Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lZmx4NA7UFq6cvArEUYDdK4jMGs.roa
File: lZmx4NA7UFq6cvArEUYDdK4jMGs.roa (raw, json)
Hash identifier: mofI4Of3vKtL4ySAWEzKgcEOzjjpC4aABENLIhYmrxw=
Subject key identifier: 95:99:B1:E0:D0:3B:50:5A:BA:72:F0:2B:11:46:03:74:AE:23:30:6B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193176A4977933FEB55C2153D59BDDBCCF5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lZmx4NA7UFq6cvArEUYDdK4jMGs.roa
Signing time: Sun 10 Nov 2024 18:51:01 +0000
ROA not before: Sun 10 Nov 2024 18:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Nov 2024 17:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:17:6a:49:77:93:3f:eb:55:c2:15:3d:59:bd:db:cc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 10 18:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9599b1e0d03b505aba72f02b11460374ae23306b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:96:12:ea:82:e6:53:69:2d:b6:0a:6c:fb:19:
90:da:32:f3:07:75:b2:82:a9:41:5e:44:6e:4c:1c:
37:8c:ae:b1:a8:f8:09:8b:e7:a6:9c:22:d0:66:a2:
ef:65:1a:5c:e0:56:11:55:da:5b:d7:d2:14:c6:64:
59:cd:c4:0e:ec:d3:f6:49:fd:48:5b:96:c1:f9:2c:
06:41:3e:c1:95:de:1c:5f:f9:83:b4:21:0c:de:b6:
ad:38:d2:7b:7f:f0:2e:12:f6:21:ea:c8:65:2c:3e:
60:ab:bf:d8:07:4b:61:dc:50:e2:2c:66:ba:4e:2b:
07:ac:32:31:fd:86:91:a9:93:91:1d:b1:c3:e2:fa:
ce:0a:ee:4b:a9:a7:59:9f:a4:00:aa:b0:2a:1c:b4:
85:b5:74:c7:d7:8c:ad:28:16:44:57:32:33:fa:64:
2d:e9:81:07:0b:1a:f3:38:a5:dc:7a:43:c1:7a:41:
a3:d8:7d:4d:d9:98:dc:b1:62:da:8c:c8:cb:5a:80:
78:99:fd:ef:98:4e:f5:8a:c9:ba:e1:58:bc:b8:84:
57:c7:c2:bb:f8:d4:ff:2a:f1:8d:bc:ba:22:e8:41:
e3:be:43:8a:92:12:13:8c:71:78:78:64:d4:94:5a:
3b:c7:9b:60:80:d7:34:8c:32:ed:67:ed:99:9b:dd:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:99:B1:E0:D0:3B:50:5A:BA:72:F0:2B:11:46:03:74:AE:23:30:6B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lZmx4NA7UFq6cvArEUYDdK4jMGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
82.163.0.0/24
89.213.43.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.54.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:96:f2:73:6e:d7:bb:c8:1c:0a:97:74:aa:20:72:86:f0:2d:
e3:1f:c8:1e:35:15:88:79:95:6f:fc:ae:50:32:00:f8:61:5a:
cd:a5:b7:7b:59:ed:3c:a5:f5:51:0b:dd:eb:5b:fb:a7:e6:f9:
4d:2c:47:3b:de:46:04:38:e8:e5:9e:12:0e:07:48:bb:90:29:
93:95:2d:01:be:fb:51:46:b3:ed:cb:32:38:52:24:83:25:92:
c3:28:c1:63:e3:ed:2a:34:80:91:b0:2c:01:e4:d0:23:d5:be:
ce:da:66:3c:8b:8a:56:45:04:96:a6:36:f7:22:c3:3e:71:d7:
56:fb:b6:d0:7f:ef:a0:94:0e:af:d1:3f:ae:c4:f9:92:0f:fc:
3a:87:02:aa:41:2a:8e:ef:09:73:72:69:5f:4a:51:51:2e:1e:
92:b3:6c:59:44:09:78:11:d4:40:1a:fc:25:51:7e:62:f8:92:
ea:b2:3d:c7:44:64:8b:1b:b9:34:b9:af:dd:68:3a:43:fe:bd:
2d:d3:4e:e0:e2:c1:6f:58:d2:37:b7:1a:73:d4:10:cf:3e:85:
95:97:86:a9:ae:b5:53:d6:88:8a:97:5f:d1:32:36:9e:81:60:
58:f0:18:20:90:73:10:7e:04:95:47:c0:32:7a:74:95:f9:60:
af:29:28:da
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZMXakl3kz/rVcIVPVm928z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTEwMTg1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk5YjFlMGQwM2I1MDVhYmE3MmYwMmIxMTQ2MDM3NGFlMjMzMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipYS6oLmU2kttgps+xmQ2jLzB3Wy
gqlBXkRuTBw3jK6xqPgJi+emnCLQZqLvZRpc4FYRVdpb19IUxmRZzcQO7NP2Sf1I
W5bB+SwGQT7Bld4cX/mDtCEM3ratONJ7f/AuEvYh6shlLD5gq7/YB0th3FDiLGa6
TisHrDIx/YaRqZORHbHD4vrOCu5LqadZn6QAqrAqHLSFtXTH14ytKBZEVzIz+mQt
6YEHCxrzOKXcekPBekGj2H1N2ZjcsWLajMjLWoB4mf3vmE71ism64Vi8uIRXx8K7
+NT/KvGNvLoi6EHjvkOKkhITjHF4eGTUlFo7x5tggNc0jDLtZ+2Zm91cSQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFJWZseDQO1BaunLwKxFGA3SuIzBrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbFpteDROQTdVRnE2Y3ZBckVVWURkSzRqTUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFKjAAMEAFnVKwME
AFnVYgMEAFnVoTAMAwQDWdXoAwQBWdXsAwQFbbAgAwQAbbDJAwQAbbDrAwQA1YKC
AwQA1YKVAwQA1dI2AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQCblvJz
bte7yBwKl3SqIHKG8C3jH8geNRWIeZVv/K5QMgD4YVrNpbd7We08pfVRC93rW/un
5vlNLEc73kYEOOjlnhIOB0i7kCmTlS0BvvtRRrPtyzI4UiSDJZLDKMFj4+0qNICR
sCwB5NAj1b7O2mY8i4pWRQSWpjb3IsM+cddW+7bQf++glA6v0T+uxPmSD/w6hwKq
QSqO7wlzcmlfSlFRLh6Ss2xZRAl4EdRAGvwlUX5i+JLqsj3HRGSLG7k0ua/daDpD
/r0t007g4sFvWNI3txpz1BDPPoWVl4aprrVT1oiKl1/RMjaegWBY8BggkHMQfgSV
R8AyenSV+WCvKSja
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:20 2025 by rpki-client