Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pHq0lwFqEEDK89A76-8_C-7-kRs.roa
File: pHq0lwFqEEDK89A76-8_C-7-kRs.roa (raw, json)
Hash identifier: Hqd5as0gCjMvyBMUeTxoMyUbFj8X3apPAsohZ8+Ohhs=
Subject key identifier: A4:7A:B4:97:01:6A:10:40:CA:F3:D0:3B:EB:EF:3F:0B:EE:FE:91:1B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01955B9E0FBD210F52ECBAD84CC27B035DD2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pHq0lwFqEEDK89A76-8_C-7-kRs.roa
Signing time: Mon 03 Mar 2025 10:47:20 +0000
ROA not before: Mon 03 Mar 2025 10:47:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.88.0/24 maxlen: 24
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 09:09:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:9e:0f:bd:21:0f:52:ec:ba:d8:4c:c2:7b:03:5d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 3 10:47:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a47ab497016a1040caf3d03bebef3f0beefe911b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:fd:da:d6:92:34:96:87:5b:47:77:f7:0c:
b8:59:29:2b:1e:45:80:1e:39:b1:19:e2:0d:a3:03:
bb:cb:38:de:be:f1:92:52:b1:87:48:3f:b6:6f:ff:
34:52:a8:32:78:7d:f9:8c:18:cf:24:91:90:98:6c:
82:dc:73:fe:fa:99:d4:4f:07:31:6d:17:4f:9e:13:
3b:a3:89:83:65:ec:89:61:c1:95:a7:2c:a9:e6:ce:
fc:9a:1b:a8:5f:7d:dd:26:9c:b3:29:c3:d6:a1:3e:
5f:04:38:2e:e9:08:e9:3e:aa:a9:8d:92:31:8f:51:
9a:e7:a6:f2:5a:e7:e0:3b:37:52:c3:a1:7a:f6:2c:
00:8b:79:36:db:d8:7c:4e:94:3a:c7:44:99:a4:f7:
0a:38:03:1c:d0:5e:6a:c2:27:94:5b:93:42:fd:7e:
11:2d:95:41:24:88:26:16:62:51:9f:4d:64:b3:56:
f5:b6:d3:57:e1:07:2d:33:34:95:28:8b:73:27:51:
ef:57:cc:27:0e:e1:cb:2c:b2:45:83:1c:e8:82:76:
be:40:60:26:84:3b:f8:85:49:80:97:c9:77:97:67:
bb:e3:6a:7e:8a:5f:85:6f:fa:d2:f6:1e:22:d2:e8:
a6:87:b7:18:36:87:92:25:c7:8b:f5:b0:26:78:b6:
28:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7A:B4:97:01:6A:10:40:CA:F3:D0:3B:EB:EF:3F:0B:EE:FE:91:1B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pHq0lwFqEEDK89A76-8_C-7-kRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.124.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.215.0/24
213.218.226.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
58:67:ba:87:58:03:98:d2:7c:c8:8f:00:e5:4d:94:e3:4b:cb:
96:4a:17:c6:f8:75:f4:3a:43:87:7c:48:cf:43:e0:55:ce:32:
24:48:f6:c2:4b:c8:09:7f:81:28:e1:8c:c5:9b:05:bf:fb:b7:
c2:bc:38:c8:41:9e:d3:ba:c3:03:64:c3:d6:aa:bd:2b:26:fe:
7d:d2:07:63:74:7b:67:eb:51:72:2f:6e:3e:9a:86:f3:3d:72:
fb:0e:78:1e:bd:7c:15:34:d3:f3:0b:d7:e1:76:27:18:b5:75:
24:6a:eb:6a:3a:e7:58:ff:ff:10:c1:e8:52:3b:a5:ab:6f:91:
f1:a0:b7:a2:7b:09:3b:68:d2:33:aa:73:e4:30:c1:d9:fc:a5:
19:73:6e:94:f7:20:89:aa:2b:fa:91:44:44:e7:06:ed:05:c0:
30:c4:d0:7a:64:44:40:d4:ce:17:27:8b:05:5c:ba:00:6f:09:
6f:35:72:14:58:33:f8:aa:66:53:04:9e:6d:3b:ea:97:78:17:
bb:e6:0b:b4:aa:fd:cc:c8:8b:32:b3:78:e8:84:0e:2d:ad:10:
5a:9d:4a:3a:4e:6e:0e:5f:5f:9b:54:0b:8e:c9:68:3f:41:45:
f7:4d:e4:8f:db:8f:04:62:d4:16:8b:ec:a0:fd:cc:9f:54:dd:
13:94:41:06
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZVbng+9IQ9S7LrYTMJ7A13SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzAzMTA0NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDdhYjQ5NzAxNmExMDQwY2FmM2QwM2JlYmVmM2YwYmVlZmU5MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPf92taSNJaHW0d39wy4WSkrHkWA
HjmxGeINowO7yzjevvGSUrGHSD+2b/80UqgyeH35jBjPJJGQmGyC3HP++pnUTwcx
bRdPnhM7o4mDZeyJYcGVpyyp5s78mhuoX33dJpyzKcPWoT5fBDgu6QjpPqqpjZIx
j1Ga56byWufgOzdSw6F69iwAi3k229h8TpQ6x0SZpPcKOAMc0F5qwieUW5NC/X4R
LZVBJIgmFmJRn01ks1b1ttNX4QctMzSVKItzJ1HvV8wnDuHLLLJFgxzogna+QGAm
hDv4hUmAl8l3l2e742p+il+Fb/rS9h4i0uimh7cYNoeSJceL9bAmeLYoqwIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFKR6tJcBahBAyvPQO+vvPwvu/pEbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcEhxMGx3RnFFRURLODlBNzYtOF9DLTcta1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAS4EAgABMIIB
JgMEAFGofgMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBAD
BAJtsMwDBAFtsPIDBABtsPwDBAC5MXwDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8D
BAHUJlgDBADVmCsDBALV0jQDBADV2tMDBADV2tcDBADV2uIwDAMEANmRQQMEANmR
QgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAWGe6h1gDmNJ8yI8A5U2U40vLlkoX
xvh19DpDh3xIz0PgVc4yJEj2wkvICX+BKOGMxZsFv/u3wrw4yEGe07rDA2TD1qq9
Kyb+fdIHY3R7Z+tRci9uPpqG8z1y+w54Hr18FTTT8wvX4XYnGLV1JGrrajrnWP//
EMHoUjulq2+R8aC3onsJO2jSM6pz5DDB2fylGXNulPcgiaor+pFEROcG7QXAMMTQ
emREQNTOFyeLBVy6AG8JbzVyFFgz+KpmUwSebTvql3gXu+YLtKr9zMiLMrN46IQO
La0QWp1KOk5uDl9fm1QLjsloP0FF903kj9uPBGLUFovsoP3Mn1TdE5RBBg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:19:38 2025 by rpki-client