Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gx9ZWT8ZjLyq4LOMzsR8is7IsGY.roa
File: gx9ZWT8ZjLyq4LOMzsR8is7IsGY.roa (raw, json)
Hash identifier: gpyGmtu+fgZADfFaVslBa1zulksO6e+9FRwxXO5xJxY=
Subject key identifier: 83:1F:59:59:3F:19:8C:BC:AA:E0:B3:8C:CE:C4:7C:8A:CE:C8:B0:66
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019164D93853460B00821F3AC8E534C93347
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gx9ZWT8ZjLyq4LOMzsR8is7IsGY.roa
Signing time: Sun 18 Aug 2024 09:37:22 +0000
ROA not before: Sun 18 Aug 2024 09:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.12.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.225.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.203.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 14:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:d9:38:53:46:0b:00:82:1f:3a:c8:e5:34:c9:33:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 18 09:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=831f59593f198cbcaae0b38ccec47c8acec8b066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:43:3b:82:46:2a:41:37:36:4b:f8:ea:b2:
fb:f8:6b:5e:c7:de:d0:f2:85:e8:47:40:07:48:37:
7f:bd:45:52:3a:4b:39:7b:56:64:ef:13:e2:ee:e6:
d0:fc:1f:a1:6e:e0:e3:37:40:ea:2e:2c:ec:24:a5:
5d:df:5d:c2:34:5c:07:77:b9:8d:5f:81:7d:25:f3:
c8:23:89:81:8e:8b:d6:f6:24:f6:9b:bf:ac:11:4a:
58:1a:8f:ce:f9:d6:73:db:d8:3d:01:81:27:3c:44:
00:73:14:f7:6c:e7:04:eb:7d:59:0b:bd:df:10:f6:
7d:1f:7f:30:5f:73:ed:92:69:86:bc:3c:91:01:78:
59:18:42:7d:b1:84:c8:c5:0e:c1:7b:82:0a:2d:d8:
b3:bb:ad:1f:41:3d:98:41:67:c6:f1:55:83:be:34:
f4:62:86:93:54:df:9d:a9:ce:2b:2c:86:36:f9:e7:
21:8c:91:9e:7e:98:4b:e1:9c:ab:5d:38:47:e5:c6:
af:b6:a4:91:33:c2:65:ea:3b:92:4f:a9:31:90:60:
71:6a:20:85:4f:4c:97:e9:2a:a6:6a:f0:31:24:72:
8d:30:fe:ad:73:b4:ba:76:02:d3:99:5b:19:07:54:
fa:9a:d4:1e:a2:14:21:be:a2:81:eb:97:8b:c2:e4:
3c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1F:59:59:3F:19:8C:BC:AA:E0:B3:8C:CE:C4:7C:8A:CE:C8:B0:66
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gx9ZWT8ZjLyq4LOMzsR8is7IsGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.12.0/24
82.152.176.0/23
82.153.136.0/22
82.153.225.0/24
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.203.0-109.176.207.255
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
52:30:8f:3e:9f:30:8a:d9:e5:81:a7:cb:57:4c:50:48:f0:f1:
00:50:0c:c6:cf:38:a8:d7:cd:2d:12:d9:fc:e8:3a:7a:75:1d:
65:a3:4c:ff:fe:b2:53:c2:8f:1f:9d:12:8a:ca:5b:4c:df:17:
83:bf:1a:03:f7:c3:63:1c:55:bb:72:93:20:60:55:2f:e0:46:
ee:55:76:70:b7:ef:b5:1d:54:8a:bf:b7:cb:8e:62:e3:21:cc:
d3:58:cf:8f:fa:1c:5d:43:63:81:d5:e8:25:37:50:0d:cc:68:
14:f2:c3:cb:2e:18:78:8e:60:8a:af:20:a6:56:95:f0:f6:4a:
56:55:a7:0e:7b:e5:b7:3b:86:e6:77:81:d5:0a:d7:c5:40:53:
16:8f:df:ed:ff:ca:76:db:5c:05:33:fe:33:48:d0:0d:20:2d:
b5:3b:b7:ce:ba:32:2d:e4:c4:8f:d0:f2:05:a5:a5:66:c0:33:
fc:5a:1f:a6:e5:43:f5:b5:51:07:67:39:8f:9a:3c:e6:ce:31:
36:72:11:48:b8:7b:58:94:d1:0b:01:4a:75:02:cd:54:15:4a:
ec:19:2e:42:6c:1e:2c:ab:67:bd:92:af:ad:b6:4d:31:75:4c:
fc:8b:3a:b8:0a:62:5b:02:5a:c9:a0:cb:88:20:62:02:61:e1:
73:7a:24:8c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZFk2ThTRgsAgh86yOU0yTNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODE4MDkzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFmNTk1OTNmMTk4Y2JjYWFlMGIzOGNjZWM0N2M4YWNlYzhiMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriFDO4JGKkE3Nkv46rL7+Gtex97Q
8oXoR0AHSDd/vUVSOks5e1Zk7xPi7ubQ/B+hbuDjN0DqLizsJKVd313CNFwHd7mN
X4F9JfPII4mBjovW9iT2m7+sEUpYGo/O+dZz29g9AYEnPEQAcxT3bOcE631ZC73f
EPZ9H38wX3PtkmmGvDyRAXhZGEJ9sYTIxQ7Be4IKLdizu60fQT2YQWfG8VWDvjT0
YoaTVN+dqc4rLIY2+echjJGefphL4ZyrXThH5cavtqSRM8Jl6juST6kxkGBxaiCF
T0yX6SqmavAxJHKNMP6tc7S6dgLTmVsZB1T6mtQeohQhvqKB65eLwuQ8cwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFIMfWVk/GYy8quCzjM7EfIrOyLBmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ3g5WldUOFpqTHlxNExPTXpzUjhpczdJc0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBABS
mAwDBAFSmLADBAJSmYgDBABSmeEDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAME
BVnVgAMEAFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANt
sBAwDAMEAG2wywMEBG2wwAMEAbkxfgMEBMJpUAMEAdQmWAMEANXa0wMEANmRQgME
A9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAUjCPPp8witnlgafLV0xQSPDxAFAMxs84
qNfNLRLZ/Og6enUdZaNM//6yU8KPH50SispbTN8Xg78aA/fDYxxVu3KTIGBVL+BG
7lV2cLfvtR1Uir+3y45i4yHM01jPj/ocXUNjgdXoJTdQDcxoFPLDyy4YeI5giq8g
plaV8PZKVlWnDnvltzuG5neB1QrXxUBTFo/f7f/KdttcBTP+M0jQDSAttTu3zroy
LeTEj9DyBaWlZsAz/FofpuVD9bVRB2c5j5o85s4xNnIRSLh7WJTRCwFKdQLNVBVK
7BkuQmweLKtnvZKvrbZNMXVM/Is6uApiWwJayaDLiCBiAmHhc3okjA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:23 2025 by rpki-client