:9f:6f:a3:9d:bc:6b:00:7a:0f:57:f3:3a:f1:
52:65:f0:23:b7:1f:86:50:08:a4:d1:e9:83:15:c1:
86:0e:93:95:50:5f:b1:ee:98:b6:c9:e2:c2:83:a0:
2a:e8:00:98:0e:ad:e9:da:6b:75:e9:d2:23:16:6a:
a8:c7:c7:44:0e:50:95:ce:d4:bb:93:be:06:ab:c3:
97:3c:c8:d9:fd:a6:ac:4a:42:0e:d9:71:cd:9d:56:
cf:9f:ca:3d:71:69:6f:02:c0:ca:d6:9b:d3:ec:cc:
1e:7a:fd:1f:c1:26:65:2c:ad:fb:a1:3e:89:82:bc:
c5:13:45:87:97:1e:cf:8b:2c:f5:e5:6a:4a:e6:30:
b2:be:f5:23:10:fe:fa:10:bb:b7:38:13:4a:64:e6:
ca:07:f8:2d:f7:75:ad:91:97:04:1e:df:64:2e:e0:
20:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A7:D3:31:82:98:88:D2:CC:CD:7D:0B:EB:B9:41:9C:CD:C6:A1:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f6fTMYKYiNLMzX0L67lBnM3GoYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.222.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.139.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
70:d5:7c:3c:ed:65:f6:be:7a:80:48:49:60:f3:bf:4f:bc:df:
f1:38:89:48:03:37:56:28:6e:c4:bc:ae:85:36:37:42:e9:69:
27:33:31:14:ce:8b:d2:35:ba:8a:08:3f:26:6f:9f:4e:08:1f:
30:65:61:97:ee:3d:d8:05:f7:be:67:55:4c:59:3b:96:8a:b9:
05:61:1c:bd:ce:68:10:4a:55:b5:c8:14:51:b2:cb:5d:f7:4f:
65:79:7f:fc:f0:ea:4c:8b:bb:bc:d3:80:94:85:65:a9:11:b4:
8b:4c:da:36:05:2f:3e:89:bd:d6:3b:35:82:7a:0f:ec:7e:64:
0a:ff:66:ef:55:74:93:ec:fe:cc:3b:b3:a3:53:a4:41:59:48:
e2:87:3a:75:b4:58:6b:ef:8c:72:5b:52:20:6a:53:1f:72:6b:
32:f1:74:9f:3c:db:50:9c:89:81:9c:34:ad:bb:94:be:bc:0a:
ac:9c:55:c9:69:13:7f:32:f0:a0:f3:df:28:44:68:da:e7:7a:
44:a6:aa:29:3f:29:68:fd:aa:b5:75:9d:15:a3:86:c6:ee:7c:
e9:fa:13:18:d5:a4:86:32:32:a5:c2:8b:db:7a:98:1a:6a:24:
10:28:8b:b7:9d:91:7c:51:b5:6f:07:42:e0:5a:e9:23:a4:08:
a2:bf:0c:2c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZIzH2c5BwdSJqRINyOJHmOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTI3MTA1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmE3ZDMzMTgyOTg4OGQyY2NjZDdkMGJlYmI5NDE5Y2NkYzZhMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifUXbI9SKzJ+39GNe7/PSHvWeHu8
yf8uIUHNoMExORFBlc5zM96zWFrbcFfJjxCZZSHXueP/sqaoKUNw85+sNuzk5fZG
dfhm71uVpOLVNsplPWtaUkWkdt1ofp9vo528awB6D1fzOvFSZfAjtx+GUAik0emD
FcGGDpOVUF+x7pi2yeLCg6Aq6ACYDq3p2mt16dIjFmqox8dEDlCVztS7k74Gq8OX
PMjZ/aasSkIO2XHNnVbPn8o9cWlvAsDK1pvT7Mweev0fwSZlLK37oT6JgrzFE0WH
lx7Piyz15WpK5jCyvvUjEP76ELu3OBNKZObKB/gt93WtkZcEHt9kLuAgSwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFH+n0zGCmIjSzM19C+u5QZzNxqGEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZjZmVE1ZS1lpTkxNelgwTDY3bEJuTTNHb1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAFS
mLADBAJSmYgDBABSmd4DBABSmfMDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YsDBABZ1ZEwDAMEAlnVlAMEBVnVgAMEAFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXA
MAwDBAJZ1eQDBARZ1eADBANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBAHU
JlgDBADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEA
cNV8PO1l9r56gEhJYPO/T7zf8TiJSAM3VihuxLyuhTY3QulpJzMxFM6L0jW6igg/
Jm+fTggfMGVhl+492AX3vmdVTFk7loq5BWEcvc5oEEpVtcgUUbLLXfdPZXl//PDq
TIu7vNOAlIVlqRG0i0zaNgUvPom91js1gnoP7H5kCv9m71V0k+z+zDuzo1OkQVlI
4oc6dbRYa++McltSIGpTH3JrMvF0nzzbUJyJgZw0rbuUvrwKrJxVyWkTfzLwoPPf
KERo2ud6RKaqKT8paP2qtXWdFaOGxu586foTGNWkhjIypcKL23qYGmokECiLt52R
fFG1bwdC4FrpI6QIor8MLA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:56 2025 by rpki-client