Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lYk3MQhTJEcp8k3H1XPyRTlFCoQ.roa
File: lYk3MQhTJEcp8k3H1XPyRTlFCoQ.roa (raw, json)
Hash identifier: 5BGl30MOzGtM+ffHtx8rH6ZXQALDKPwJAUu2RKgaKfQ=
Subject key identifier: 95:89:37:31:08:53:24:47:29:F2:4D:C7:D5:73:F2:45:39:45:0A:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F5764380B49F71BAA60FA78F4FBB8F4D5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lYk3MQhTJEcp8k3H1XPyRTlFCoQ.roa
Signing time: Wed 08 May 2024 08:48:56 +0000
ROA not before: Wed 08 May 2024 08:48:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
81.168.67.0/24 maxlen: 24
82.152.54.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.226.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.130.156.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
217.144.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 10:13:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:64:38:0b:49:f7:1b:aa:60:fa:78:f4:fb:b8:f4:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 8 08:48:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=958937310853244729f24dc7d573f24539450a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:55:50:a3:7c:c7:39:4f:09:b6:c6:b5:06:3e:
e7:76:bb:aa:14:58:f6:ea:12:e3:95:3c:01:d7:0d:
8e:48:f9:9a:df:d5:8b:4e:e0:38:b4:98:d9:71:96:
ac:99:bf:b5:cd:c6:c9:af:f8:ff:3d:47:da:a4:fd:
19:b1:6a:67:b8:91:e5:7f:31:2f:e0:d3:c2:83:79:
c9:aa:cd:83:1e:ff:0b:82:82:c0:09:af:5b:86:8c:
13:2d:c8:47:7d:96:59:4c:5a:49:06:ea:c4:67:ea:
34:0f:f0:76:6a:20:32:dd:1d:65:b2:f3:ec:78:92:
cb:58:20:0c:3f:2c:eb:1c:b3:a1:7f:59:e0:b6:45:
12:d9:06:37:37:01:23:55:36:92:b7:b1:c9:5a:29:
30:05:9d:80:bd:68:6b:7f:0b:67:44:0d:6e:41:d9:
62:11:31:7b:0d:97:83:58:43:4b:94:1d:11:f0:94:
31:2d:6e:71:d2:d3:11:b4:b1:00:5f:11:1b:97:fb:
6a:01:0d:79:d9:c6:fc:a1:f3:cd:2c:a0:cc:2d:78:
0b:c9:50:59:13:b2:53:2a:ae:b2:53:b4:9f:e4:1e:
96:99:4b:2d:2f:e1:6b:8b:ff:7d:61:63:93:58:7b:
d9:d9:0b:00:69:77:d3:ac:b9:64:19:11:92:a5:bc:
b3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:89:37:31:08:53:24:47:29:F2:4D:C7:D5:73:F2:45:39:45:0A:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lYk3MQhTJEcp8k3H1XPyRTlFCoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.50.0/24
81.168.67.0/24
82.152.54.0/24
82.152.98.0/24
82.153.35.0/24
82.153.205.0/24
82.153.226.0/24
82.163.0.0/24
82.163.15.0/24
89.213.98.0/24
109.176.193.0/24
109.176.201.0-109.176.202.255
109.176.244.0/24
212.38.79.0/24
212.38.84.0/24
213.130.130.0/24
