Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lGsasF9v7toqdFyjit4wHhDyG4Y.roa
File: lGsasF9v7toqdFyjit4wHhDyG4Y.roa (raw, json)
Hash identifier: OxY6bSkZmyGV2dkK8ZKpm/VwAR6TAM4bTlbzCQxQfZ8=
Subject key identifier: 94:6B:1A:B0:5F:6F:EE:DA:2A:74:5C:A3:8A:DE:30:1E:10:F2:1B:86
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FF25241475C8CC5DF04846A49D42E1F94
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lGsasF9v7toqdFyjit4wHhDyG4Y.roa
Signing time: Fri 07 Jun 2024 10:50:27 +0000
ROA not before: Fri 07 Jun 2024 10:50:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
81.168.67.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.35.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.205.0/24 maxlen: 24
82.153.226.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 16:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:52:41:47:5c:8c:c5:df:04:84:6a:49:d4:2e:1f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 7 10:50:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946b1ab05f6feeda2a745ca38ade301e10f21b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:03:af:95:e6:79:da:6e:c6:54:e6:8f:ab:47:
e1:74:5d:65:41:c9:26:9f:0c:2d:7a:2e:e3:45:b5:
8b:ff:d0:00:e8:6a:e5:77:d3:b9:28:82:78:1d:76:
1a:5d:66:a4:32:5e:39:ad:4b:cd:11:61:73:dc:47:
a0:6c:b5:a7:8d:0b:2b:e6:61:bb:1e:db:8e:ed:62:
de:aa:b3:e3:31:64:3f:1d:74:6f:f1:0e:3b:5e:e9:
37:63:aa:19:d4:0b:9e:84:c7:cc:e6:cf:6e:74:3c:
13:f9:d2:0b:d3:94:f5:79:d6:40:f3:da:93:4a:2b:
d8:bc:6d:00:e4:f2:fd:2e:e9:e9:d7:5d:dd:42:b0:
1b:bb:75:2c:d7:5f:ce:53:e6:ea:39:06:9d:41:b8:
e2:3e:61:81:cc:e1:e5:88:72:47:62:43:1a:4c:69:
95:17:53:15:b3:65:b4:b0:60:be:bc:de:88:39:12:
ab:4f:7d:2f:73:49:34:d9:c6:1d:ee:7b:95:46:c6:
e5:fc:fb:a3:18:43:3a:ca:b4:b6:70:ef:26:5d:28:
a7:23:ff:ae:38:5a:07:c1:d1:88:a4:81:73:33:a9:
d7:c2:1f:06:cc:59:52:97:cd:eb:81:f7:0c:cb:ac:
48:38:0a:71:7f:bf:b9:3c:fe:8b:93:8b:bb:a1:3e:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6B:1A:B0:5F:6F:EE:DA:2A:74:5C:A3:8A:DE:30:1E:10:F2:1B:86
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lGsasF9v7toqdFyjit4wHhDyG4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.50.0/24
81.168.67.0/24
82.152.176.0/23
82.153.35.0/24
82.153.136.0/22
82.153.205.0/24
82.153.226.0/24
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:75:06:b5:7b:2d:61:e0:29:5b:ec:ae:f6:cd:7b:3f:c2:7a:
bb:80:ec:62:be:0f:60:cd:ff:fe:07:cd:6d:47:18:81:3b:f2:
63:2e:94:d7:c9:d9:86:5b:fb:cd:5b:fb:31:37:4c:6c:ca:7a:
e9:dd:a4:03:f3:93:e7:e6:3f:0d:5a:b6:ff:5f:92:bf:11:fe:
68:0e:36:b4:72:11:b9:94:d2:3a:20:f6:89:9f:e2:17:88:3c:
62:f3:0d:5a:86:ea:54:0c:76:9b:0f:4c:d2:ca:0d:4e:21:05:
3c:03:05:c9:7b:8c:19:57:ed:5c:18:66:c8:d6:57:3c:d8:8c:
1e:6c:b7:8c:38:b1:81:46:75:b5:03:d2:a2:f0:33:d6:c7:4d:
89:69:e0:73:c5:7d:3a:01:c3:7b:64:3b:9d:11:8a:72:12:74:
69:46:38:38:de:9b:78:b7:43:6d:b3:2e:32:6d:e1:5e:6e:f8:
be:6f:53:3d:30:61:df:d5:c9:c3:d9:0b:5b:26:fc:e6:08:71:
de:f1:dd:dd:5f:4b:21:6b:1f:d2:f7:18:84:26:e0:30:e7:91:
ef:1a:ad:f9:15:96:59:65:68:d0:cb:ca:0a:da:2e:db:55:5f:
7c:d4:8b:44:dc:b6:e8:c9:2b:c4:d1:88:72:75:b4:55:3c:3f:
a1:20:70:16
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAY/yUkFHXIzF3wSEaknULh+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA3MTA1MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZiMWFiMDVmNmZlZWRhMmE3NDVjYTM4YWRlMzAxZTEwZjIxYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgOvleZ52m7GVOaPq0fhdF1lQckm
nwwtei7jRbWL/9AA6Grld9O5KIJ4HXYaXWakMl45rUvNEWFz3EegbLWnjQsr5mG7
HtuO7WLeqrPjMWQ/HXRv8Q47Xuk3Y6oZ1AuehMfM5s9udDwT+dIL05T1edZA89qT
SivYvG0A5PL9Lunp113dQrAbu3Us11/OU+bqOQadQbjiPmGBzOHliHJHYkMaTGmV
F1MVs2W0sGC+vN6IORKrT30vc0k02cYd7nuVRsbl/PujGEM6yrS2cO8mXSinI/+u
OFoHwdGIpIFzM6nXwh8GzFlSl83rgfcMy6xIOApxf7+5PP6Lk4u7oT736wIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJRrGrBfb+7aKnRco4reMB4Q8huGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEdzYXNGOXY3dG9xZEZ5aml0NHdIaER5RzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAl
/BsDBABPY0wDBABRqDIDBABRqEMDBAFSmLADBABSmSMDBAJSmYgDBABSmc0DBABS
meIDBABSow8wDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQEWdXAAwQDWdXo
AwQDbbAQAwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQB1drSAwQA1druMA0GCSqG
SIb3DQEBCwUAA4IBAQBLdQa1ey1h4Clb7K72zXs/wnq7gOxivg9gzf/+B81tRxiB
O/JjLpTXydmGW/vNW/sxN0xsynrp3aQD85Pn5j8NWrb/X5K/Ef5oDja0chG5lNI6
IPaJn+IXiDxi8w1ahupUDHabD0zSyg1OIQU8AwXJe4wZV+1cGGbI1lc82IwebLeM
OLGBRnW1A9Ki8DPWx02JaeBzxX06AcN7ZDudEYpyEnRpRjg43pt4t0Ntsy4ybeFe
bvi+b1M9MGHf1cnD2QtbJvzmCHHe8d3dX0shax/S9xiEJuAw55HvGq35FZZZZWjQ
y8oK2i7bVV981ItE3LboySvE0YhydbRVPD+hIHAW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:25 2025 by rpki-client