Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n4Ny8eawF7fOnzAysDzaztJJoJo.roa
File: n4Ny8eawF7fOnzAysDzaztJJoJo.roa (raw, json)
Hash identifier: pMrODo5Shl22cpZNow0wQ8WwTt5tt5CMhauw8Q3qpas=
Subject key identifier: 9F:83:72:F1:E6:B0:17:B7:CE:9F:30:32:B0:3C:DA:CE:D2:49:A0:9A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192BD7D9662CEF5C367AE7AF2D746305101
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n4Ny8eawF7fOnzAysDzaztJJoJo.roa
Signing time: Thu 24 Oct 2024 07:46:17 +0000
ROA not before: Thu 24 Oct 2024 07:46:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 08:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:7d:96:62:ce:f5:c3:67:ae:7a:f2:d7:46:30:51:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 24 07:46:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f8372f1e6b017b7ce9f3032b03cdaced249a09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b6:b9:cc:e3:80:ab:b7:8b:73:4a:19:08:14:
b7:52:8f:cd:f4:b3:69:ee:07:e7:6c:0d:6e:5a:fb:
be:4f:72:d2:7f:87:e9:0e:9f:82:23:c9:80:cb:35:
8d:9c:b0:f6:05:a4:26:ec:ed:ce:ac:4b:d6:71:7e:
a8:fe:99:7f:a9:4e:71:a6:e1:95:d9:72:13:b6:03:
28:05:2d:a4:fd:9b:f8:bd:5e:a4:63:d5:f7:2e:bf:
cc:5a:f4:08:98:a9:72:2f:82:dd:86:53:dd:89:17:
2e:b7:fb:e7:8a:f1:10:10:21:b9:13:b3:f1:06:cb:
df:85:11:d8:c8:2b:e8:29:f6:6c:aa:36:a9:ac:42:
2a:2a:74:0d:d8:22:a0:b5:64:58:1e:4d:81:d5:f5:
38:8c:54:a5:5e:0b:71:3f:97:06:9a:b5:83:41:4a:
89:1c:8d:68:d7:2d:cd:02:96:06:e2:08:ec:5a:36:
8b:dd:d5:56:1c:8e:77:3a:0e:9f:82:68:2d:3e:11:
cc:d5:b1:d7:3e:2f:1d:81:d9:09:49:f5:35:8d:36:
d9:36:4a:f1:6c:ab:55:40:a4:aa:1c:98:d8:9d:59:
2b:99:be:23:46:f3:de:9c:1c:38:86:ac:ee:1e:76:
10:80:28:e4:be:9b:40:6f:82:4e:ad:a4:b8:64:4a:
18:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:83:72:F1:E6:B0:17:B7:CE:9F:30:32:B0:3C:DA:CE:D2:49:A0:9A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/n4Ny8eawF7fOnzAysDzaztJJoJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
63:17:12:d3:fc:a0:4b:95:76:86:b7:af:1d:d9:63:29:b0:76:
9a:ef:be:72:7e:25:c2:da:ba:28:eb:4c:bd:b6:eb:15:f2:a7:
e7:03:3b:11:8a:c9:e5:a6:b9:b7:3b:94:a9:93:23:44:b9:a4:
e9:ea:bb:d8:76:04:9d:db:23:f3:e0:f1:8f:5c:58:b6:ee:f9:
41:06:3f:16:9b:3f:a8:64:c9:e3:d1:e7:d8:77:dc:99:a8:4e:
9b:10:af:2c:49:d7:69:67:a5:ab:a3:db:ca:f6:40:67:26:f8:
49:39:37:b6:51:21:2f:70:71:a9:b8:54:e3:ab:fb:15:57:39:
94:f8:3e:20:48:1f:1e:dd:1c:cb:b6:5f:e9:89:b9:4c:8e:f1:
12:07:9f:28:a0:cc:e5:df:33:5b:df:88:9e:87:72:50:cd:d6:
60:9e:53:a4:4e:2e:cd:48:aa:cf:6b:b8:94:74:10:1e:1e:72:
bd:17:6f:3a:29:5d:62:5b:70:af:54:aa:ec:b0:43:88:eb:5d:
4e:aa:b9:2f:e0:58:fa:aa:c1:2b:5d:78:ae:b0:ef:e2:91:8a:
95:3f:c3:45:09:10:20:89:a7:de:e1:38:55:e3:97:63:17:c9:
14:a8:d1:b5:05:5e:2f:7e:63:bf:41:ad:e0:48:45:54:6b:86:
17:4e:f4:5f
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZK9fZZizvXDZ6568tdGMFEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDI0MDc0NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgzNzJmMWU2YjAxN2I3Y2U5ZjMwMzJiMDNjZGFjZWQyNDlhMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnra5zOOAq7eLc0oZCBS3Uo/N9LNp
7gfnbA1uWvu+T3LSf4fpDp+CI8mAyzWNnLD2BaQm7O3OrEvWcX6o/pl/qU5xpuGV
2XITtgMoBS2k/Zv4vV6kY9X3Lr/MWvQImKlyL4LdhlPdiRcut/vnivEQECG5E7Px
BsvfhRHYyCvoKfZsqjaprEIqKnQN2CKgtWRYHk2B1fU4jFSlXgtxP5cGmrWDQUqJ
HI1o1y3NApYG4gjsWjaL3dVWHI53Og6fgmgtPhHM1bHXPi8dgdkJSfU1jTbZNkrx
bKtVQKSqHJjYnVkrmb4jRvPenBw4hqzuHnYQgCjkvptAb4JOraS4ZEoYMwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFJ+DcvHmsBe3zp8wMrA82s7SSaCaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbjROeThlYXdGN2ZPbnpBeXNEemF6dEpKb0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAFS
mLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YswDAMEAFnVkQME
AFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAME
AlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBjFxLT
/KBLlXaGt68d2WMpsHaa775yfiXC2roo60y9tusV8qfnAzsRisnlprm3O5SpkyNE
uaTp6rvYdgSd2yPz4PGPXFi27vlBBj8Wmz+oZMnj0efYd9yZqE6bEK8sSddpZ6Wr
o9vK9kBnJvhJOTe2USEvcHGpuFTjq/sVVzmU+D4gSB8e3RzLtl/piblMjvESB58o
oMzl3zNb34ieh3JQzdZgnlOkTi7NSKrPa7iUdBAeHnK9F286KV1iW3CvVKrssEOI
611Oqrkv4Fj6qsErXXiusO/ikYqVP8NFCRAgiafe4ThV45djF8kUqNG1BV4vfmO/
Qa3gSEVUa4YXTvRf
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:31 2025 by rpki-client