Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/js9cwxMuIrqFDcDOD1HL2Lfm4to.roa
File: js9cwxMuIrqFDcDOD1HL2Lfm4to.roa (raw, json)
Hash identifier: gfaGzqijGS37oohWA7/ACw/fe2qZCnRNGtkghk7NIhk=
Subject key identifier: 8E:CF:5C:C3:13:2E:22:BA:85:0D:C0:CE:0F:51:CB:D8:B7:E6:E2:DA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB93B011E6D187EA7B75C6FCF253E8D4C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/js9cwxMuIrqFDcDOD1HL2Lfm4to.roa
Signing time: Mon 27 May 2024 08:46:42 +0000
ROA not before: Mon 27 May 2024 08:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 16:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:3b:01:1e:6d:18:7e:a7:b7:5c:6f:cf:25:3e:8d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 08:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ecf5cc3132e22ba850dc0ce0f51cbd8b7e6e2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3f:77:3c:e9:41:63:1a:88:68:b9:73:7b:8f:
38:20:c6:1b:91:23:59:96:d4:00:23:b9:00:c2:83:
e3:92:d5:1b:58:c9:88:6f:7d:dd:29:08:ef:a3:9e:
20:89:1c:2f:c9:0c:36:fc:8f:12:68:62:37:28:fc:
93:a8:74:22:62:c1:01:b3:90:58:7e:ac:58:74:fc:
bc:36:54:e5:87:49:85:0c:3d:18:bb:81:04:75:8d:
dc:4c:40:87:38:78:cd:db:32:dc:01:03:e6:d3:96:
db:42:6d:8b:0b:1b:60:c7:b8:e0:22:4a:b6:14:0a:
f5:0c:c3:cd:2e:8e:66:d1:9f:c8:e2:b1:2a:77:5d:
cb:19:81:6c:7d:62:26:a7:d7:b1:37:95:1d:a7:06:
63:92:ae:dd:0d:09:3b:1f:f4:69:08:10:4d:5b:26:
d3:ca:96:d4:7c:c8:50:b4:1c:47:c1:48:0e:4f:17:
4e:ce:7f:b5:41:95:c5:54:66:5b:c1:ac:90:c1:e6:
b5:e5:2b:2c:7b:5c:08:a1:ac:ae:f5:1d:aa:23:8e:
26:a7:77:24:8f:12:5f:72:fc:9a:64:dc:fb:3d:c9:
bf:e1:a0:c8:81:5d:10:d7:f4:0e:b3:1f:c7:3c:9c:
35:18:48:5a:a2:ec:dc:99:86:a9:a1:ee:ef:9b:bd:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CF:5C:C3:13:2E:22:BA:85:0D:C0:CE:0F:51:CB:D8:B7:E6:E2:DA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/js9cwxMuIrqFDcDOD1HL2Lfm4to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.225.0/24
82.153.239.0/24
89.213.43.0/24
89.213.98.0/24
89.213.145.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.32.0/19
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
91:4e:b8:4e:90:76:c3:88:73:51:7d:f8:90:d3:03:8b:90:fc:
3e:7a:42:fa:ea:53:45:c3:05:f4:df:c0:8d:1d:6a:93:3e:42:
eb:74:75:3f:dc:7c:db:11:7c:34:bd:40:72:c1:5f:47:03:b1:
ec:ee:d9:71:75:3a:56:7b:12:2d:08:9f:60:36:df:21:47:bc:
19:3b:49:33:20:2b:88:fe:3a:e9:a5:b1:58:24:6c:62:11:5b:
f3:9a:63:da:85:88:81:2a:47:27:31:80:7e:3a:af:f3:51:b3:
c9:6b:d5:97:a1:27:d4:a8:45:35:0a:01:5e:44:81:46:ff:d0:
8f:ec:54:20:b1:f8:0f:55:3f:d5:04:86:52:88:b0:93:77:47:
a8:75:18:4e:e0:20:16:7f:97:99:f7:29:c5:f3:26:72:de:6d:
71:8a:e3:e3:5a:e7:be:be:94:78:5f:75:02:70:b0:86:05:07:
c0:2f:b6:85:f9:14:95:62:6b:3b:e3:5b:f6:74:ce:48:07:89:
00:e1:2e:78:4c:ff:41:b5:13:da:3b:74:99:1a:ad:9a:4d:3a:
e2:78:3f:41:8d:71:41:34:cc:af:68:7b:34:a8:c2:ef:af:20:
d6:b9:e2:17:2d:b8:c2:03:4a:96:2a:f4:5c:70:ec:37:02:95:
94:e1:28:44
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAY+5OwEebRh+p7dcb88lPo1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MDg0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNmNWNjMzEzMmUyMmJhODUwZGMwY2UwZjUxY2JkOGI3ZTZlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT93POlBYxqIaLlze484IMYbkSNZ
ltQAI7kAwoPjktUbWMmIb33dKQjvo54giRwvyQw2/I8SaGI3KPyTqHQiYsEBs5BY
fqxYdPy8NlTlh0mFDD0Yu4EEdY3cTECHOHjN2zLcAQPm05bbQm2LCxtgx7jgIkq2
FAr1DMPNLo5m0Z/I4rEqd13LGYFsfWImp9exN5UdpwZjkq7dDQk7H/RpCBBNWybT
ypbUfMhQtBxHwUgOTxdOzn+1QZXFVGZbwayQwea15Ssse1wIoayu9R2qI44mp3ck
jxJfcvyaZNz7Pcm/4aDIgV0Q1/QOsx/HPJw1GEhaouzcmYapoe7vm70HJwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFI7PXMMTLiK6hQ3Azg9Ry9i35uLaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanM5Y3d4TXVJcnFGRGNET0QxSEwyTGZtNHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdAwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZ4QMEAFKZ7wMEAFnVKwMEAFnVYgME
AFnVkQMEAFnVoTAMAwQDWdXoAwQBWdXsAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKV
AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQCRTrhOkHbDiHNRffiQ0wOL
kPw+ekL66lNFwwX038CNHWqTPkLrdHU/3HzbEXw0vUBywV9HA7Hs7tlxdTpWexIt
CJ9gNt8hR7wZO0kzICuI/jrppbFYJGxiEVvzmmPahYiBKkcnMYB+Oq/zUbPJa9WX
oSfUqEU1CgFeRIFG/9CP7FQgsfgPVT/VBIZSiLCTd0eodRhO4CAWf5eZ9ynF8yZy
3m1xiuPjWue+vpR4X3UCcLCGBQfAL7aF+RSVYms741v2dM5IB4kA4S54TP9BtRPa
O3SZGq2aTTrieD9BjXFBNMyvaHs0qMLvryDWueIXLbjCA0qWKvRccOw3ApWU4ShE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:25 2025 by rpki-client