Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j9nPPhAeb3XMLixxGwA-iKchUS4.roa
File: j9nPPhAeb3XMLixxGwA-iKchUS4.roa (raw, json)
Hash identifier: WP/3bLIhu/dkQNV4hQ29nl7sbHFILazZGk/zZWVfev4=
Subject key identifier: 8F:D9:CF:3E:10:1E:6F:75:CC:2E:2C:71:1B:00:3E:88:A7:21:51:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F5C4B69C0330CA6BAA536E735419DE4F2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j9nPPhAeb3XMLixxGwA-iKchUS4.roa
Signing time: Thu 09 May 2024 07:39:57 +0000
ROA not before: Thu 09 May 2024 07:39:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
81.168.67.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.105.0/24 maxlen: 24
82.152.140.0/24 maxlen: 24
82.152.142.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.153.159.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.202.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.153.226.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:4b:69:c0:33:0c:a6:ba:a5:36:e7:35:41:9d:e4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 9 07:39:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fd9cf3e101e6f75cc2e2c711b003e88a721512e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:fd:c1:16:49:e1:5c:ac:91:2c:27:b8:51:
44:77:91:0e:6e:4d:96:52:2d:78:c0:83:5e:96:00:
b8:9c:3a:4a:b3:f7:20:f8:7b:b6:04:1b:5a:6e:80:
59:8e:45:eb:24:f8:88:78:f7:c5:23:65:91:d0:a6:
3e:3f:0d:20:eb:e2:61:2a:32:7c:75:db:d0:e4:50:
9f:a7:aa:fa:d2:80:44:a9:36:6f:66:01:a8:d9:b1:
a4:f3:9e:49:b9:db:18:c2:23:71:07:e0:14:7b:3f:
4a:7d:2f:56:7e:bd:69:20:b6:ae:c6:97:12:ab:3b:
85:1e:3f:c9:70:67:dd:be:b9:22:b7:f5:4e:cf:9b:
0b:37:06:3b:68:4b:e8:2f:ad:c6:a7:db:6b:24:db:
91:d8:57:a8:0c:d0:b6:54:1f:d8:d6:d9:37:9b:8d:
21:b1:70:5b:22:4c:0d:51:c7:9a:76:dc:57:ae:2d:
6a:0c:8a:35:01:cf:ca:f6:44:14:51:a6:f1:8c:a7:
0a:e9:92:07:c5:e0:b6:90:5e:0a:c0:2b:74:2f:d6:
33:73:fd:34:f0:8c:64:b5:d9:96:b9:40:79:d1:71:
20:a5:df:e2:25:02:a7:74:10:e4:23:55:de:aa:2e:
ee:33:a5:9b:54:b5:d8:ef:67:9d:ea:a2:38:7e:6b:
7c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D9:CF:3E:10:1E:6F:75:CC:2E:2C:71:1B:00:3E:88:A7:21:51:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j9nPPhAeb3XMLixxGwA-iKchUS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.50.0/24
81.168.67.0/24
82.152.12.0/24
82.152.98.0/24
82.152.105.0/24
82.152.140.0/24
82.152.142.0/24
82.153.34.0/23
82.153.135.0/24
82.153.159.0/24
82.153.201.0-82.153.202.255
82.153.205.0/24
82.153.207.0/24
82.153.226.0/24
82.163.0.0/24
82.163.15.0/24
