Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/li6z3mBwD_wOMEFAlEKMw_ZniPY.roa
File: li6z3mBwD_wOMEFAlEKMw_ZniPY.roa (raw, json)
Hash identifier: B0u05lOmNtioXgkbweZhuo0SqveSyGZ54Bh7i51PkZs=
Subject key identifier: 96:2E:B3:DE:60:70:0F:FC:0E:30:41:40:94:42:8C:C3:F6:67:88:F6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F28AEE9BF3005AE892166559C8FEA49F9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/li6z3mBwD_wOMEFAlEKMw_ZniPY.roa
Signing time: Mon 29 Apr 2024 07:08:22 +0000
ROA not before: Mon 29 Apr 2024 07:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
89.213.248.0/23 maxlen: 24
109.176.25.0/24 maxlen: 24
109.176.27.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.48.0/23 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 May 2024 07:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:ae:e9:bf:30:05:ae:89:21:66:55:9c:8f:ea:49:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 29 07:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962eb3de60700ffc0e30414094428cc3f66788f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:15:05:11:09:c8:dd:7b:92:f6:97:d8:73:4e:
fe:ab:5d:c0:62:22:b1:71:7f:99:28:eb:49:81:a6:
91:8f:f8:0e:5b:77:75:a1:22:4c:ba:8f:d8:2c:2e:
96:90:53:58:a1:02:38:cf:70:b1:16:7d:06:13:a6:
4c:89:42:0f:fd:57:3a:d9:52:39:65:da:a2:b5:cd:
9b:d2:90:6c:e4:b6:c5:1d:37:9d:b1:9f:f7:52:06:
73:f1:5c:b7:47:fd:2f:4e:c1:38:b6:0a:f8:a6:a7:
ca:09:21:7b:30:1f:1c:b4:07:9c:9a:ad:10:4a:40:
18:23:6f:5e:c7:af:2f:d9:bc:4c:c1:3c:c0:ac:2a:
90:3a:f3:6a:19:a7:19:6f:e5:8b:d2:c7:93:e2:3c:
74:69:f5:85:90:04:ea:ec:c2:e9:dd:b9:c1:bd:a5:
cd:1b:aa:04:c2:2a:48:4d:6c:6c:75:f0:35:e9:d9:
69:2a:9f:bd:de:0c:f9:30:6b:3a:f0:a8:3b:2f:2e:
bf:39:78:aa:8f:a2:e9:e8:7f:93:0e:e6:68:29:ad:
8c:e5:5d:8f:3b:a6:4f:96:b8:01:d2:34:a6:44:43:
40:f8:95:b7:87:17:42:f2:85:2a:95:a2:9a:13:47:
2d:5d:1e:1a:55:1e:01:de:7d:d4:0b:ef:21:b2:59:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2E:B3:DE:60:70:0F:FC:0E:30:41:40:94:42:8C:C3:F6:67:88:F6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/li6z3mBwD_wOMEFAlEKMw_ZniPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.52.0/23
82.152.55.0/24
89.213.248.0/23
109.176.25.0/24
109.176.27.0/24
212.38.88.0/23
213.210.40.0/23
213.210.48.0/23
213.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:c5:0c:a7:57:65:7f:65:7a:32:41:2a:ca:82:80:4b:30:50:
93:59:92:af:ac:1d:9e:a8:b9:04:51:9e:6a:21:4e:c3:3f:14:
82:97:af:b2:50:41:22:21:fb:f5:2d:be:05:f3:b7:26:ec:a1:
1c:b5:49:20:41:f0:58:7a:ca:b9:bb:1e:26:c5:96:9a:12:79:
17:38:c1:0e:85:0b:8e:07:d2:eb:ad:5d:3c:7c:08:0d:16:7b:
f6:c8:e7:be:8b:aa:e0:18:42:a7:96:d8:ee:49:88:8b:40:8f:
1c:ac:d2:6f:7f:00:05:b6:94:d9:b4:b6:5a:e9:0c:97:bc:d0:
9d:f7:4e:48:34:8a:7b:b7:f0:88:95:cc:d5:5b:f2:62:4c:23:
1c:ae:76:e1:cf:3d:2f:ff:30:dd:95:77:86:bd:29:38:13:28:
3d:ca:6b:6d:25:d2:fe:80:fa:ed:54:e9:ac:0f:92:ec:6c:88:
bf:55:e2:0b:9b:c1:25:23:58:b6:f0:0f:ba:29:15:75:d7:5a:
9c:4e:ab:1f:86:f4:b8:b9:63:54:1d:7c:d0:ba:88:8a:cd:c6:
39:8e:15:f6:19:ef:1d:be:34:72:66:cc:0d:76:91:13:e0:9d:
bf:fe:cd:f0:5b:98:1b:28:81:e5:a2:1b:9c:ad:72:4a:42:d7:
9d:b6:b2:57
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY8orum/MAWuiSFmVZyP6kn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MDcwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJlYjNkZTYwNzAwZmZjMGUzMDQxNDA5NDQyOGNjM2Y2Njc4OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBUFEQnI3XuS9pfYc07+q13AYiKx
cX+ZKOtJgaaRj/gOW3d1oSJMuo/YLC6WkFNYoQI4z3CxFn0GE6ZMiUIP/Vc62VI5
Zdqitc2b0pBs5LbFHTedsZ/3UgZz8Vy3R/0vTsE4tgr4pqfKCSF7MB8ctAecmq0Q
SkAYI29ex68v2bxMwTzArCqQOvNqGacZb+WL0seT4jx0afWFkATq7MLp3bnBvaXN
G6oEwipITWxsdfA16dlpKp+93gz5MGs68Kg7Ly6/OXiqj6Lp6H+TDuZoKa2M5V2P
O6ZPlrgB0jSmRENA+JW3hxdC8oUqlaKaE0ctXR4aVR4B3n3UC+8hslmpeQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJYus95gcA/8DjBBQJRCjMP2Z4j2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbGk2ejNtQndEX3dPTUVGQWxFS013X1puaVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBUpg0AwQA
Upg3AwQBWdX4AwQAbbAZAwQAbbAbAwQB1CZYAwQB1dIoAwQB1dIwAwQA1driMA0G
CSqGSIb3DQEBCwUAA4IBAQBMxQynV2V/ZXoyQSrKgoBLMFCTWZKvrB2eqLkEUZ5q
IU7DPxSCl6+yUEEiIfv1Lb4F87cm7KEctUkgQfBYesq5ux4mxZaaEnkXOMEOhQuO
B9LrrV08fAgNFnv2yOe+i6rgGEKnltjuSYiLQI8crNJvfwAFtpTZtLZa6QyXvNCd
905INIp7t/CIlczVW/JiTCMcrnbhzz0v/zDdlXeGvSk4Eyg9ymttJdL+gPrtVOms
D5LsbIi/VeILm8ElI1i28A+6KRV111qcTqsfhvS4uWNUHXzQuoiKzcY5jhX2Ge8d
vjRyZswNdpET4J2//s3wW5gbKIHlohucrXJKQtedtrJX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:08 2025 by rpki-client