Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q6LNVbmSYxyhsTHRZFTkeDHwnyE.roa
File: q6LNVbmSYxyhsTHRZFTkeDHwnyE.roa (raw, json)
Hash identifier: PP7NQehCNMrA/NfoZV8VPaszzBXnBVN1z0gYIfjhF4A=
Subject key identifier: AB:A2:CD:55:B9:92:63:1C:A1:B1:31:D1:64:54:E4:78:31:F0:9F:21
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019102A66549C3A434BBA2434BC0FA0E1D61
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q6LNVbmSYxyhsTHRZFTkeDHwnyE.roa
Signing time: Tue 30 Jul 2024 07:59:04 +0000
ROA not before: Tue 30 Jul 2024 07:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.76.0/22 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:a6:65:49:c3:a4:34:bb:a2:43:4b:c0:fa:0e:1d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 30 07:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aba2cd55b992631ca1b131d16454e47831f09f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:e4:2d:9b:ba:4d:40:ae:0b:bc:38:0e:06:
89:96:90:be:62:40:43:4c:79:78:32:bf:48:1e:a9:
34:80:f1:80:da:34:2f:ba:3f:1a:21:a9:1d:99:30:
90:d7:04:c6:7a:72:58:e8:c1:8d:50:0e:c5:1f:1d:
27:97:c7:3f:bd:d9:d4:07:83:4c:c7:68:72:c9:6f:
73:3c:4e:b8:57:84:36:4b:a9:57:44:a7:4b:f3:2a:
4e:20:fd:b8:13:f2:9e:f9:2d:e0:78:b6:d2:58:10:
44:36:00:41:bb:b7:3c:2b:24:56:a3:24:ca:6f:d6:
95:f4:7b:36:0c:7c:11:a6:77:7c:d9:03:fc:85:d0:
35:4d:7b:14:76:56:3f:50:96:95:a8:56:37:ca:4a:
e8:f3:71:dc:9a:5a:fd:a2:80:7f:24:9c:2d:86:cd:
bd:a1:f5:71:b2:ba:9d:e6:9d:55:bf:94:d7:24:00:
9a:98:43:90:3a:f4:b4:44:f2:ad:80:5d:99:6c:6e:
ca:70:b4:b0:10:aa:25:59:44:ea:13:da:3c:d1:4f:
d0:0f:4f:7d:71:ed:7e:e9:5b:db:d8:58:f9:a1:bb:
64:13:b9:16:5a:bd:e3:8d:3e:60:9f:08:65:7f:e0:
62:75:9d:e2:cd:24:b5:b5:4c:64:5f:e5:e9:3f:7b:
1f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A2:CD:55:B9:92:63:1C:A1:B1:31:D1:64:54:E4:78:31:F0:9F:21
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q6LNVbmSYxyhsTHRZFTkeDHwnyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.50.0/23
89.213.56.0/22
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.76.0-194.105.95.255
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:c2:81:7b:7e:2f:a9:2b:6b:9e:b7:fa:6c:84:8b:b2:3e:16:
64:b5:d2:05:c7:af:f2:39:46:7a:94:f1:2d:70:17:dc:27:e6:
7d:3e:6f:44:86:05:dc:01:3c:40:5d:eb:54:34:46:25:22:85:
0c:a8:74:9f:07:b8:67:10:24:6e:d1:ed:8b:db:ed:f6:04:fa:
c5:b7:bc:00:18:1f:73:58:78:c8:d2:26:04:c9:cb:1a:63:93:
0c:80:27:18:6c:49:6d:44:44:ae:7a:7c:d7:6b:f5:ce:d4:7a:
16:1b:9d:bf:10:e7:e3:6b:fa:4f:c5:fa:e2:b2:ce:41:ea:d0:
ae:67:33:b4:50:15:e8:78:28:3a:5d:6e:7d:d5:a9:9a:67:4a:
92:f5:9a:52:c6:fc:36:55:b8:74:67:f7:00:52:18:8f:86:4f:
79:2b:bc:44:4a:85:ca:56:6d:a3:63:13:38:f6:c6:e2:bd:bf:
ea:22:00:ed:c1:da:73:e9:71:78:95:29:ff:18:4a:c4:5d:43:
4a:3c:4c:ea:74:a4:38:31:2e:95:10:67:42:84:df:f8:6e:30:
c4:1d:0c:e4:a7:4b:f5:ae:53:e2:5c:74:7a:ea:62:46:d0:25:
50:42:23:00:71:94:22:1f:07:ca:86:06:79:4d:5e:10:78:19:
29:70:74:9d
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZECpmVJw6Q0u6JDS8D6Dh1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzMwMDc1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmEyY2Q1NWI5OTI2MzFjYTFiMTMxZDE2NDU0ZTQ3ODMxZjA5ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPXkLZu6TUCuC7w4DgaJlpC+YkBD
THl4Mr9IHqk0gPGA2jQvuj8aIakdmTCQ1wTGenJY6MGNUA7FHx0nl8c/vdnUB4NM
x2hyyW9zPE64V4Q2S6lXRKdL8ypOIP24E/Ke+S3geLbSWBBENgBBu7c8KyRWoyTK
b9aV9Hs2DHwRpnd82QP8hdA1TXsUdlY/UJaVqFY3ykro83Hcmlr9ooB/JJwths29
ofVxsrqd5p1Vv5TXJACamEOQOvS0RPKtgF2ZbG7KcLSwEKolWUTqE9o80U/QD099
ce1+6Vvb2Fj5obtkE7kWWr3jjT5gnwhlf+BidZ3izSS1tUxkX+XpP3sfBQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKuizVW5kmMcobEx0WRU5Hgx8J8hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcTZMTlZibVNZeHloc1RIUlpGVGtlREh3bnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAFS
mLADBAJSmYgDBABSmfMDBAFZ1TIDBAJZ1TgDBABZ1ZEwDAMEAlnVlAMEBVnVgAME
AFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBAJt
sMwDBAG5MX4wDAMEAsJpTAMEBcJpQAMEAdQmWAMEANXa0wMEANmRQgMEA9mRSDAN
BgkqhkiG9w0BAQsFAAOCAQEATcKBe34vqStrnrf6bISLsj4WZLXSBcev8jlGepTx
LXAX3CfmfT5vRIYF3AE8QF3rVDRGJSKFDKh0nwe4ZxAkbtHti9vt9gT6xbe8ABgf
c1h4yNImBMnLGmOTDIAnGGxJbURErnp812v1ztR6FhudvxDn42v6T8X64rLOQerQ
rmcztFAV6HgoOl1ufdWpmmdKkvWaUsb8NlW4dGf3AFIYj4ZPeSu8REqFylZto2MT
OPbG4r2/6iIA7cHac+lxeJUp/xhKxF1DSjxM6nSkODEulRBnQoTf+G4wxB0M5KdL
9a5T4lx0eupiRtAlUEIjAHGUIh8HyoYGeU1eEHgZKXB0nQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:30 2025 by rpki-client