Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qWn9HxGQimORnvGTH4vJlrD7q0Y.roa
File: qWn9HxGQimORnvGTH4vJlrD7q0Y.roa (raw, json)
Hash identifier: WjjDeN/gVmc27NB1f6HKpjMmxcuJ0MYNQx3+0OgkRps=
Subject key identifier: A9:69:FD:1F:11:90:8A:63:91:9E:F1:93:1F:8B:C9:96:B0:FB:AB:46
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191C3F780129DF08D9C94205AD03770C2C9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qWn9HxGQimORnvGTH4vJlrD7q0Y.roa
Signing time: Thu 05 Sep 2024 20:54:22 +0000
ROA not before: Thu 05 Sep 2024 20:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.178.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.76.0/24 maxlen: 24
217.145.78.0/24 maxlen: 24
217.145.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 18:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:f7:80:12:9d:f0:8d:9c:94:20:5a:d0:37:70:c2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 5 20:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a969fd1f11908a63919ef1931f8bc996b0fbab46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a9:dd:86:aa:e7:83:8d:df:6e:f5:1f:6a:a9:
99:b5:7f:5c:dd:56:3b:1e:4e:14:d5:0f:d2:84:8f:
a0:de:05:89:ef:00:cc:86:44:4f:cd:1e:86:42:5b:
5b:c2:0e:43:20:ce:27:fa:e7:88:54:5d:bf:2e:36:
3a:eb:96:5c:08:e2:ca:61:ec:9c:47:63:30:43:6b:
1c:57:8a:9b:81:a6:0d:7e:d2:bc:1f:b8:99:52:8e:
82:e5:b7:b8:ae:dd:f9:30:76:c9:a1:49:28:03:f2:
0f:70:6b:c9:64:1b:61:d3:f5:aa:d9:34:5f:5a:84:
1e:49:46:d4:b2:82:31:7f:14:c2:c0:8d:7c:e8:7e:
2c:a0:e6:b8:f8:7a:37:61:98:6d:a3:d4:70:6a:2f:
4e:21:f8:52:77:22:cb:11:4c:3e:4e:1e:f4:36:fe:
81:d0:b0:5a:ff:f1:8d:05:0a:61:39:86:cc:29:fe:
2d:ab:65:45:ce:15:3d:b1:c4:47:d8:d9:85:5f:1f:
e6:13:29:05:ad:01:dd:d6:a0:58:6c:de:f1:06:c2:
1d:c2:d2:c5:90:c2:5c:4d:95:33:86:6d:48:4c:d9:
1e:70:70:88:b5:e5:e0:79:ff:54:50:16:08:33:c0:
4d:64:37:29:fa:9e:17:4e:35:04:97:21:ed:74:14:
ec:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:69:FD:1F:11:90:8A:63:91:9E:F1:93:1F:8B:C9:96:B0:FB:AB:46
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qWn9HxGQimORnvGTH4vJlrD7q0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0-82.152.178.255
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
63:92:41:4f:3b:fa:28:98:11:b8:b7:3b:5e:14:e1:d1:8b:1c:
bb:37:4b:76:8f:4a:75:33:06:59:3a:b1:3f:b5:3e:3f:02:fb:
7b:21:18:98:33:75:cf:e2:2c:2f:74:a4:29:0d:4b:0b:50:7f:
39:06:1e:90:8b:9c:25:f7:a4:b8:0f:a6:10:54:26:7f:d0:40:
aa:a6:82:90:9d:12:78:90:4f:fb:25:a2:f2:61:36:c7:ad:b7:
60:26:19:bc:5b:8c:97:2a:c0:27:e3:a7:0d:a6:96:ca:d7:f6:
75:f7:90:1d:c3:05:44:9c:18:57:f2:a7:99:63:5b:f0:d5:7f:
af:7f:e0:d5:c9:05:fb:61:48:41:96:1e:c5:14:ed:80:9f:ac:
68:0e:2f:cf:65:cc:ea:32:be:e2:c9:c0:da:d4:85:4e:9e:6e:
4e:d5:90:09:c4:5e:6b:a0:4a:93:03:4f:ca:83:9a:72:17:bc:
fc:a4:83:2f:13:4a:79:22:cf:25:90:4e:d8:78:d5:b2:48:d4:
04:35:80:1c:85:5e:55:79:10:7e:7a:cc:a8:2c:df:97:fc:0f:
4f:6b:d4:e6:69:15:6e:63:0f:8a:c0:df:82:ff:22:26:22:a8:
87:fc:a7:ca:d9:7c:71:b4:bf:dd:1f:a6:28:9d:7d:00:e1:56:
8e:02:74:ef
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZHD94ASnfCNnJQgWtA3cMLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA1MjA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTY5ZmQxZjExOTA4YTYzOTE5ZWYxOTMxZjhiYzk5NmIwZmJhYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6ndhqrng43fbvUfaqmZtX9c3VY7
Hk4U1Q/ShI+g3gWJ7wDMhkRPzR6GQltbwg5DIM4n+ueIVF2/LjY665ZcCOLKYeyc
R2MwQ2scV4qbgaYNftK8H7iZUo6C5be4rt35MHbJoUkoA/IPcGvJZBth0/Wq2TRf
WoQeSUbUsoIxfxTCwI186H4soOa4+Ho3YZhto9Rwai9OIfhSdyLLEUw+Th70Nv6B
0LBa//GNBQphOYbMKf4tq2VFzhU9scRH2NmFXx/mEykFrQHd1qBYbN7xBsIdwtLF
kMJcTZUzhm1ITNkecHCIteXgef9UUBYIM8BNZDcp+p4XTjUElyHtdBTsswIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKlp/R8RkIpjkZ7xkx+LyZaw+6tGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVduOUh4R1FpbU9SbnZHVEg0dkpsckQ3cTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawwDAME
BFKYsAMEAFKYsgMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnVOAMEAFnVgQME
AFnVkTAMAwQCWdWUAwQFWdWAAwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cAwDAME
AlnV5AMEBFnV4AMEA22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBjkkFP
O/oomBG4tzteFOHRixy7N0t2j0p1MwZZOrE/tT4/Avt7IRiYM3XP4iwvdKQpDUsL
UH85Bh6Qi5wl96S4D6YQVCZ/0ECqpoKQnRJ4kE/7JaLyYTbHrbdgJhm8W4yXKsAn
46cNppbK1/Z195AdwwVEnBhX8qeZY1vw1X+vf+DVyQX7YUhBlh7FFO2An6xoDi/P
ZczqMr7iycDa1IVOnm5O1ZAJxF5roEqTA0/Kg5pyF7z8pIMvE0p5Is8lkE7YeNWy
SNQENYAchV5VeRB+esyoLN+X/A9Pa9TmaRVuYw+KwN+C/yImIqiH/KfK2XxxtL/d
H6YonX0A4VaOAnTv
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:47 2025 by rpki-client