Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pI1neW_Nrs2Uz8wMpfCzQIDW0wU.roa
File: pI1neW_Nrs2Uz8wMpfCzQIDW0wU.roa (raw, json)
Hash identifier: Z+vi4Zs1RwTa1vVkogllyUxCgXMuGH7G8EkjwA8BwNQ=
Subject key identifier: A4:8D:67:79:6F:CD:AE:CD:94:CF:CC:0C:A5:F0:B3:40:80:D6:D3:05
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195A44833D31EDA73FA921D64CB6003869C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pI1neW_Nrs2Uz8wMpfCzQIDW0wU.roa
Signing time: Mon 17 Mar 2025 13:25:50 +0000
ROA not before: Mon 17 Mar 2025 13:25:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.244.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 10:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:48:33:d3:1e:da:73:fa:92:1d:64:cb:60:03:86:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 17 13:25:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a48d67796fcdaecd94cfcc0ca5f0b34080d6d305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:05:0d:ec:dc:6e:ea:5b:60:f0:0c:4a:78:32:
92:34:01:ed:57:51:be:19:4c:e4:4f:51:b1:4d:de:
c3:5d:8a:4e:4b:fd:95:48:6b:5b:69:f2:6c:81:f2:
1d:3c:0a:7d:18:f6:08:89:24:1a:98:5d:28:d8:33:
9a:56:d3:1f:a3:84:ae:5b:90:ef:51:d9:ee:07:b4:
e6:c1:66:5c:8c:e7:8c:4b:0c:5f:a7:48:72:5b:1b:
34:b9:c5:72:c6:a6:35:be:37:50:f1:5f:59:7b:f3:
1f:dd:fb:51:7f:e2:27:13:1b:49:49:0a:26:c8:67:
3d:20:f1:84:6d:6f:9a:0f:30:7c:c7:33:08:c2:0b:
c3:70:3b:b3:2e:56:73:a4:77:e6:a3:a4:47:da:bc:
c9:0b:c0:90:a7:48:9f:80:81:2a:f6:41:70:fa:5c:
fd:8b:d8:24:ce:b8:a4:97:82:a5:5a:94:71:d7:74:
71:dc:2a:e1:77:ca:ac:24:66:a3:56:7f:7b:04:9d:
50:94:04:d4:15:26:99:08:ce:8d:8d:af:74:11:af:
da:d8:03:33:e3:78:15:db:2e:3b:06:84:75:eb:e9:
ff:15:a1:fe:04:5a:7a:d1:14:c1:4c:f7:20:b7:61:
d5:33:4c:04:9e:10:c1:16:4c:31:7d:71:d5:69:d5:
84:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:67:79:6F:CD:AE:CD:94:CF:CC:0C:A5:F0:B3:40:80:D6:D3:05
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pI1neW_Nrs2Uz8wMpfCzQIDW0wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:10:19:e6:76:1c:16:a3:9f:48:3e:65:00:5f:13:10:ec:81:
b5:92:20:86:4b:1a:ef:95:42:35:87:f3:12:2f:bf:c7:79:fe:
28:5d:e0:65:87:68:82:96:c8:e2:4e:98:c3:dc:96:ac:cd:e7:
db:d9:61:1f:08:85:0a:ff:8b:6f:4c:ef:fb:24:ef:53:29:c7:
de:ec:07:d3:28:cc:4b:5d:7d:d7:89:3e:57:46:6d:c3:fa:ef:
de:36:ee:ea:cf:81:53:11:b1:92:8b:94:d5:f4:8a:a9:ff:21:
fa:6f:33:f2:fc:24:50:8a:44:84:c1:06:ba:d5:86:70:8a:bf:
c9:a4:5e:f6:4c:c8:8a:46:bd:5c:14:26:bf:6e:2c:30:c8:91:
40:5a:55:46:3d:0d:2d:9d:02:85:91:32:bc:a1:7d:87:3b:8f:
9f:11:e6:3c:3d:4d:52:e7:c0:71:74:32:2f:57:0f:63:e8:df:
28:46:62:cb:fe:22:a8:7f:98:65:ff:85:65:63:c3:4e:9b:ca:
ee:75:a8:8c:9b:07:b2:f8:3b:61:01:53:6a:79:16:a7:be:96:
79:5b:ef:8b:4b:23:c9:3f:47:02:77:6d:11:ac:91:ca:a4:2b:
45:2b:e1:5e:9a:6b:e1:41:5d:0e:58:ce:fb:b3:fe:f3:35:7b:
7f:4f:af:5b
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZWkSDPTHtpz+pIdZMtgA4acMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzE3MTMyNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhkNjc3OTZmY2RhZWNkOTRjZmNjMGNhNWYwYjM0MDgwZDZkMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wUN7Nxu6ltg8AxKeDKSNAHtV1G+
GUzkT1GxTd7DXYpOS/2VSGtbafJsgfIdPAp9GPYIiSQamF0o2DOaVtMfo4SuW5Dv
UdnuB7TmwWZcjOeMSwxfp0hyWxs0ucVyxqY1vjdQ8V9Ze/Mf3ftRf+InExtJSQom
yGc9IPGEbW+aDzB8xzMIwgvDcDuzLlZzpHfmo6RH2rzJC8CQp0ifgIEq9kFw+lz9
i9gkzrikl4KlWpRx13Rx3Crhd8qsJGajVn97BJ1QlATUFSaZCM6Nja90Ea/a2AMz
43gV2y47BoR16+n/FaH+BFp60RTBTPcgt2HVM0wEnhDBFkwxfXHVadWEEQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFKSNZ3lvza7NlM/MDKXws0CA1tMFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcEkxbmVXX05yczJVejh3TXBmQ3pRSURXMHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAS4EAgABMIIB
JgMEAFKYCAMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnVOAMEAFnV
gQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YAD
BABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEAFnVsAMEAFnVtQMEAFnV
twMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBABtsMED
BAJtsMwDBAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8DBAHUJlgD
BALVgoQDBADVmCsDBALV0jQDBADV2tMDBADV2uIDBALV2vQwDAMEANmRQQMEANmR
QgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAOhAZ5nYcFqOfSD5lAF8TEOyBtZIg
hksa75VCNYfzEi+/x3n+KF3gZYdogpbI4k6Yw9yWrM3n29lhHwiFCv+Lb0zv+yTv
UynH3uwH0yjMS11914k+V0Ztw/rv3jbu6s+BUxGxkouU1fSKqf8h+m8z8vwkUIpE
hMEGutWGcIq/yaRe9kzIika9XBQmv24sMMiRQFpVRj0NLZ0ChZEyvKF9hzuPnxHm
PD1NUufAcXQyL1cPY+jfKEZiy/4iqH+YZf+FZWPDTpvK7nWojJsHsvg7YQFTankW
p76WeVvvi0sjyT9HAndtEayRyqQrRSvhXppr4UFdDljO+7P+8zV7f0+vWw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:54:25 2025 by rpki-client