Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ovCDaRwJBNfZnABjiOIyGCqk2HY.roa
File: ovCDaRwJBNfZnABjiOIyGCqk2HY.roa (raw, json)
Hash identifier: sp+06iPqjKWGcCzjbcMziABRfDxCOXtVyUJuEL2BhBw=
Subject key identifier: A2:F0:83:69:1C:09:04:D7:D9:9C:00:63:88:E2:32:18:2A:A4:D8:76
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194BC0BF2B557468821A6DC1754CB3F29E3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ovCDaRwJBNfZnABjiOIyGCqk2HY.roa
Signing time: Fri 31 Jan 2025 11:08:07 +0000
ROA not before: Fri 31 Jan 2025 11:08:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 16:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:0b:f2:b5:57:46:88:21:a6:dc:17:54:cb:3f:29:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 31 11:08:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2f083691c0904d7d99c006388e232182aa4d876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a2:4c:f3:21:f0:22:4a:12:1d:b9:f0:1f:e5:
63:eb:cf:53:f7:98:45:d2:52:2d:25:b4:0c:f7:ba:
ef:b1:0f:09:05:bc:fe:55:b0:61:b4:7a:29:e3:c1:
16:16:ad:5a:e0:82:06:27:68:27:1b:41:5c:46:69:
a1:07:b6:f4:a1:57:1b:2b:86:3b:e1:8b:48:84:4d:
f8:70:76:7f:16:86:fa:9d:7c:f5:76:62:59:1f:8e:
33:e3:62:b6:92:7e:ad:c0:10:7b:7a:a4:0c:6d:13:
9a:fe:30:eb:24:7b:2c:b8:b2:9b:c6:2a:bb:8c:61:
ed:f6:97:66:bf:3a:8a:62:a8:df:57:e1:2f:a5:aa:
2a:47:f5:5e:48:52:dd:d0:e3:e3:82:42:45:73:24:
2d:57:36:a6:79:38:d9:4f:a3:08:5e:6a:ae:49:84:
df:06:bd:5c:b9:57:02:fb:d5:d2:0e:c5:12:c0:1b:
72:8c:a7:38:bd:2e:25:95:86:79:e3:da:3c:22:7a:
37:cd:ea:10:b6:5d:2f:c3:9d:27:c1:21:24:e4:05:
48:86:91:3f:ca:3b:e9:20:c0:3e:dc:31:b9:6e:19:
0e:26:52:81:36:7d:2c:e4:70:94:5b:11:af:00:5a:
6a:7d:22:5a:b9:7b:0e:13:3c:6e:0b:a3:6b:c6:4f:
5f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F0:83:69:1C:09:04:D7:D9:9C:00:63:88:E2:32:18:2A:A4:D8:76
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ovCDaRwJBNfZnABjiOIyGCqk2HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.215.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5e:31:91:64:1b:e7:d9:0a:37:8d:c8:a5:75:66:fd:3f:c1:
02:fb:dc:5a:25:76:78:6d:1f:73:a6:c0:e5:e4:cb:6c:69:6e:
16:eb:8b:35:9f:f3:df:89:4d:22:14:52:56:f5:3d:0f:d5:b2:
82:cf:bd:04:3f:51:fc:58:e5:8b:27:d4:3e:6e:12:0c:4f:01:
c6:8b:ee:00:24:69:66:0d:57:14:6f:1f:ec:03:50:13:a6:1f:
d4:31:98:1d:15:39:02:56:df:bf:77:78:93:0e:53:47:e0:21:
38:67:f5:9f:40:e4:2e:5d:03:60:81:86:92:e0:2f:46:a1:1f:
37:1e:d9:d7:22:ae:2c:73:40:14:24:00:f2:49:96:41:cd:ab:
df:9f:ad:e7:eb:51:31:ee:6d:d2:f7:85:a3:73:fb:ab:fe:6b:
c3:54:c3:e1:5b:83:91:9d:f9:79:ed:76:5d:8f:54:f7:ac:63:
4a:35:44:1a:7b:49:1a:d9:5a:45:2a:96:40:c4:ce:96:86:f1:
17:4f:6f:e1:1d:64:c4:36:ca:84:79:f7:c5:1c:9b:d3:12:55:
fd:81:5b:22:2c:a0:81:20:67:81:9e:dd:73:03:08:7d:0f:7a:
5b:ac:6c:3d:2e:95:e6:88:36:0c:ac:cb:6b:ea:f6:a6:0e:d5:
66:f8:58:7c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZS8C/K1V0aIIabcF1TLPynjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTMxMTEwODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmYwODM2OTFjMDkwNGQ3ZDk5YzAwNjM4OGUyMzIxODJhYTRkODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKJM8yHwIkoSHbnwH+Vj689T95hF
0lItJbQM97rvsQ8JBbz+VbBhtHop48EWFq1a4IIGJ2gnG0FcRmmhB7b0oVcbK4Y7
4YtIhE34cHZ/Fob6nXz1dmJZH44z42K2kn6twBB7eqQMbROa/jDrJHssuLKbxiq7
jGHt9pdmvzqKYqjfV+EvpaoqR/VeSFLd0OPjgkJFcyQtVzameTjZT6MIXmquSYTf
Br1cuVcC+9XSDsUSwBtyjKc4vS4llYZ549o8Ino3zeoQtl0vw50nwSEk5AVIhpE/
yjvpIMA+3DG5bhkOJlKBNn0s5HCUWxGvAFpqfSJauXsOEzxuC6Nrxk9f3QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKLwg2kcCQTX2ZwAY4jiMhgqpNh2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3ZDRGFSd0pCTmZabkFCamlPSXlHQ3FrMkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZIgMEAFKZJQMEAFKZSAMEAFKZTwMEAFKZhAME
AFKZ4AMEAFnVBAMEAFnVBwMEAFnVggMEAFnVvgMEAFnV1wMEAG2w9wMEAG2w+wME
ALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAZF4xkWQb59kKN43IpXVm/T/BAvvcWiV2
eG0fc6bA5eTLbGluFuuLNZ/z34lNIhRSVvU9D9Wygs+9BD9R/FjliyfUPm4SDE8B
xovuACRpZg1XFG8f7ANQE6Yf1DGYHRU5Albfv3d4kw5TR+AhOGf1n0DkLl0DYIGG
kuAvRqEfNx7Z1yKuLHNAFCQA8kmWQc2r35+t5+tRMe5t0veFo3P7q/5rw1TD4VuD
kZ35ee12XY9U96xjSjVEGntJGtlaRSqWQMTOlobxF09v4R1kxDbKhHn3xRyb0xJV
/YFbIiyggSBngZ7dcwMIfQ96W6xsPS6V5og2DKzLa+r2pg7VZvhYfA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:06 2025 by rpki-client