Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lO7z3pNV85kOaz1FuIP30mGyG7E.roa
File: lO7z3pNV85kOaz1FuIP30mGyG7E.roa (raw, json)
Hash identifier: SgzacbTrjRNVy8mY9m7EsfN7NxGjtnRN5a7X0+/Ld9k=
Subject key identifier: 94:EE:F3:DE:93:55:F3:99:0E:6B:3D:45:B8:83:F7:D2:61:B2:1B:B1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421442E2A4223152DFCEDFB71B6E69970
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lO7z3pNV85kOaz1FuIP30mGyG7E.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 15:34:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:2a:42:23:15:2d:fc:ed:fb:71:b6:e6:99:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94eef3de9355f3990e6b3d45b883f7d261b21bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5f:2d:96:31:ec:d0:bf:52:97:32:00:74:7a:
df:58:53:8e:32:a3:f8:3d:98:ec:2c:d7:7d:03:0c:
51:a0:e0:bd:5f:b0:fb:15:bd:9c:f0:47:e4:a2:d5:
70:5d:2a:56:64:22:d4:bd:e9:b7:e7:47:97:40:3e:
d2:e0:c0:a2:53:70:65:44:8b:04:4b:51:8c:4e:25:
dd:1e:da:b1:c2:a1:07:19:e1:df:6a:3b:42:ae:c9:
8b:35:b1:a9:7a:30:ca:06:db:36:a4:f9:f9:47:64:
1a:4c:5d:1c:eb:e4:c1:76:95:59:dd:e4:c8:d9:81:
75:26:6e:50:ff:fe:17:3a:cf:f3:b4:07:9d:0f:fa:
a1:81:22:be:bb:ca:8a:5e:45:11:0d:4d:29:45:ac:
18:02:db:74:a9:26:b3:c7:d8:60:13:82:cd:09:5c:
7d:7b:f2:2f:d6:7c:60:40:6d:bf:62:97:0e:0f:5c:
f8:1d:ab:42:08:28:24:0c:0e:06:4e:39:c0:8d:52:
83:84:0b:38:cb:8f:82:27:8b:d5:9b:22:63:fb:1e:
72:1d:a7:96:74:34:df:2e:db:36:42:28:cd:87:3f:
53:a6:c3:76:e8:a9:12:a9:42:46:83:26:9e:e4:dc:
47:b8:5a:a6:5c:81:54:40:ca:70:fc:dc:b1:e5:59:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EE:F3:DE:93:55:F3:99:0E:6B:3D:45:B8:83:F7:D2:61:B2:1B:B1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lO7z3pNV85kOaz1FuIP30mGyG7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d8:2a:ca:1a:76:2b:19:31:b4:fa:72:a9:78:49:e6:30:53:
9c:56:3d:4b:30:3c:f8:ee:e4:b6:6e:9e:7d:47:77:c4:68:34:
43:4e:28:b6:ed:7c:38:b4:1b:0b:ee:ee:d4:e3:a7:22:6c:52:
a0:f3:e2:2d:b5:4c:ab:e3:fc:7b:27:b3:b2:47:c6:f3:d1:be:
6b:a0:48:22:a1:1b:7f:5a:5d:37:05:65:07:9c:c7:d8:bd:48:
a0:61:e7:60:7f:99:a0:61:8c:15:98:98:40:a2:55:2b:30:b6:
12:d5:b3:f0:f7:58:21:f8:c8:cd:0e:7b:1c:2e:62:06:6c:28:
52:f1:5c:85:ce:64:21:9c:c0:25:cd:91:05:14:ab:f6:7c:9d:
f0:8c:79:62:47:18:35:49:84:06:3a:ce:63:2c:e0:42:3e:14:
a1:be:a9:81:e9:d9:f1:c7:c3:a2:79:5b:2c:b7:e9:dd:0b:79:
d5:28:4b:8b:0c:54:bd:8d:0f:df:f8:5a:61:16:16:d4:7f:e1:
75:9f:8e:76:a9:d5:b7:e4:e2:2b:ef:28:0f:55:fc:22:41:79:
0a:1a:18:33:01:eb:4a:c0:f1:42:68:19:b4:1b:78:a8:d3:86:
b1:c6:6d:4e:c8:42:2c:3e:e4:dc:b9:7d:6b:25:a8:32:07:62:
1f:91:5d:e1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhRC4qQiMVLfzt+3G25plwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVlZjNkZTkzNTVmMzk5MGU2YjNkNDViODgzZjdkMjYxYjIxYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F8tljHs0L9SlzIAdHrfWFOOMqP4
PZjsLNd9AwxRoOC9X7D7Fb2c8EfkotVwXSpWZCLUvem350eXQD7S4MCiU3BlRIsE
S1GMTiXdHtqxwqEHGeHfajtCrsmLNbGpejDKBts2pPn5R2QaTF0c6+TBdpVZ3eTI
2YF1Jm5Q//4XOs/ztAedD/qhgSK+u8qKXkURDU0pRawYAtt0qSazx9hgE4LNCVx9
e/Iv1nxgQG2/YpcOD1z4HatCCCgkDA4GTjnAjVKDhAs4y4+CJ4vVmyJj+x5yHaeW
dDTfLts2QijNhz9TpsN26KkSqUJGgyae5NxHuFqmXIFUQMpw/Nyx5Vks4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJTu896TVfOZDms9RbiD99JhshuxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbE83ejNwTlY4NWtPYXoxRnVJUDMwbUd5RzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpiOAwQA
WdVoAwQAWdV7AwQA1CZRAwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3DQEBCwUA
A4IBAQB92CrKGnYrGTG0+nKpeEnmMFOcVj1LMDz47uS2bp59R3fEaDRDTii27Xw4
tBsL7u7U46cibFKg8+IttUyr4/x7J7OyR8bz0b5roEgioRt/Wl03BWUHnMfYvUig
Yedgf5mgYYwVmJhAolUrMLYS1bPw91gh+MjNDnscLmIGbChS8VyFzmQhnMAlzZEF
FKv2fJ3wjHliRxg1SYQGOs5jLOBCPhShvqmB6dnxx8OieVsst+ndC3nVKEuLDFS9
jQ/f+FphFhbUf+F1n452qdW35OIr7ygPVfwiQXkKGhgzAetKwPFCaBm0G3io04ax
xm1OyEIsPuTcuX1rJagyB2IfkV3h
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:00 2025 by rpki-client