Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qUn0-oWlmWRun0MW1VCzh3sWI0U.roa
File: qUn0-oWlmWRun0MW1VCzh3sWI0U.roa (raw, json)
Hash identifier: 4r1LXUrveDRf4Sl7dFvPubYKfCo5gdEbZwcE9p+9Qh0=
Subject key identifier: A9:49:F4:FA:85:A5:99:64:6E:9F:43:16:D5:50:B3:87:7B:16:23:45
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019258B68392C90496F3A0F73A5A2EEDA3DF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qUn0-oWlmWRun0MW1VCzh3sWI0U.roa
Signing time: Fri 04 Oct 2024 18:06:49 +0000
ROA not before: Fri 04 Oct 2024 18:06:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
194.105.76.0/22 maxlen: 24
213.130.132.0/22 maxlen: 22
213.210.52.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 08 Nov 2024 14:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:b6:83:92:c9:04:96:f3:a0:f7:3a:5a:2e:ed:a3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 4 18:06:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a949f4fa85a599646e9f4316d550b3877b162345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ce:b4:c2:7e:47:b4:2c:92:5b:5c:9f:17:e2:
59:36:02:b8:9f:db:60:12:58:57:f3:b6:52:56:bc:
3f:23:2d:d7:cb:b1:a6:56:ae:6c:4a:db:3f:4f:3c:
56:ef:10:0f:9a:66:45:f8:b0:ed:cc:77:74:7a:55:
43:30:fa:d6:bb:67:4a:09:40:b6:f6:5d:ed:60:0c:
c0:80:f7:67:9f:cf:06:fb:2a:e7:9d:d8:86:89:5c:
9d:77:cb:1e:8f:14:66:28:40:9f:e0:6c:8c:24:18:
86:ae:ac:ec:a4:3b:21:be:c2:a9:08:03:76:f0:bd:
d8:d6:87:24:34:b8:51:6f:4b:14:46:dd:df:3e:87:
3e:98:6e:d8:cb:63:1e:e7:4a:f5:bb:2f:a8:6d:27:
be:86:cb:81:ef:25:d9:7a:ce:ff:c8:13:17:b9:49:
0f:e8:62:a6:31:a1:84:47:a6:e0:d3:e7:cf:1e:b0:
29:30:a6:d9:27:1a:83:ee:a1:9a:1c:36:90:53:f0:
95:b0:e7:7e:99:52:d4:f3:85:83:67:78:d9:c0:24:
bd:8d:d1:a6:6e:f0:23:b4:de:7c:25:1d:9e:f5:b1:
68:60:44:40:53:09:fc:dd:17:c6:dc:c8:c8:e2:88:
ae:4f:b5:e4:c9:aa:be:b0:63:0e:7f:b5:a7:21:34:
10:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:49:F4:FA:85:A5:99:64:6E:9F:43:16:D5:50:B3:87:7B:16:23:45
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qUn0-oWlmWRun0MW1VCzh3sWI0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
194.105.76.0/22
213.130.132.0/22
213.210.52.0/22
213.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:3d:cd:e3:c7:ee:9c:54:56:c9:9b:1f:20:c2:e7:1a:72:f4:
b9:76:53:2c:68:d9:09:f7:52:5e:b8:16:ed:fb:4b:17:89:83:
e4:f9:a3:e6:d6:a7:a8:45:2b:14:23:71:28:89:b4:c0:ed:bb:
02:32:c7:02:2b:d4:43:e0:1e:4a:30:de:d7:d8:92:9d:c3:22:
04:2a:d8:a2:52:09:c9:d2:fa:21:a1:3e:a6:4c:28:d6:5a:3b:
0b:83:f7:66:80:48:8d:78:58:69:8b:3a:e1:30:79:c5:01:cf:
36:5c:dc:0e:67:6c:31:d5:6b:6e:10:3f:42:5c:dd:73:22:e6:
cb:2f:d9:27:68:82:2f:4d:a1:9a:03:8d:5f:24:01:e0:b2:ff:
9d:47:a0:0f:f4:8c:55:1a:98:48:99:9d:a6:a7:bd:a9:8f:b3:
56:fe:16:e5:0f:d1:77:51:cf:bf:14:68:9b:07:7d:50:7f:8a:
43:61:98:1e:d8:7d:8c:3c:96:94:4c:06:c1:5b:e1:84:2f:0d:
eb:71:99:82:dc:ad:c2:30:6f:d7:cd:18:66:1d:af:3b:95:b8:
49:f1:6e:1e:72:d2:58:98:34:e0:5a:d2:18:ad:af:6c:66:0a:
04:ce:65:6f:d8:9f:b8:4e:97:9c:55:b8:c5:fc:d9:1c:b0:0c:
b4:27:90:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJYtoOSyQSW86D3Olou7aPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDA0MTgwNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ5ZjRmYTg1YTU5OTY0NmU5ZjQzMTZkNTUwYjM4NzdiMTYyMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7c60wn5HtCySW1yfF+JZNgK4n9tg
ElhX87ZSVrw/Iy3Xy7GmVq5sSts/TzxW7xAPmmZF+LDtzHd0elVDMPrWu2dKCUC2
9l3tYAzAgPdnn88G+yrnndiGiVydd8sejxRmKECf4GyMJBiGrqzspDshvsKpCAN2
8L3Y1ockNLhRb0sURt3fPoc+mG7Yy2Me50r1uy+obSe+hsuB7yXZes7/yBMXuUkP
6GKmMaGER6bg0+fPHrApMKbZJxqD7qGaHDaQU/CVsOd+mVLU84WDZ3jZwCS9jdGm
bvAjtN58JR2e9bFoYERAUwn83RfG3MjI4oiuT7Xkyaq+sGMOf7WnITQQvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKlJ9PqFpZlkbp9DFtVQs4d7FiNFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVVuMC1vV2xtV1J1bjBNVzFWQ3poM3NXSTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUpnYAwQC
wmlMAwQC1YKEAwQC1dI0AwQC1dr0MA0GCSqGSIb3DQEBCwUAA4IBAQCsPc3jx+6c
VFbJmx8gwucacvS5dlMsaNkJ91JeuBbt+0sXiYPk+aPm1qeoRSsUI3EoibTA7bsC
MscCK9RD4B5KMN7X2JKdwyIEKtiiUgnJ0vohoT6mTCjWWjsLg/dmgEiNeFhpizrh
MHnFAc82XNwOZ2wx1WtuED9CXN1zIubLL9knaIIvTaGaA41fJAHgsv+dR6AP9IxV
GphImZ2mp72pj7NW/hblD9F3Uc+/FGibB31Qf4pDYZge2H2MPJaUTAbBW+GELw3r
cZmC3K3CMG/XzRhmHa87lbhJ8W4ectJYmDTgWtIYra9sZgoEzmVv2J+4TpecVbjF
/NkcsAy0J5Ds
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:48 2025 by rpki-client