Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lydbVZ3zK3Y0gqHWBm864GWHx-8.roa
File: lydbVZ3zK3Y0gqHWBm864GWHx-8.roa (raw, json)
Hash identifier: TBln0yhIl8zVfLClmWvb8QRixJ74qaT890oFkoULSK0=
Subject key identifier: 97:27:5B:55:9D:F3:2B:76:34:82:A1:D6:06:6F:3A:E0:65:87:C7:EF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190DBEE80B88B7878DC55538EE019D893E3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lydbVZ3zK3Y0gqHWBm864GWHx-8.roa
Signing time: Mon 22 Jul 2024 19:32:39 +0000
ROA not before: Mon 22 Jul 2024 19:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 12:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:ee:80:b8:8b:78:78:dc:55:53:8e:e0:19:d8:93:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 22 19:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97275b559df32b763482a1d6066f3ae06587c7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:ce:0d:42:6f:fd:20:32:b5:05:2c:f2:ef:
6e:c6:42:56:cf:5f:df:23:8c:82:69:36:42:01:2a:
dc:41:f1:d1:7b:90:63:8c:21:84:4e:d6:bd:f1:ed:
3b:40:99:57:50:8b:72:c1:8f:30:bf:18:3d:13:a3:
6b:20:cf:ec:ba:36:04:33:25:12:11:14:7e:2f:6c:
63:9e:b4:74:24:e1:7a:fa:c9:1a:6b:60:7f:ec:dd:
ff:4e:35:65:4b:f8:7b:d4:76:6c:5f:93:40:53:b7:
9c:db:08:21:8b:d7:76:7c:05:8c:a6:06:02:89:38:
8a:63:c7:84:6e:72:db:ad:55:57:17:6d:a2:92:a3:
64:c7:6b:e9:b4:91:fd:6b:28:fe:e3:73:2f:20:36:
8e:91:78:ab:ac:8e:57:03:3a:62:50:d1:63:42:79:
17:0f:12:d0:b6:a6:23:8c:58:aa:ce:5e:4d:32:1e:
7b:b3:16:bf:b3:44:76:8f:3b:34:a8:67:7f:3f:2b:
52:83:5d:b7:0b:16:c8:8c:25:9b:5b:22:38:36:ed:
ca:83:9f:94:32:68:d4:bd:db:ba:b6:a5:83:40:48:
b6:29:70:3e:cc:85:66:c1:f3:7f:37:af:1a:a1:00:
18:d4:8a:4f:2e:ea:86:d3:34:6f:e4:9d:9d:70:cf:
b5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:27:5B:55:9D:F3:2B:76:34:82:A1:D6:06:6F:3A:E0:65:87:C7:EF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lydbVZ3zK3Y0gqHWBm864GWHx-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
81.168.122.0/24
82.152.12.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.198.0-89.213.205.255
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:18:b7:78:00:5b:4d:56:c6:fa:ee:ac:65:9a:bd:b4:03:6f:
97:22:b1:bf:a0:c9:4c:b4:fa:2d:8b:9a:0a:9b:8c:de:9d:0d:
ad:4f:83:d5:ef:f7:38:53:ee:3f:bd:07:3d:7d:be:b7:23:18:
a8:91:04:db:ea:8b:e1:76:cb:70:4c:7f:51:cf:da:34:dd:a0:
77:6c:98:7c:4f:be:39:1c:39:6f:46:70:16:03:4c:b2:74:9e:
38:96:b9:dd:40:4d:7e:ef:a2:d0:e8:8b:99:28:02:0e:0c:b9:
b9:a2:b2:a2:48:c5:1b:86:cd:c5:17:c9:ce:2b:f2:ba:3f:82:
ed:20:23:69:36:90:a8:82:81:2f:0d:9a:58:51:f0:8c:03:4e:
24:f9:e8:f7:49:e9:d0:a8:9d:ca:88:fd:cd:74:3b:98:83:31:
df:49:70:27:f9:6b:01:70:7b:c5:0b:8d:ab:30:f5:18:66:3e:
4d:12:c8:66:8b:f9:6e:d4:67:39:06:34:a9:93:0e:40:ce:e0:
76:a6:0f:00:8f:14:64:e5:86:4a:c0:47:8d:6f:46:f7:1d:74:
8c:93:49:b4:43:46:e7:18:5c:a5:e9:67:4e:f8:6d:50:f8:83:
f9:8e:df:e9:9f:30:34:70:01:df:2a:a4:9e:06:76:d3:4c:9c:
56:a4:82:b9
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZDb7oC4i3h43FVTjuAZ2JPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIyMTkzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI3NWI1NTlkZjMyYjc2MzQ4MmExZDYwNjZmM2FlMDY1ODdjN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIrODUJv/SAytQUs8u9uxkJWz1/f
I4yCaTZCASrcQfHRe5BjjCGETta98e07QJlXUItywY8wvxg9E6NrIM/sujYEMyUS
ERR+L2xjnrR0JOF6+skaa2B/7N3/TjVlS/h71HZsX5NAU7ec2wghi9d2fAWMpgYC
iTiKY8eEbnLbrVVXF22ikqNkx2vptJH9ayj+43MvIDaOkXirrI5XAzpiUNFjQnkX
DxLQtqYjjFiqzl5NMh57sxa/s0R2jzs0qGd/PytSg123CxbIjCWbWyI4Nu3Kg5+U
MmjUvdu6tqWDQEi2KXA+zIVmwfN/N68aoQAY1IpPLuqG0zRv5J2dcM+1AQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJcnW1Wd8yt2NIKh1gZvOuBlh8fvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbHlkYlZaM3pLM1kwZ3FIV0JtODY0R1dIeC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDUPBYAwQA
Uah6AwQAUpgMAwQAUpiDAwQBUpiuAwQCUpnQAwQDUqMYAwQAWdU6AwQBWdU8AwQA
WdWPAwQAWdWTAwQAWdW1MAwDBAFZ1cYDBAFZ1cwDBABtsOYwDQYJKoZIhvcNAQEL
BQADggEBAEwYt3gAW01WxvrurGWavbQDb5cisb+gyUy0+i2LmgqbjN6dDa1Pg9Xv
9zhT7j+9Bz19vrcjGKiRBNvqi+F2y3BMf1HP2jTdoHdsmHxPvjkcOW9GcBYDTLJ0
njiWud1ATX7votDoi5koAg4MubmisqJIxRuGzcUXyc4r8ro/gu0gI2k2kKiCgS8N
mlhR8IwDTiT56PdJ6dConcqI/c10O5iDMd9JcCf5awFwe8ULjasw9RhmPk0SyGaL
+W7UZzkGNKmTDkDO4HamDwCPFGTlhkrAR41vRvcddIyTSbRDRucYXKXpZ074bVD4
g/mO3+mfMDRwAd8qpJ4GdtNMnFakgrk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:17 2025 by rpki-client