Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gk4I7iMel91QToEyc0qDW6PyV2w.roa
File: gk4I7iMel91QToEyc0qDW6PyV2w.roa (raw, json)
Hash identifier: hZAqsMNp255LRGnEUPRzyi97nLG02kAYc72SfqC+ozU=
Subject key identifier: 82:4E:08:EE:23:1E:97:DD:50:4E:81:32:73:4A:83:5B:A3:F2:57:6C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191C3F78065167FBA0F0805167C60E2D254
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gk4I7iMel91QToEyc0qDW6PyV2w.roa
Signing time: Thu 05 Sep 2024 20:54:23 +0000
ROA not before: Thu 05 Sep 2024 20:54:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 18:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:f7:80:65:16:7f:ba:0f:08:05:16:7c:60:e2:d2:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 5 20:54:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=824e08ee231e97dd504e8132734a835ba3f2576c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5c:03:1f:ad:db:47:48:7b:48:da:12:82:0d:
6c:df:be:6f:47:9a:c3:a5:f0:72:a5:3b:67:2a:4b:
6a:45:e7:0c:05:97:be:1c:5b:07:a9:66:cd:2d:86:
e9:38:e8:f9:10:cd:43:2a:7a:f0:06:0b:31:67:7d:
aa:4a:10:b2:ae:5d:99:84:0d:07:1c:b0:15:99:9e:
67:0d:22:bc:48:2a:74:0e:0d:f7:0f:7d:fa:2a:09:
bb:75:c7:b6:c8:aa:83:d1:45:ed:18:aa:6c:fd:86:
eb:f9:50:3f:08:36:76:30:96:27:5f:e0:73:78:58:
72:23:50:21:d8:31:3f:2e:fe:55:f7:71:18:1c:62:
a8:6b:cb:14:55:0b:8d:4b:41:b3:6f:af:f8:a3:1e:
ff:21:94:2a:76:46:23:38:06:b0:9e:5e:7b:e1:e0:
60:78:44:f8:f2:84:e9:78:89:0e:69:ae:eb:83:59:
4e:db:be:26:40:98:7d:1e:14:ce:75:77:e2:0d:b9:
17:09:d9:60:06:51:86:a1:c4:b4:5f:51:e7:74:49:
f0:30:a1:90:86:9e:ef:b8:73:b4:0b:68:24:88:b4:
70:a4:5a:cd:af:f1:e0:07:04:55:41:cc:44:2e:ba:
bd:70:97:e7:f3:35:d0:08:f6:3e:55:1e:bb:f9:7d:
e2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4E:08:EE:23:1E:97:DD:50:4E:81:32:73:4A:83:5B:A3:F2:57:6C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gk4I7iMel91QToEyc0qDW6PyV2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
70:99:04:d8:69:5f:d9:ee:35:93:58:da:92:02:cd:c4:a6:be:
c3:b8:46:43:82:90:ea:87:01:1f:94:08:34:74:d3:5f:54:fd:
ff:ce:c1:59:11:3c:64:d0:8c:b1:1d:e1:a3:21:1d:40:8f:3e:
e6:15:97:1e:17:90:da:e0:3e:38:b3:e1:c7:18:77:ac:5f:6a:
3c:ba:c2:53:7d:28:9d:f5:d3:03:d6:61:20:66:6f:9b:8c:b7:
22:f5:6e:f9:24:7f:c5:17:06:cc:b4:3d:94:12:6e:9d:b3:88:
80:23:34:95:97:c4:ae:e2:b6:99:a5:e3:00:8b:9e:e3:8b:05:
74:d2:f3:ed:72:54:49:99:23:af:9b:29:01:ad:66:9f:62:94:
f4:33:74:20:c3:98:8d:b8:f7:f5:1c:b9:90:c2:13:7c:20:51:
0b:7f:65:79:1d:98:98:5f:6c:c8:b5:c6:24:99:27:06:bc:92:
f6:03:3b:b9:65:52:64:1c:7a:96:78:6b:75:e6:83:1d:24:a6:
84:16:71:39:d0:dd:c1:bb:43:36:de:16:4e:0e:7f:65:5e:06:
dc:e3:eb:7d:52:95:d9:98:b3:b3:d6:61:0a:c9:27:74:e7:73:
f3:4c:25:a5:c1:9f:f0:55:8c:a5:1e:c9:5d:96:f5:ab:c7:61:
37:d4:1d:2d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZHD94BlFn+6DwgFFnxg4tJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA1MjA1NDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRlMDhlZTIzMWU5N2RkNTA0ZTgxMzI3MzRhODM1YmEzZjI1NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlwDH63bR0h7SNoSgg1s375vR5rD
pfBypTtnKktqRecMBZe+HFsHqWbNLYbpOOj5EM1DKnrwBgsxZ32qShCyrl2ZhA0H
HLAVmZ5nDSK8SCp0Dg33D336Kgm7dce2yKqD0UXtGKps/Ybr+VA/CDZ2MJYnX+Bz
eFhyI1Ah2DE/Lv5V93EYHGKoa8sUVQuNS0Gzb6/4ox7/IZQqdkYjOAawnl574eBg
eET48oTpeIkOaa7rg1lO274mQJh9HhTOdXfiDbkXCdlgBlGGocS0X1HndEnwMKGQ
hp7vuHO0C2gkiLRwpFrNr/HgBwRVQcxELrq9cJfn8zXQCPY+VR67+X3iTQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFIJOCO4jHpfdUE6BMnNKg1uj8ldsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ2s0STdpTWVsOTFRVG9FeWMwcURXNlB5VjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdVrAwQBWdVwAwQAWdV0AwQAWdV5AwQA
WdWdAwQAWdXjAwQAbbDyAwQA1YKJMAwDBAPVgpgDBADVgpowDQYJKoZIhvcNAQEL
BQADggEBAHCZBNhpX9nuNZNY2pICzcSmvsO4RkOCkOqHAR+UCDR0019U/f/OwVkR
PGTQjLEd4aMhHUCPPuYVlx4XkNrgPjiz4ccYd6xfajy6wlN9KJ310wPWYSBmb5uM
tyL1bvkkf8UXBsy0PZQSbp2ziIAjNJWXxK7itpml4wCLnuOLBXTS8+1yVEmZI6+b
KQGtZp9ilPQzdCDDmI249/UcuZDCE3wgUQt/ZXkdmJhfbMi1xiSZJwa8kvYDO7ll
UmQcepZ4a3Xmgx0kpoQWcTnQ3cG7QzbeFk4Of2VeBtzj631SldmYs7PWYQrJJ3Tn
c/NMJaXBn/BVjKUeyV2W9avHYTfUHS0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:09:44 2025 by rpki-client