213.130.149.0-213.130.151.255
213.130.156.0/24
213.210.58.0/23
213.218.227.0/24
213.218.231.0/24
217.144.158.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ff:a1:c4:c5:19:5e:e9:41:8e:02:6c:8b:18:61:3a:cb:3c:
62:3e:8b:bd:31:a9:72:14:73:0b:0f:66:82:11:b7:b3:af:97:
7e:10:f9:c8:16:45:28:98:d0:ab:3d:a1:ce:63:d4:9c:9b:2c:
06:07:69:73:db:dc:54:ef:78:10:9f:df:b3:7c:08:41:67:4d:
67:e8:02:98:2f:7b:d6:6d:f0:dc:30:9c:99:93:4d:65:34:f9:
13:5d:35:e2:85:e9:01:ac:f6:71:a2:1a:c3:a2:da:fd:9f:10:
2f:81:fe:26:30:49:a7:ed:e6:82:18:68:fe:39:cc:b1:f9:b1:
2e:ad:3f:ed:0e:77:31:28:e2:4d:6e:f5:c3:6c:ff:39:63:08:
cd:a7:e4:af:62:a7:de:bd:d1:7e:de:87:58:08:bc:62:e4:63:
0f:83:bd:c4:eb:25:31:6d:97:b3:27:03:78:9c:a6:dc:44:d7:
f1:8e:45:14:81:08:15:55:9c:4d:ff:4f:11:c0:05:84:a6:6e:
a6:3d:8e:cf:41:e2:b1:18:6a:cc:fa:72:e3:3b:92:ba:f7:85:
e5:0c:ae:7a:6d:06:8c:af:e2:22:66:15:6f:03:e8:6b:97:cb:
68:2a:cd:7c:aa:db:70:3e:60:3a:e0:14:30:a5:8d:5e:d5:85:
68:5c:70:1f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAY9XZDgLSfcbqmD6ePT7uPTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA4MDg0ODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg5MzczMTA4NTMyNDQ3MjlmMjRkYzdkNTczZjI0NTM5NDUwYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VVQo3zHOU8Jtsa1Bj7ndruqFFj2
6hLjlTwB1w2OSPma39WLTuA4tJjZcZasmb+1zcbJr/j/PUfapP0ZsWpnuJHlfzEv
4NPCg3nJqs2DHv8LgoLACa9bhowTLchHfZZZTFpJBurEZ+o0D/B2aiAy3R1lsvPs
eJLLWCAMPyzrHLOhf1ngtkUS2QY3NwEjVTaSt7HJWikwBZ2AvWhrfwtnRA1uQdli
ETF7DZeDWENLlB0R8JQxLW5x0tMRtLEAXxEbl/tqAQ152cb8ofPNLKDMLXgLyVBZ
E7JTKq6yU7Sf5B6WmUstL+Fri/99YWOTWHvZ2QsAaXfTrLlkGRGSpbyzZwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFJWJNzEIUyRHKfJNx9Vz8kU5RQqEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbFlrM01RaFRKRWNwOGszSDFYUHlSVGxGQ29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAl
/BsDBABPY0wDBABRqDIDBABRqEMDBABSmDYDBABSmGIDBABSmSMDBABSmc0DBABS
meIDBABSowADBABSow8DBABZ1WIDBABtsMEwDAMEAG2wyQMEAG2wygMEAG2w9AME
ANQmTwMEANQmVAMEANWCgjAMAwQA1YKVAwQD1YKQAwQA1YKcAwQB1dI6AwQA1drj
AwQA1drnAwQA2ZCeMA0GCSqGSIb3DQEBCwUAA4IBAQBp/6HExRle6UGOAmyLGGE6
yzxiPou9MalyFHMLD2aCEbezr5d+EPnIFkUomNCrPaHOY9ScmywGB2lz29xU73gQ
n9+zfAhBZ01n6AKYL3vWbfDcMJyZk01lNPkTXTXihekBrPZxohrDotr9nxAvgf4m
MEmn7eaCGGj+Ocyx+bEurT/tDncxKOJNbvXDbP85YwjNp+SvYqfevdF+3odYCLxi
5GMPg73E6yUxbZezJwN4nKbcRNfxjkUUgQgVVZxN/08RwAWEpm6mPY7PQeKxGGrM
+nLjO5K694XlDK56bQaMr+IiZhVvA+hrl8toKs18qttwPmA64BQwpY1e1YVoXHAf
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:48 2025 by rpki-client