Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fdXGDfZlvlecjJxGMmH1C0Vyjfo.roa
File: fdXGDfZlvlecjJxGMmH1C0Vyjfo.roa (raw, json)
Hash identifier: izNGR1WDIRgfuir04D2LIGYLKFYPHvbBVYf3jvOBBZE=
Subject key identifier: 7D:D5:C6:0D:F6:65:BE:57:9C:8C:9C:46:32:61:F5:0B:45:72:8D:FA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193643932699C8D67FB8531B35811313382
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fdXGDfZlvlecjJxGMmH1C0Vyjfo.roa
Signing time: Mon 25 Nov 2024 16:48:10 +0000
ROA not before: Mon 25 Nov 2024 16:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.120.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.226.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Nov 2024 17:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:64:39:32:69:9c:8d:67:fb:85:31:b3:58:11:31:33:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 25 16:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dd5c60df665be579c8c9c463261f50b45728dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:71:92:bb:ef:de:ef:2b:41:3c:9c:0c:9f:
9a:03:fb:3e:f2:24:ff:73:5d:23:d5:e5:f3:8e:34:
0a:ba:7a:59:25:85:32:a8:dc:8c:71:7e:e5:d7:62:
08:b4:bd:44:30:f1:2a:d1:32:8a:c2:71:6c:6c:aa:
71:7e:c5:b5:fa:83:db:59:40:64:34:28:ca:23:22:
7e:5a:a8:9c:58:9e:17:5c:c2:a6:55:21:2d:63:99:
b4:6a:af:86:24:cd:89:cc:4b:69:17:2a:90:aa:07:
b0:86:a9:b7:16:10:c6:3e:ae:f9:48:9e:48:71:5c:
44:9a:b9:73:52:0c:2f:b2:54:3f:6d:cb:c6:66:7c:
ba:3e:2a:b9:3c:e0:f0:f9:72:12:6f:d7:8f:1e:36:
31:24:07:e6:17:e1:78:1e:97:6e:4f:0c:d3:95:71:
e5:95:2a:2a:fb:c3:71:52:0f:a4:a5:29:9e:be:a7:
a0:b5:aa:8a:55:77:9e:22:21:ed:ba:02:85:85:a6:
d5:a4:77:7a:5d:9c:ed:3a:fc:1f:e4:62:e2:e7:a9:
21:e9:c9:6b:f7:5f:78:e6:31:5e:5e:62:d5:d5:c8:
23:8b:73:52:83:59:bf:27:2e:f8:e3:be:90:94:f1:
48:ff:85:f5:14:9a:42:98:29:27:04:6e:2a:99:33:
6b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D5:C6:0D:F6:65:BE:57:9C:8C:9C:46:32:61:F5:0B:45:72:8D:FA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fdXGDfZlvlecjJxGMmH1C0Vyjfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.120.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.226.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.27.0/24
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
52:19:55:7a:dd:8e:56:29:54:15:8d:73:c9:8c:72:24:5e:ba:
e2:d8:65:a3:0b:f4:e9:8e:1f:dd:22:e3:9c:54:1a:d6:a4:9d:
3d:36:bd:df:c8:f5:40:d8:e6:9f:37:3e:2b:68:95:95:8a:c4:
83:6a:17:56:f7:17:84:30:b5:58:69:64:59:16:df:63:de:f3:
a6:cb:79:84:58:f0:7c:30:8a:d9:f6:88:7b:d0:2e:e9:68:6c:
c5:c4:ae:02:19:27:9e:ec:5e:7d:40:c0:5f:32:93:aa:49:d8:
6a:71:57:41:dc:8b:1c:43:bf:96:8a:25:2f:bf:70:69:8c:09:
a0:79:89:63:17:c1:cd:da:a0:78:88:40:1c:a2:6f:b4:5b:b6:
90:22:02:e3:1a:14:50:5e:be:58:51:a4:13:c1:e4:52:5d:bc:
2f:2a:6c:fb:69:23:08:4e:8e:0c:67:99:e3:4e:dd:e7:22:4d:
c6:a3:99:ad:55:d3:29:56:86:e5:06:96:7e:a7:d9:95:b8:35:
f1:24:38:8f:f4:9d:4e:f9:c0:37:46:d0:6d:be:33:ed:d0:b0:
75:3e:86:04:60:68:c1:42:a2:90:17:eb:01:de:30:33:ad:91:
52:67:ff:f2:e9:73:f8:a7:19:2d:b3:cf:4f:f7:a2:a6:e0:b7:
0a:8f:05:17
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZNkOTJpnI1n+4Uxs1gRMTOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI1MTY0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ1YzYwZGY2NjViZTU3OWM4YzljNDYzMjYxZjUwYjQ1NzI4ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWtxkrvv3u8rQTycDJ+aA/s+8iT/
c10j1eXzjjQKunpZJYUyqNyMcX7l12IItL1EMPEq0TKKwnFsbKpxfsW1+oPbWUBk
NCjKIyJ+WqicWJ4XXMKmVSEtY5m0aq+GJM2JzEtpFyqQqgewhqm3FhDGPq75SJ5I
cVxEmrlzUgwvslQ/bcvGZny6Piq5PODw+XISb9ePHjYxJAfmF+F4HpduTwzTlXHl
lSoq+8NxUg+kpSmevqegtaqKVXeeIiHtugKFhabVpHd6XZztOvwf5GLi56kh6clr
91945jFeXmLV1cgji3NSg1m/Jy74476QlPFI/4X1FJpCmCknBG4qmTNrHwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFH3Vxg32Zb5XnIycRjJh9QtFco36MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZmRYR0RmWmx2bGVjakp4R01tSDFDMFZ5amZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1XgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsMAwDBAJZ1cQDBARZ1cADBABZ1eIwDAMEAlnV5AMEBFnV4AMEA22wEAME
AG2wGwMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAMEANXa0zAM
AwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBSGVV63Y5WKVQV
jXPJjHIkXrri2GWjC/Tpjh/dIuOcVBrWpJ09Nr3fyPVA2OafNz4raJWVisSDahdW
9xeEMLVYaWRZFt9j3vOmy3mEWPB8MIrZ9oh70C7paGzFxK4CGSee7F59QMBfMpOq
SdhqcVdB3IscQ7+WiiUvv3BpjAmgeYljF8HN2qB4iEAcom+0W7aQIgLjGhRQXr5Y
UaQTweRSXbwvKmz7aSMITo4MZ5njTt3nIk3Go5mtVdMpVoblBpZ+p9mVuDXxJDiP
9J1O+cA3RtBtvjPt0LB1PoYEYGjBQqKQF+sB3jAzrZFSZ//y6XP4pxkts89P96Km
4LcKjwUX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:52 2025 by rpki-client