Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qlWjwi3x5MBRDO9pIivaZXHmWu8.roa
File: qlWjwi3x5MBRDO9pIivaZXHmWu8.roa (raw, json)
Hash identifier: jK/Lwa/Prp540t6s1h/GzBgtf6rzG/EHYQmA1LCcO80=
Subject key identifier: AA:55:A3:C2:2D:F1:E4:C0:51:0C:EF:69:22:2B:DA:65:71:E6:5A:EF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B0C7CB003BE6CF93526DE079696342D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qlWjwi3x5MBRDO9pIivaZXHmWu8.roa
Signing time: Sun 30 Jun 2024 21:28:18 +0000
ROA not before: Sun 30 Jun 2024 21:28:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.192.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.21.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 09:53:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:0c:7c:b0:03:be:6c:f9:35:26:de:07:96:96:34:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:28:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa55a3c22df1e4c0510cef69222bda6571e65aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:95:73:67:1b:1a:74:38:aa:87:32:40:18:
f1:7e:83:1a:7b:cc:77:59:2f:37:e3:d1:5f:e6:8e:
d4:90:14:5c:4f:63:1c:1d:8c:2e:e3:fc:2c:86:df:
a4:2b:fc:d1:cf:b9:83:54:d7:61:b3:80:fe:55:e6:
67:6e:25:f6:b9:dc:08:93:4f:82:57:01:f1:34:79:
e0:e4:d8:c3:db:13:10:9f:42:74:fd:8e:19:55:cb:
9e:1a:9d:6c:65:15:3a:f9:1e:bf:3e:33:a8:30:b7:
20:6e:27:d9:81:15:5a:e2:7d:1e:89:e4:d8:11:76:
b0:16:ed:f1:4f:41:35:10:ca:53:9b:cd:f5:ed:77:
9e:ad:b4:50:f2:47:ba:84:5a:cb:d9:51:58:37:2f:
5b:52:85:a7:ee:aa:ae:9f:23:fe:eb:86:78:0c:29:
a3:5e:94:e0:27:5e:66:08:5b:94:75:d3:ad:e3:8b:
4c:77:78:77:7b:4b:b2:7d:cb:d0:ee:e3:a7:f9:a2:
ac:c8:b2:21:c4:35:25:e9:77:bc:3d:ec:49:10:56:
51:04:d6:4f:a0:5d:44:a6:d1:e8:73:84:d3:dd:03:
15:14:be:f4:b2:e9:c0:fa:7c:31:92:91:c4:f0:58:
2c:63:9d:51:88:6c:dd:e7:6e:f9:fa:99:32:5a:03:
74:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:55:A3:C2:2D:F1:E4:C0:51:0C:EF:69:22:2B:DA:65:71:E6:5A:EF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qlWjwi3x5MBRDO9pIivaZXHmWu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.192.0/24
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
52:be:d3:de:1d:f9:46:f9:be:d2:bc:19:e2:ea:50:73:4b:03:
a7:4a:9d:36:9c:0c:95:f4:33:e5:ad:6f:fe:9a:c7:7b:84:b1:
14:aa:79:e3:86:34:6d:59:a5:3c:f1:9b:d1:d5:2f:f8:fc:95:
79:7e:00:43:cd:95:f7:c7:dd:e1:a0:f4:ec:38:18:22:8d:96:
78:36:aa:d0:f3:82:75:ec:78:93:9e:f8:f2:e7:76:ca:d6:33:
56:cd:3a:48:ec:73:3e:a4:e9:b3:fb:76:26:8b:77:fc:5b:91:
05:3d:87:4c:9e:3e:8d:e4:40:37:5d:0d:5f:9f:ee:77:00:c1:
6f:aa:c7:41:09:00:3f:2b:1c:b0:93:a2:24:12:58:83:92:5d:
5e:63:30:79:43:76:c4:00:7d:c0:c8:67:87:97:c0:d7:d3:dc:
85:ac:42:9f:5b:4a:3a:92:1b:b0:4d:19:0b:60:a8:9c:db:54:
a6:0a:21:80:e4:fa:6e:30:1f:5b:4a:d0:43:2c:d7:2a:97:bc:
36:a4:48:65:10:2d:41:80:f0:8b:65:0c:bf:c9:b8:43:e4:a4:
76:1c:58:2d:37:17:8d:50:01:e8:9a:fa:c6:07:0c:b0:83:26:
3f:07:fc:92:02:92:57:41:d9:06:bc:12:6b:b1:9c:e9:5e:83:
e6:19:3d:c8
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZBrDHywA75s+TUm3geWljQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjEyODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTU1YTNjMjJkZjFlNGMwNTEwY2VmNjkyMjJiZGE2NTcxZTY1YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB6Vc2cbGnQ4qocyQBjxfoMae8x3
WS8349Ff5o7UkBRcT2McHYwu4/wsht+kK/zRz7mDVNdhs4D+VeZnbiX2udwIk0+C
VwHxNHng5NjD2xMQn0J0/Y4ZVcueGp1sZRU6+R6/PjOoMLcgbifZgRVa4n0eieTY
EXawFu3xT0E1EMpTm8317XeerbRQ8ke6hFrL2VFYNy9bUoWn7qqunyP+64Z4DCmj
XpTgJ15mCFuUddOt44tMd3h3e0uyfcvQ7uOn+aKsyLIhxDUl6Xe8PexJEFZRBNZP
oF1EptHoc4TT3QMVFL70sunA+nwxkpHE8FgsY51RiGzd5275+pkyWgN0dQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKpVo8It8eTAUQzvaSIr2mVx5lrvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWxXandpM3g1TUJSRE85cElpdmFaWEhtV3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFSmLAD
BAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1YYwDAMEAlnVlAMEBVnVgAMEAlnVrAMEAFnV
wDAMAwQCWdXEAwQEWdXAAwQDWdXoAwQDbbAQAwQCbbDMAwQBuTF+AwQEwmlQAwQB
1CZYAwQA1drTAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBSvtPeHflG+b7SvBni
6lBzSwOnSp02nAyV9DPlrW/+msd7hLEUqnnjhjRtWaU88ZvR1S/4/JV5fgBDzZX3
x93hoPTsOBgijZZ4NqrQ84J17HiTnvjy53bK1jNWzTpI7HM+pOmz+3Ymi3f8W5EF
PYdMnj6N5EA3XQ1fn+53AMFvqsdBCQA/Kxywk6IkEliDkl1eYzB5Q3bEAH3AyGeH
l8DX09yFrEKfW0o6khuwTRkLYKic21SmCiGA5PpuMB9bStBDLNcql7w2pEhlEC1B
gPCLZQy/ybhD5KR2HFgtNxeNUAHomvrGBwywgyY/B/ySApJXQdkGvBJrsZzpXoPm
GT3I
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:21 2025 by rpki-client