Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hq1CDueU4_PK2EKQYu8omWTjRLk.roa
File: hq1CDueU4_PK2EKQYu8omWTjRLk.roa (raw, json)
Hash identifier: ppbHmneROLahhX5mZSaZzTnXFAkz35Szj3e3LFZOcuo=
Subject key identifier: 86:AD:42:0E:E7:94:E3:F3:CA:D8:42:90:62:EF:28:99:64:E3:44:B9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019275742DEEAEDB25492733547ED39AFDF8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hq1CDueU4_PK2EKQYu8omWTjRLk.roa
Signing time: Thu 10 Oct 2024 08:03:20 +0000
ROA not before: Thu 10 Oct 2024 08:03:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.23.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 17:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:74:2d:ee:ae:db:25:49:27:33:54:7e:d3:9a:fd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 10 08:03:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86ad420ee794e3f3cad8429062ef289964e344b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:ee:af:fd:d1:1a:5a:91:50:39:12:88:d7:
3b:fa:10:0e:bd:ec:b4:61:b3:81:39:03:c7:28:a0:
05:70:10:67:36:6f:ba:8b:69:7c:b5:63:a6:31:70:
a1:e3:76:46:91:30:90:0c:c5:75:e2:9a:ab:72:29:
3b:6b:ea:e8:ce:dc:a9:15:f5:f4:d2:65:45:76:94:
64:5f:dc:24:7f:2f:24:59:00:12:59:01:90:99:dc:
76:66:3e:b0:e0:fc:b9:2e:a7:a7:54:a2:31:f9:be:
60:30:ed:ab:cd:45:91:c4:30:50:f5:e9:36:6f:b8:
8a:65:5a:fb:9f:e1:39:1b:19:aa:02:ad:54:56:ea:
86:1c:ad:14:d0:8a:65:66:f5:68:6e:b9:04:54:42:
1b:1e:3c:4a:7b:05:14:4d:7c:34:b5:6c:8f:2e:cd:
e9:73:9d:d1:8b:44:21:23:8b:47:03:0c:59:d7:96:
d6:06:e7:c4:2a:74:f3:54:8d:cf:bf:79:2a:84:b3:
24:b3:a8:c9:9d:91:07:de:14:e1:f3:7d:6c:6d:9d:
c5:cc:76:8c:03:e1:d0:50:23:9c:52:f0:43:33:d7:
83:00:cb:51:2c:a3:a4:6d:81:3a:4f:13:81:70:63:
57:8b:56:64:cf:53:36:c9:ab:e0:0f:54:fe:aa:e9:
4a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AD:42:0E:E7:94:E3:F3:CA:D8:42:90:62:EF:28:99:64:E3:44:B9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hq1CDueU4_PK2EKQYu8omWTjRLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
213.218.238.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:e1:29:68:1c:0f:73:98:07:de:25:70:d1:80:78:36:a0:dd:
c5:a2:66:f3:93:a1:58:25:6d:ea:a6:6c:d1:c8:70:40:f9:e7:
3c:35:28:ee:38:b7:44:b4:dc:cb:d5:de:91:6f:eb:4e:bc:f8:
db:ef:df:4d:b3:f9:d8:e8:03:19:da:81:32:a8:1f:d9:94:f4:
fe:47:17:8c:7d:d0:1b:81:8f:f7:71:54:8a:ee:1c:16:20:23:
9c:d6:3b:6c:b2:a1:79:05:39:86:76:7d:18:e1:78:20:a6:de:
d4:69:68:21:99:71:8a:28:9b:30:fe:8f:fa:43:1f:7f:43:3c:
80:86:47:47:b9:ac:e0:be:4f:f3:7b:f7:93:e4:84:0f:39:c0:
c5:58:c6:58:77:7b:3d:03:ff:2e:62:fc:97:1d:a8:b7:3b:9d:
ad:7d:c1:3b:ac:6f:66:af:0b:48:28:6b:04:53:82:18:d6:5a:
82:d0:e5:82:99:c5:a4:b1:d2:fa:3e:f1:d0:aa:95:3a:a4:51:
49:d4:0a:28:65:93:80:64:bc:6b:11:fc:b6:86:48:36:43:9a:
7b:2b:37:89:30:25:b4:f2:83:5e:3e:79:f2:f8:0c:9e:0b:b6:
1e:20:96:e2:74:d1:f8:f2:a7:1a:9d:e6:7a:b2:84:e6:32:9a:
d7:d5:fe:a0
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZJ1dC3urtslSSczVH7Tmv34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDEwMDgwMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFkNDIwZWU3OTRlM2YzY2FkODQyOTA2MmVmMjg5OTY0ZTM0NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeTur/3RGlqRUDkSiNc7+hAOvey0
YbOBOQPHKKAFcBBnNm+6i2l8tWOmMXCh43ZGkTCQDMV14pqrcik7a+roztypFfX0
0mVFdpRkX9wkfy8kWQASWQGQmdx2Zj6w4Py5LqenVKIx+b5gMO2rzUWRxDBQ9ek2
b7iKZVr7n+E5GxmqAq1UVuqGHK0U0IplZvVobrkEVEIbHjxKewUUTXw0tWyPLs3p
c53Ri0QhI4tHAwxZ15bWBufEKnTzVI3Pv3kqhLMks6jJnZEH3hTh831sbZ3FzHaM
A+HQUCOcUvBDM9eDAMtRLKOkbYE6TxOBcGNXi1Zkz1M2yavgD1T+qulKkQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFIatQg7nlOPzythCkGLvKJlk40S5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaHExQ0R1ZVU0X1BLMkVLUVl1OG9tV1RqUkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAFS
mLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YswDAMEAFnVkQME
AFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAME
AlnV5AMEBFnV4AMEA22wEAMEAG2wwQMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAME
AdQmWAMEANXa0wMEANXa7jAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEB
CwUAA4IBAQB/4SloHA9zmAfeJXDRgHg2oN3Fombzk6FYJW3qpmzRyHBA+ec8NSju
OLdEtNzL1d6Rb+tOvPjb799Ns/nY6AMZ2oEyqB/ZlPT+RxeMfdAbgY/3cVSK7hwW
ICOc1jtssqF5BTmGdn0Y4Xggpt7UaWghmXGKKJsw/o/6Qx9/QzyAhkdHuazgvk/z
e/eT5IQPOcDFWMZYd3s9A/8uYvyXHai3O52tfcE7rG9mrwtIKGsEU4IY1lqC0OWC
mcWksdL6PvHQqpU6pFFJ1AooZZOAZLxrEfy2hkg2Q5p7KzeJMCW08oNePnny+Aye
C7YeIJbidNH48qcaneZ6soTmMprX1f6g
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:27 2025 by rpki-client