109.176.193.0/24
109.176.202.0/24
109.176.244.0/24
212.38.79.0/24
212.38.84.0/24
213.130.150.0/23
213.210.58.0/24
Signature Algorithm: sha256WithRSAEncryption
68:9a:6e:00:14:0c:9b:de:51:99:e4:1c:79:5d:77:fd:fe:53:
5f:d6:c0:47:73:99:9d:86:b3:ea:d0:d6:a3:88:fe:53:6c:d8:
8c:94:00:a1:bc:b3:27:8b:60:49:9a:1a:e4:8a:74:b7:01:00:
2d:30:96:2a:f2:33:9d:4c:ef:a1:e2:54:d6:e0:0f:73:47:52:
c1:67:bb:6a:94:da:a3:8a:bb:45:e9:72:0b:13:ce:e5:47:91:
14:50:59:71:a2:05:2f:6d:d9:47:c0:3f:05:96:a5:de:67:b4:
3f:60:ca:52:3d:e5:eb:58:38:c2:b6:3f:94:55:bf:e9:4a:bb:
ef:53:a1:b8:9e:7a:3b:19:c1:24:31:09:61:86:9c:77:b9:3c:
ed:f7:81:eb:8d:06:af:b4:ee:ad:17:68:98:7a:21:b4:17:a3:
45:f7:91:4f:77:49:6f:1c:d4:c1:8c:d0:51:02:94:ea:eb:68:
ef:ef:2b:67:7f:10:ee:20:36:48:6b:01:c7:ae:27:b2:83:6f:
9b:92:23:fa:7e:56:79:15:b8:c6:19:4a:e3:7f:3f:63:9d:3a:
f2:ba:3f:6b:76:e0:4b:8d:cb:14:fd:b5:88:05:f7:9a:83:fb:
0d:ab:c8:35:fb:8d:51:38:8a:25:90:fc:f7:5e:c7:89:e0:9d:
9d:4b:8c:ca
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY9cS2nAMwymuqU25zVBneTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA5MDczOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ5Y2YzZTEwMWU2Zjc1Y2MyZTJjNzExYjAwM2U4OGE3MjE1MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN/9wRZJ4VyskSwnuFFEd5EObk2W
Ui14wINelgC4nDpKs/cg+Hu2BBtaboBZjkXrJPiIePfFI2WR0KY+Pw0g6+JhKjJ8
ddvQ5FCfp6r60oBEqTZvZgGo2bGk855JudsYwiNxB+AUez9KfS9Wfr1pILauxpcS
qzuFHj/JcGfdvrkit/VOz5sLNwY7aEvoL63Gp9trJNuR2FeoDNC2VB/Y1tk3m40h
sXBbIkwNUceadtxXri1qDIo1Ac/K9kQUUabxjKcK6ZIHxeC2kF4KwCt0L9Yzc/00
8IxktdmWuUB50XEgpd/iJQKndBDkI1Xeqi7uM6WbVLXY72ed6qI4fmt8twIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFI/Zzz4QHm91zC4scRsAPoinIVEuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvajluUFBoQWViM1hNTGl4eEd3QS1pS2NoVVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAl
/BsDBABPY0wDBABRqDIDBABRqEMDBABSmAwDBABSmGIDBABSmGkDBABSmIwDBABS
mI4DBAFSmSIDBABSmYcDBABSmZ8wDAMEAFKZyQMEAFKZygMEAFKZzQMEAFKZzwME
AFKZ4gMEAFKjAAMEAFKjDwMEAG2wwQMEAG2wygMEAG2w9AMEANQmTwMEANQmVAME
AdWClgMEANXSOjANBgkqhkiG9w0BAQsFAAOCAQEAaJpuABQMm95RmeQceV13/f5T
X9bAR3OZnYaz6tDWo4j+U2zYjJQAobyzJ4tgSZoa5Ip0twEALTCWKvIznUzvoeJU
1uAPc0dSwWe7apTao4q7RelyCxPO5UeRFFBZcaIFL23ZR8A/BZal3me0P2DKUj3l
61g4wrY/lFW/6Uq771OhuJ56OxnBJDEJYYacd7k87feB640Gr7TurRdomHohtBej
RfeRT3dJbxzUwYzQUQKU6uto7+8rZ38Q7iA2SGsBx64nsoNvm5Ij+n5WeRW4xhlK
438/Y5068ro/a3bgS43LFP21iAX3moP7DavINfuNUTiKJZD8917HieCdnUuMyg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:44 2025 by rpki-client