Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qKc9Bnxd0Or2kE4Ag5UiPgtIfo8.roa
File: qKc9Bnxd0Or2kE4Ag5UiPgtIfo8.roa (raw, json)
Hash identifier: KW9br70m3gjYZvm9rAM58B7fPeKPqdq4WnzfRdEDiKU=
Subject key identifier: A8:A7:3D:06:7C:5D:D0:EA:F6:90:4E:00:83:95:22:3E:0B:48:7E:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EAD48346F9120D4514FC6731B7A0850DD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qKc9Bnxd0Or2kE4Ag5UiPgtIfo8.roa
Signing time: Fri 05 Apr 2024 08:02:54 +0000
ROA not before: Fri 05 Apr 2024 08:02:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
212.38.74.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 07:59:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:48:34:6f:91:20:d4:51:4f:c6:73:1b:7a:08:50:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 5 08:02:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a73d067c5dd0eaf6904e008395223e0b487e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ad:27:ed:a8:12:17:cc:04:e4:8b:c0:15:a0:
11:a7:2d:bb:de:77:4a:d0:0f:0c:fc:f7:45:d2:a1:
76:a3:f7:70:da:05:f7:da:f5:f1:15:a4:37:bd:e8:
8e:e6:d2:51:31:f9:b5:31:02:6c:40:2e:44:56:7f:
34:59:82:e2:f2:b8:aa:0d:0c:9c:ba:57:b3:73:4a:
81:2d:bd:ce:53:ef:db:31:a3:e8:6f:9f:b5:e7:83:
f2:3e:48:97:ab:86:e0:e9:35:f9:c5:3f:d1:f8:d5:
76:d4:c6:83:66:82:a9:f8:7c:b6:85:20:4d:dc:f5:
92:d2:c6:3f:b0:53:8e:5d:27:a7:84:ae:87:b6:5a:
f6:1d:af:5f:94:cd:9c:c4:f1:a6:c7:26:a7:28:00:
3c:28:c0:d3:83:56:ed:bf:06:b3:07:ba:29:b9:f4:
af:4a:c6:2b:7e:9b:1c:93:cc:47:87:53:56:90:1b:
d5:4c:cd:7d:1a:84:9b:46:4f:82:89:1c:5f:55:c9:
49:06:56:68:79:72:13:4d:18:b8:56:dc:19:01:6c:
f2:cc:4b:01:21:51:c6:92:16:53:1a:12:de:f1:6a:
da:a6:60:cd:ec:f4:a0:4e:57:81:76:9e:72:67:83:
97:6d:13:51:74:4b:f2:76:af:a2:26:f9:0f:5c:f6:
af:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:3D:06:7C:5D:D0:EA:F6:90:4E:00:83:95:22:3E:0B:48:7E:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qKc9Bnxd0Or2kE4Ag5UiPgtIfo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.49.0/24
82.153.65.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
212.38.74.0/24
212.38.79.0/24
212.38.84.0/24
213.130.138.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9c:6d:25:cb:3c:bb:c7:d9:83:eb:0a:54:a2:7a:d6:54:00:
11:d7:ed:bb:66:16:9d:b7:d5:b6:11:c8:1d:ff:c2:54:35:50:
00:9b:f9:c8:85:82:4d:52:89:86:3c:5c:c6:80:bc:d4:3a:aa:
c5:48:52:83:0f:81:8b:fe:ba:bc:b0:ca:28:b2:9e:5b:7e:2d:
ed:b4:03:ab:bb:e2:ad:2c:67:c7:77:3e:73:44:9b:e2:af:0a:
4b:6a:e5:3f:86:f4:cf:af:50:06:f1:13:2c:d7:fa:44:8a:a8:
af:3c:a0:1f:a5:06:cb:c8:78:13:08:d5:15:b5:a5:7e:44:e1:
f1:6b:ca:ee:e8:dd:c5:4c:d4:52:ca:04:89:36:36:51:0c:c0:
d1:ad:b5:6d:36:84:3b:39:fb:90:25:4f:4c:d3:6e:af:f4:a3:
66:ff:36:0d:6b:70:cd:fc:e0:d9:5d:4e:47:e1:aa:35:8b:e4:
7d:e7:bd:36:8d:11:ce:ec:f5:1d:59:bb:90:3c:10:09:9f:c4:
2b:53:94:d4:b8:ff:d3:55:8d:03:a5:bc:41:5a:b5:7b:39:92:
da:29:2c:39:79:93:36:99:ca:ea:b4:62:3e:04:6e:12:18:ae:
74:26:b2:ce:ef:46:ba:c7:e2:4e:6b:3b:be:91:3e:fd:cc:4e:
5b:73:8b:10
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY6tSDRvkSDUUU/Gcxt6CFDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA1MDgwMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE3M2QwNjdjNWRkMGVhZjY5MDRlMDA4Mzk1MjIzZTBiNDg3ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm60n7agSF8wE5IvAFaARpy273ndK
0A8M/PdF0qF2o/dw2gX32vXxFaQ3veiO5tJRMfm1MQJsQC5EVn80WYLi8riqDQyc
ulezc0qBLb3OU+/bMaPob5+154PyPkiXq4bg6TX5xT/R+NV21MaDZoKp+Hy2hSBN
3PWS0sY/sFOOXSenhK6Htlr2Ha9flM2cxPGmxyanKAA8KMDTg1btvwazB7opufSv
SsYrfpsck8xHh1NWkBvVTM19GoSbRk+CiRxfVclJBlZoeXITTRi4VtwZAWzyzEsB
IVHGkhZTGhLe8WrapmDN7PSgTleBdp5yZ4OXbRNRdEvydq+iJvkPXPavOQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKinPQZ8XdDq9pBOAIOVIj4LSH6PMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcUtjOUJueGQwT3Iya0U0QWc1VWlQZ3RJZm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3AwQA1CZKAwQA1CZPAwQA1CZUAwQA
1YKKMA0GCSqGSIb3DQEBCwUAA4IBAQAPnG0lyzy7x9mD6wpUonrWVAAR1+27Zhad
t9W2Ecgd/8JUNVAAm/nIhYJNUomGPFzGgLzUOqrFSFKDD4GL/rq8sMoosp5bfi3t
tAOru+KtLGfHdz5zRJvirwpLauU/hvTPr1AG8RMs1/pEiqivPKAfpQbLyHgTCNUV
taV+ROHxa8ru6N3FTNRSygSJNjZRDMDRrbVtNoQ7OfuQJU9M026v9KNm/zYNa3DN
/ODZXU5H4ao1i+R95702jRHO7PUdWbuQPBAJn8QrU5TUuP/TVY0DpbxBWrV7OZLa
KSw5eZM2mcrqtGI+BG4SGK50JrLO70a6x+JOazu+kT79zE5bc4sQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org