Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rXn4sCnKmK-xguJCHa-BFFPd0-Q.roa
File: rXn4sCnKmK-xguJCHa-BFFPd0-Q.roa (raw, json)
Hash identifier: eOCJkmjhfvRYgS+ScTs5dfYFobW3yZb9u9jrqjHw+fU=
Subject key identifier: AD:79:F8:B0:29:CA:98:AF:B1:82:E2:42:1D:AF:81:14:53:DD:D3:E4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB3C9920D7E6ABD99F1D4AF48FAA90B28
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rXn4sCnKmK-xguJCHa-BFFPd0-Q.roa
Signing time: Sun 26 May 2024 07:24:42 +0000
ROA not before: Sun 26 May 2024 07:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.40.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.248.0/23 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.76.0/22 maxlen: 22
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:c9:92:0d:7e:6a:bd:99:f1:d4:af:48:fa:a9:0b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 07:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad79f8b029ca98afb182e2421daf811453ddd3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:7b:1b:83:12:b9:db:0c:24:ec:1b:92:1d:
78:0b:d1:01:60:71:23:4b:ad:9c:3e:92:64:38:7a:
31:91:54:fc:38:90:79:ce:45:ca:26:03:b2:98:93:
a0:90:d1:64:61:7b:79:36:ed:0f:69:ce:6f:f0:e7:
3a:b7:dc:6b:bb:f9:da:db:58:01:9c:de:f0:29:4e:
b6:50:44:85:65:95:f3:10:62:c3:fe:7c:22:db:53:
a3:49:47:c6:2f:fd:6a:6e:03:ad:a0:26:49:58:a1:
8f:91:dc:99:be:52:05:0a:cd:9f:91:92:c7:8e:d0:
5a:88:c9:04:8f:4a:f8:e5:6a:c8:39:17:0f:e0:86:
37:6e:84:4f:5a:aa:6d:51:e9:55:93:63:1b:f1:26:
0a:00:26:c4:0c:e9:ef:7f:17:b2:b2:99:2d:51:5f:
91:eb:85:6b:f8:3a:8b:e1:8f:bb:19:9c:d0:69:f9:
45:f2:d7:2a:83:09:1c:6c:c6:02:79:45:1b:5e:e9:
c5:d9:43:a9:5b:6a:af:d9:71:89:e4:07:02:a9:85:
95:1d:85:60:28:02:45:88:44:36:ab:56:2f:2e:ec:
5b:3c:00:fc:6b:67:08:30:32:d8:47:70:99:bf:13:
e8:25:6f:75:fc:ee:da:53:cb:c1:20:79:63:b5:5b:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:79:F8:B0:29:CA:98:AF:B1:82:E2:42:1D:AF:81:14:53:DD:D3:E4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rXn4sCnKmK-xguJCHa-BFFPd0-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.40.0/24
89.213.98.0/24
89.213.146.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
89.213.248.0/23
109.176.16.0/21
185.49.126.0/23
194.105.76.0-194.105.95.255
213.130.130.0/24
213.130.149.0/24
213.218.210.0/23
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
67:49:76:ce:45:4f:a5:11:f3:82:a9:56:07:1f:6e:20:33:fe:
72:bf:01:87:9d:a8:fb:12:88:a5:58:90:4f:9c:c2:4e:c0:22:
e4:0e:09:3c:ad:00:e8:ba:b3:99:49:69:2c:d7:2d:18:05:5d:
aa:79:95:74:0d:5b:26:c3:0c:db:a1:f9:51:e0:5c:32:8f:69:
64:a8:a4:28:09:9b:7a:58:90:af:76:36:6a:8f:d0:13:fd:d3:
92:c9:11:8c:1e:2c:33:41:2a:79:a0:45:4c:86:aa:1c:2a:0e:
af:fd:8f:16:41:4b:44:86:7e:60:7a:29:41:1c:95:a0:2d:e0:
20:17:e4:22:17:4e:18:57:1a:34:66:b1:c0:86:b7:76:54:74:
cf:61:bf:ec:73:fe:3f:52:ca:24:85:de:a8:75:fd:b5:f5:ff:
ed:2b:24:4e:7f:b2:9e:6c:64:e6:84:71:7f:45:1e:36:3c:5a:
0d:de:26:bb:d1:81:2d:7d:dd:22:da:49:06:bf:e1:0c:cb:4f:
33:e2:f6:a6:30:12:62:49:38:83:6a:7a:a3:bf:02:87:51:12:
63:67:12:52:57:e5:d7:06:b9:13:68:fc:8e:80:32:e7:19:a2:
42:f1:95:75:7b:93:3e:ba:08:d5:b4:80:f8:5b:3d:51:41:7f:
d5:3a:7a:3c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY+zyZINfmq9mfHUr0j6qQsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI2MDcyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc5ZjhiMDI5Y2E5OGFmYjE4MmUyNDIxZGFmODExNDUzZGRkM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLt7G4MSudsMJOwbkh14C9EBYHEj
S62cPpJkOHoxkVT8OJB5zkXKJgOymJOgkNFkYXt5Nu0Pac5v8Oc6t9xru/na21gB
nN7wKU62UESFZZXzEGLD/nwi21OjSUfGL/1qbgOtoCZJWKGPkdyZvlIFCs2fkZLH
jtBaiMkEj0r45WrIORcP4IY3boRPWqptUelVk2Mb8SYKACbEDOnvfxeyspktUV+R
64Vr+DqL4Y+7GZzQaflF8tcqgwkcbMYCeUUbXunF2UOpW2qv2XGJ5AcCqYWVHYVg
KAJFiEQ2q1YvLuxbPAD8a2cIMDLYR3CZvxPoJW91/O7aU8vBIHljtVuorwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFK15+LApypivsYLiQh2vgRRT3dPkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvclhuNHNDbkttSy14Z3VKQ0hhLUJGRlBkMC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAVKY
sAMEAlKZiAMEAFnVKAMEAFnVYgMEAFnVkjAMAwQCWdWUAwQFWdWAAwQCWdWsMAwD
BAJZ1cQDBARZ1cADBANZ1egDBAFZ1fgDBANtsBADBAG5MX4wDAMEAsJpTAMEBcJp
QAMEANWCggMEANWClQMEAdXa0gMEANXa5zANBgkqhkiG9w0BAQsFAAOCAQEAZ0l2
zkVPpRHzgqlWBx9uIDP+cr8Bh52o+xKIpViQT5zCTsAi5A4JPK0A6LqzmUlpLNct
GAVdqnmVdA1bJsMM26H5UeBcMo9pZKikKAmbeliQr3Y2ao/QE/3TkskRjB4sM0Eq
eaBFTIaqHCoOr/2PFkFLRIZ+YHopQRyVoC3gIBfkIhdOGFcaNGaxwIa3dlR0z2G/
7HP+P1LKJIXeqHX9tfX/7SskTn+ynmxk5oRxf0UeNjxaDd4mu9GBLX3dItpJBr/h
DMtPM+L2pjASYkk4g2p6o78Ch1ESY2cSUlfl1wa5E2j8joAy5xmiQvGVdXuTProI
1bSA+Fs9UUF/1Tp6PA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:09 2025 by rpki-client