Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n0Cj0beuFzGkh6vkY4x_PkoY_9k.roa
File: n0Cj0beuFzGkh6vkY4x_PkoY_9k.roa (raw, json)
Hash identifier: ZlGr3RP42Ku6MV7hf21Zai+dlz8525lWkCMsoUXMQoU=
Subject key identifier: 9F:40:A3:D1:B7:AE:17:31:A4:87:AB:E4:63:8C:7F:3E:4A:18:FF:D9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193826BE91270B2AEEE75A97EFCD4D40081
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n0Cj0beuFzGkh6vkY4x_PkoY_9k.roa
Signing time: Sun 01 Dec 2024 13:32:10 +0000
ROA not before: Sun 01 Dec 2024 13:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Dec 2024 21:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:82:6b:e9:12:70:b2:ae:ee:75:a9:7e:fc:d4:d4:00:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 1 13:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f40a3d1b7ae1731a487abe4638c7f3e4a18ffd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:06:90:70:55:60:93:25:7b:fd:96:cc:4e:ab:
36:ad:8e:e5:db:ac:13:8c:93:a8:38:c4:59:f3:af:
b8:14:b5:ac:22:bc:20:35:20:7c:bf:b2:ab:5b:ea:
4d:3c:ca:b0:c0:dd:47:f9:b0:c5:c4:f4:e1:5b:56:
8d:e7:ca:f9:d7:fc:f3:e8:b4:6e:51:c7:08:4f:87:
46:75:43:d8:ec:c7:f1:06:b5:5c:d7:44:9c:23:62:
f8:77:ea:18:2b:7e:27:54:ea:e6:bd:f9:07:68:d9:
28:7b:23:3e:9f:45:2a:65:fa:2b:62:d4:2e:9b:c2:
40:bf:5d:43:fa:b3:a9:24:20:70:e8:94:4c:95:06:
2e:51:31:45:90:2c:11:28:1a:95:35:ed:bb:1b:f0:
c6:d7:6c:ff:f4:b2:5d:52:2f:9e:7d:bc:26:14:d8:
81:a8:7d:66:2f:50:06:84:86:84:2e:f4:f0:4e:e6:
58:d6:56:0e:58:f1:7b:da:e8:80:3b:dc:81:c2:e8:
4b:87:aa:b8:92:51:da:82:fa:08:de:85:53:a2:0a:
da:9d:c1:5c:32:93:f2:f0:24:3f:da:be:86:d8:66:
09:ae:8f:9a:42:40:03:ea:ba:2d:d0:67:e6:e0:bb:
51:1c:a2:0a:d1:1f:57:86:ab:60:2c:60:ee:87:4a:
db:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:40:A3:D1:B7:AE:17:31:A4:87:AB:E4:63:8C:7F:3E:4A:18:FF:D9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n0Cj0beuFzGkh6vkY4x_PkoY_9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.210.0/23
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:e1:71:a6:f1:40:4e:a3:7e:cc:c2:98:b7:89:23:80:e9:30:
6f:bb:b2:02:aa:01:ae:3b:85:49:b4:6b:93:b8:65:75:f9:3a:
a4:d9:1e:5f:84:72:88:56:5f:30:aa:1a:b1:cc:54:5f:a9:ce:
92:ce:e5:68:3e:35:6b:0a:b6:91:b6:0f:28:fd:49:3e:cd:59:
37:e4:98:55:4a:2a:a6:85:29:f5:f2:46:26:7d:4d:a1:bb:e1:
c8:75:2e:d0:76:ab:82:1c:1e:79:25:07:22:3b:e4:69:7f:78:
5e:8b:83:73:84:5a:d8:9d:cf:21:ca:ee:d7:b3:79:8c:bd:f0:
97:36:44:f9:a2:24:f6:cf:b4:dd:fd:83:89:03:b3:25:88:3e:
d8:12:b4:4a:41:f6:79:3a:af:c0:b7:7e:6f:45:cd:94:16:0b:
96:c9:db:8a:80:45:b8:09:87:5a:2f:10:c9:94:43:21:57:00:
0d:34:d6:ca:7b:4e:3e:95:e7:39:30:07:ad:02:0b:db:28:bc:
0b:f5:da:8e:9e:f1:73:5d:67:cf:5b:3c:58:3f:8a:c3:35:aa:
23:c7:b5:c8:34:48:32:ec:32:27:ec:3e:ba:ad:b9:9a:5f:4d:
0b:6c:ee:2f:39:a3:f0:23:be:ca:8f:9b:95:58:3c:b2:ff:e4:
4c:54:21:fb
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZOCa+kScLKu7nWpfvzU1ACBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAxMTMzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQwYTNkMWI3YWUxNzMxYTQ4N2FiZTQ2MzhjN2YzZTRhMThmZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAaQcFVgkyV7/ZbMTqs2rY7l26wT
jJOoOMRZ86+4FLWsIrwgNSB8v7KrW+pNPMqwwN1H+bDFxPThW1aN58r51/zz6LRu
UccIT4dGdUPY7MfxBrVc10ScI2L4d+oYK34nVOrmvfkHaNkoeyM+n0UqZforYtQu
m8JAv11D+rOpJCBw6JRMlQYuUTFFkCwRKBqVNe27G/DG12z/9LJdUi+efbwmFNiB
qH1mL1AGhIaELvTwTuZY1lYOWPF72uiAO9yBwuhLh6q4klHagvoI3oVTograncFc
MpPy8CQ/2r6G2GYJro+aQkAD6rot0Gfm4LtRHKIK0R9XhqtgLGDuh0rb2QIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFJ9Ao9G3rhcxpIer5GOMfz5KGP/ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbjBDajBiZXVGekdraDZ2a1k0eF9Qa29ZXzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBABR
qH4DBABSmAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAME
AW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEANWYKwMEAtXSNAMEAdXa0jAMAwQA2ZFB
AwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQCj4XGm8UBOo37Mwpi3iSOA
6TBvu7ICqgGuO4VJtGuTuGV1+Tqk2R5fhHKIVl8wqhqxzFRfqc6SzuVoPjVrCraR
tg8o/Uk+zVk35JhVSiqmhSn18kYmfU2hu+HIdS7QdquCHB55JQciO+Rpf3hei4Nz
hFrYnc8hyu7Xs3mMvfCXNkT5oiT2z7Td/YOJA7MliD7YErRKQfZ5Oq/At35vRc2U
FguWyduKgEW4CYdaLxDJlEMhVwANNNbKe04+lec5MAetAgvbKLwL9dqOnvFzXWfP
WzxYP4rDNaojx7XINEgy7DIn7D66rbmaX00LbO4vOaPwI77Kj5uVWDyy/+RMVCH7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:25 2025 by rpki-client