Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pN7DinbBI2OoOOWN_8s-aZ1XHs8.roa
File: pN7DinbBI2OoOOWN_8s-aZ1XHs8.roa (raw, json)
Hash identifier: oVQUS1VtJpEVQO+/Yi2NjmO3OHF+vmWT5lBv0up8+JM=
Subject key identifier: A4:DE:C3:8A:76:C1:23:63:A8:38:E5:8D:FF:CB:3E:69:9D:57:1E:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01917B0BE59AB4B54A6A539766A499545BFB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pN7DinbBI2OoOOWN_8s-aZ1XHs8.roa
Signing time: Thu 22 Aug 2024 17:04:22 +0000
ROA not before: Thu 22 Aug 2024 17:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.104.0/24 maxlen: 24
89.213.114.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 15:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7b:0b:e5:9a:b4:b5:4a:6a:53:97:66:a4:99:54:5b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 22 17:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4dec38a76c12363a838e58dffcb3e699d571ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:a4:f0:0e:c8:bf:9b:d8:4f:35:8d:a2:ac:
83:a9:d6:d2:19:e1:92:dd:2d:b7:46:16:d9:9a:9e:
48:cf:a5:73:af:30:17:b2:6c:f3:9e:b9:3d:7e:ff:
d6:2a:38:28:07:17:80:12:ec:b6:94:fc:33:1b:02:
dd:22:85:ac:1a:72:ff:4c:90:f3:6d:97:d7:30:47:
3e:19:f5:a0:91:a6:8f:87:a9:2d:45:3e:33:9f:ab:
3d:36:58:01:d9:6a:46:11:1e:53:bd:60:6a:e2:89:
ef:fc:c7:e1:e6:8d:56:9a:a5:a1:ea:c0:2c:30:88:
00:a7:48:9d:2a:24:15:66:cf:a1:f9:29:02:60:8b:
2e:19:80:59:ec:25:9e:a9:b9:a5:23:4a:81:e3:ff:
17:c6:a0:76:8b:83:9c:db:60:96:8e:0c:0d:87:d8:
39:93:6f:e7:e6:e5:f6:db:53:91:6a:bd:79:f7:cd:
8e:90:f9:08:d4:09:04:c1:7b:d8:eb:ae:d0:f7:e5:
d5:37:86:9c:13:9c:19:6f:38:8a:1f:5f:42:22:f4:
f1:4b:ce:f5:d8:8d:9f:e2:2a:85:e4:4d:b1:c2:91:
32:ff:e5:6d:c0:82:da:c3:fa:8e:a9:92:11:ec:62:
a4:c9:db:1f:39:b8:04:2d:ed:a5:bd:fb:21:c5:44:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DE:C3:8A:76:C1:23:63:A8:38:E5:8D:FF:CB:3E:69:9D:57:1E:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pN7DinbBI2OoOOWN_8s-aZ1XHs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.104.0/24
89.213.114.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:ad:36:d1:09:9c:4d:9a:ed:b2:df:76:e6:39:c9:7f:8c:91:
d6:a0:99:14:c7:61:20:48:85:76:85:0a:f7:7c:df:3a:dc:c7:
de:80:90:68:50:58:3e:04:9d:18:23:60:e9:cc:72:44:68:ab:
91:48:91:cc:5c:66:55:fd:0d:49:07:6b:ed:1d:8d:bd:a6:8c:
8d:d5:11:76:32:3e:92:41:f8:5d:6b:a0:96:88:70:e4:11:2f:
21:4b:7a:07:b0:71:56:c6:59:44:87:a5:fa:0c:97:25:2f:b0:
ce:9d:84:22:5e:0f:2b:84:ab:f9:f9:65:94:fe:a8:c0:72:21:
2d:a2:75:46:1e:10:21:8d:ed:4f:a3:81:bf:fe:11:65:9a:44:
52:e0:46:64:d5:75:c2:a2:6a:2e:9f:47:c6:b3:d0:40:27:54:
90:e8:fe:8d:17:f7:ab:b1:b8:01:a8:e0:da:15:69:57:e4:fd:
f8:e1:c5:44:1e:be:5f:2f:26:36:ee:70:dc:c1:f0:72:ed:de:
83:c2:99:2b:c1:f1:be:53:6e:23:a3:71:98:52:17:6d:72:ac:
12:f6:eb:cb:a2:66:17:23:e5:c8:27:93:23:34:8d:b2:74:db:
34:48:94:6f:0f:dc:15:2a:99:08:7a:10:a6:5c:17:c0:f1:ab:
e7:13:38:20
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZF7C+WatLVKalOXZqSZVFv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODIyMTcwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRlYzM4YTc2YzEyMzYzYTgzOGU1OGRmZmNiM2U2OTlkNTcxZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGOk8A7Iv5vYTzWNoqyDqdbSGeGS
3S23RhbZmp5Iz6VzrzAXsmzznrk9fv/WKjgoBxeAEuy2lPwzGwLdIoWsGnL/TJDz
bZfXMEc+GfWgkaaPh6ktRT4zn6s9NlgB2WpGER5TvWBq4onv/Mfh5o1WmqWh6sAs
MIgAp0idKiQVZs+h+SkCYIsuGYBZ7CWeqbmlI0qB4/8XxqB2i4Oc22CWjgwNh9g5
k2/n5uX221ORar15982OkPkI1AkEwXvY667Q9+XVN4acE5wZbziKH19CIvTxS871
2I2f4iqF5E2xwpEy/+VtwILaw/qOqZIR7GKkydsfObgELe2lvfshxUQrDQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFKTew4p2wSNjqDjljf/LPmmdVx7PMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcE43RGluYkJJMk9vT09XTl84cy1hWjFYSHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAFS
mLADBAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1WgDBABZ1XIDBABZ1ZEwDAMEAlnVlAME
BVnVgAMEAFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANt
sBADBAJtsMwDBAG5MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJ
KoZIhvcNAQELBQADggEBAHutNtEJnE2a7bLfduY5yX+MkdagmRTHYSBIhXaFCvd8
3zrcx96AkGhQWD4EnRgjYOnMckRoq5FIkcxcZlX9DUkHa+0djb2mjI3VEXYyPpJB
+F1roJaIcOQRLyFLegewcVbGWUSHpfoMlyUvsM6dhCJeDyuEq/n5ZZT+qMByIS2i
dUYeECGN7U+jgb/+EWWaRFLgRmTVdcKiai6fR8az0EAnVJDo/o0X96uxuAGo4NoV
aVfk/fjhxUQevl8vJjbucNzB8HLt3oPCmSvB8b5TbiOjcZhSF21yrBL268uiZhcj
5cgnkyM0jbJ02zRIlG8P3BUqmQh6EKZcF8Dxq+cTOCA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:55 2025 by rpki-client