Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k7mnUjq-MZHgD6iwZ5Je4rE1iik.roa
File: k7mnUjq-MZHgD6iwZ5Je4rE1iik.roa (raw, json)
Hash identifier: 3c7cZASMskGkBnnHQVTh7MZOmB0qS7yUW5uHvTN0DJY=
Subject key identifier: 93:B9:A7:52:3A:BE:31:91:E0:0F:A8:B0:67:92:5E:E2:B1:35:8A:29
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE220BE64EC77E93E6FF6E0D4AB853D5D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k7mnUjq-MZHgD6iwZ5Je4rE1iik.roa
Signing time: Tue 04 Jun 2024 07:22:27 +0000
ROA not before: Tue 04 Jun 2024 07:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 16:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:20:be:64:ec:77:e9:3e:6f:f6:e0:d4:ab:85:3d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 07:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93b9a7523abe3191e00fa8b067925ee2b1358a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:00:12:67:e8:1b:ef:6d:93:76:d2:dd:2c:b9:
9a:59:66:0e:f3:89:5d:a6:37:d2:a0:a9:13:93:e3:
f4:32:9c:c0:f5:bc:3b:4d:1b:e0:54:60:71:76:a6:
8e:6a:c1:12:cd:c0:d1:96:77:e0:6b:79:87:a7:5a:
07:7c:fa:b8:dd:ed:a2:70:58:ad:cf:2c:36:8d:cd:
50:ef:bd:bb:b6:16:7f:1c:cc:eb:cb:fe:01:fe:a3:
15:9e:9b:84:13:e7:4b:bb:a8:c6:73:93:8d:36:97:
71:18:a8:0a:3f:c3:37:b8:8c:97:94:84:d4:14:71:
42:7a:e1:ee:0d:ff:1f:8f:0c:46:91:8b:ae:e7:08:
fe:2d:b1:53:c2:5a:2f:1e:b2:7e:19:42:f5:7a:8a:
d0:12:61:ac:7d:48:a6:27:28:51:ad:77:d2:03:83:
49:9d:f9:46:04:40:5b:71:02:d8:46:61:98:84:33:
82:28:af:fb:63:53:12:76:22:9a:97:9d:b9:1c:ab:
0b:2d:3e:d9:cd:00:b7:6d:9b:65:71:78:98:0d:b3:
5b:99:f5:03:8d:f4:1a:ad:f3:9f:77:4a:43:16:b4:
17:b0:72:ca:ce:60:59:12:1d:b6:d3:ed:a4:a5:78:
f4:24:c2:bd:11:e1:1e:4a:0c:6c:20:51:f3:53:01:
46:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B9:A7:52:3A:BE:31:91:E0:0F:A8:B0:67:92:5E:E2:B1:35:8A:29
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k7mnUjq-MZHgD6iwZ5Je4rE1iik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.238.0/23
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
10:b9:a3:2a:8c:db:59:31:48:87:08:ea:39:18:3b:81:eb:94:
30:9f:24:72:94:48:d1:19:7f:26:0a:24:be:5c:31:c9:9f:90:
c9:14:b4:5b:26:e0:af:79:81:74:62:94:9b:c3:fb:78:d5:69:
40:84:88:0b:09:07:43:db:03:dc:58:71:a9:a2:a6:81:52:ec:
9d:09:59:ab:10:43:8a:64:d7:af:23:b7:ba:19:56:fc:c4:bf:
98:4a:53:cb:10:50:23:92:bf:b0:db:01:96:6c:b1:e7:09:16:
7a:13:2b:ba:a0:05:20:d8:9c:3e:11:e0:84:ee:ae:19:a3:1c:
df:a5:ab:c2:15:2a:fd:73:ec:bf:ce:e5:15:e8:ac:40:8a:f0:
8a:20:f6:b8:82:54:c6:ef:fc:17:1a:a4:36:a0:6e:ac:e4:63:
b3:bc:5d:69:51:33:f1:89:d2:e9:f2:eb:ba:c6:cb:77:e3:40:
43:5a:37:f8:33:61:ee:6a:62:e3:2d:c5:f9:57:67:0f:1f:e8:
03:cc:a6:45:2a:c3:4a:c7:de:ac:07:fc:b9:07:09:c3:21:f7:
45:18:50:8c:f7:a4:13:48:ac:b6:c0:5f:b8:0e:bc:fe:64:ff:
6b:b4:f1:af:e4:e1:c2:76:3e:61:f6:52:a4:1d:e5:6c:fc:31:
67:fd:88:67
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY/iIL5k7HfpPm/24NSrhT1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA0MDcyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I5YTc1MjNhYmUzMTkxZTAwZmE4YjA2NzkyNWVlMmIxMzU4YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwASZ+gb722TdtLdLLmaWWYO84ld
pjfSoKkTk+P0MpzA9bw7TRvgVGBxdqaOasESzcDRlnfga3mHp1oHfPq43e2icFit
zyw2jc1Q7727thZ/HMzry/4B/qMVnpuEE+dLu6jGc5ONNpdxGKgKP8M3uIyXlITU
FHFCeuHuDf8fjwxGkYuu5wj+LbFTwlovHrJ+GUL1eorQEmGsfUimJyhRrXfSA4NJ
nflGBEBbcQLYRmGYhDOCKK/7Y1MSdiKal525HKsLLT7ZzQC3bZtlcXiYDbNbmfUD
jfQarfOfd0pDFrQXsHLKzmBZEh220+2kpXj0JMK9EeEeSgxsIFHzUwFGBwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJO5p1I6vjGR4A+osGeSXuKxNYopMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvazdtblVqcS1NWkhnRDZpd1o1SmU0ckUxaWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEA22w
EAMEAm2wzAMEAbkxfgMEBMJpUAMEAdQmWAMEAdXa0gMEAdXa7gMEANmRRDANBgkq
hkiG9w0BAQsFAAOCAQEAELmjKozbWTFIhwjqORg7geuUMJ8kcpRI0Rl/Jgokvlwx
yZ+QyRS0Wybgr3mBdGKUm8P7eNVpQISICwkHQ9sD3FhxqaKmgVLsnQlZqxBDimTX
ryO3uhlW/MS/mEpTyxBQI5K/sNsBlmyx5wkWehMruqAFINicPhHghO6uGaMc36Wr
whUq/XPsv87lFeisQIrwiiD2uIJUxu/8FxqkNqBurORjs7xdaVEz8YnS6fLrusbL
d+NAQ1o3+DNh7mpi4y3F+VdnDx/oA8ymRSrDSsferAf8uQcJwyH3RRhQjPekE0is
tsBfuA68/mT/a7Txr+ThwnY+YfZSpB3lbPwxZ/2IZw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:58 2025 by rpki-client