Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rvUIZRkse3wnY6R1nQzj7ntzT-M.roa
File: rvUIZRkse3wnY6R1nQzj7ntzT-M.roa (raw, json)
Hash identifier: FQjVZ4aI3H8R2EoTGHQEoFFLcuqwIkfFBUg1NvuxQv0=
Subject key identifier: AE:F5:08:65:19:2C:7B:7C:27:63:A4:75:9D:0C:E3:EE:7B:73:4F:E3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F38E0F2B35D8E88E72F5E9BFD91741CD6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rvUIZRkse3wnY6R1nQzj7ntzT-M.roa
Signing time: Thu 02 May 2024 10:36:57 +0000
ROA not before: Thu 02 May 2024 10:36:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 13:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:e0:f2:b3:5d:8e:88:e7:2f:5e:9b:fd:91:74:1c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 2 10:36:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aef50865192c7b7c2763a4759d0ce3ee7b734fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fd:74:13:a1:de:b6:fb:76:38:7b:d3:91:3d:
24:8e:57:c1:5f:4d:cc:28:2a:93:60:07:68:d5:c5:
f3:69:c5:57:1e:c4:69:9a:67:1b:e2:3c:a5:34:7f:
54:d8:38:57:c8:e1:9c:9f:e5:30:5b:a6:dc:0e:40:
28:73:c0:64:e8:bf:a3:40:54:06:ad:02:d7:c3:96:
07:44:57:a5:42:e6:99:96:90:70:96:67:f9:91:3b:
e4:1d:23:5c:3b:1a:dc:61:4a:4f:5e:03:aa:a2:ce:
1c:58:d2:7e:f3:d0:5e:1c:1b:62:cc:9d:38:89:5b:
35:b3:e2:09:3a:20:ef:d5:83:6c:5e:4f:1c:94:8e:
44:53:ea:1e:f8:d6:5b:4a:1f:ce:25:0d:70:70:4e:
53:1f:87:df:e3:21:24:cb:9e:b0:b7:d6:7f:bd:55:
69:70:44:f5:38:54:71:d8:39:4d:5d:a2:c1:10:82:
73:84:74:79:8a:31:ed:78:7a:a7:63:60:59:82:b4:
5d:bc:9a:33:94:83:d9:09:5f:17:be:c7:7e:79:e7:
be:a6:62:36:f3:77:9b:13:89:fc:ab:da:25:3b:52:
93:f6:b0:3d:18:06:f8:7f:8c:5d:ba:a7:35:0c:c7:
0c:90:b7:2e:5b:0c:18:2b:2e:b5:ec:78:20:c7:95:
9b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F5:08:65:19:2C:7B:7C:27:63:A4:75:9D:0C:E3:EE:7B:73:4F:E3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rvUIZRkse3wnY6R1nQzj7ntzT-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
213.130.149.0/24
213.218.210.0/23
213.218.213.0/24
213.218.234.0/24
213.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
09:2f:3d:be:65:bb:ef:d1:3a:43:1b:4d:4f:dd:d9:55:bf:76:
24:f1:04:30:75:11:fc:c4:5c:b1:19:f1:9a:df:6f:5b:18:27:
8b:33:8d:fb:4b:14:24:8d:9c:0b:aa:44:5d:6c:e0:3d:06:7e:
d8:11:86:98:0f:ec:e7:d2:f1:b7:fa:81:4d:a5:1f:76:b1:5b:
69:8c:c5:df:9b:44:ec:4d:57:ba:2a:b3:e5:d3:f1:00:16:b2:
22:3b:67:cd:a2:63:04:17:8b:b7:a2:ad:de:a4:f8:35:4f:02:
f6:38:63:ca:2e:be:02:3a:7f:2b:18:51:bb:ef:cf:01:6a:44:
fe:5c:4f:36:c6:df:a8:cb:7b:96:f7:5d:f3:97:af:f2:99:e3:
a7:9a:ac:77:53:58:86:d9:a7:58:58:0a:df:e0:a8:0f:98:5f:
71:45:81:92:3f:49:73:b4:64:cd:be:cc:f4:92:08:e7:11:35:
93:75:d0:e2:35:9d:61:7c:2d:0f:f6:26:3d:c7:90:cf:ad:68:
40:de:78:2a:7b:ba:01:0b:42:cb:90:3a:ef:66:3a:3f:14:9c:
9b:e3:06:83:50:7d:31:12:c2:29:03:ba:41:ac:41:41:4c:67:
08:ce:11:d1:cc:6f:e7:c3:13:48:c6:75:54:19:51:f5:bb:b5:
09:2b:36:48
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY844PKzXY6I5y9em/2RdBzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAyMTAzNjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWY1MDg2NTE5MmM3YjdjMjc2M2E0NzU5ZDBjZTNlZTdiNzM0ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf10E6Hetvt2OHvTkT0kjlfBX03M
KCqTYAdo1cXzacVXHsRpmmcb4jylNH9U2DhXyOGcn+UwW6bcDkAoc8Bk6L+jQFQG
rQLXw5YHRFelQuaZlpBwlmf5kTvkHSNcOxrcYUpPXgOqos4cWNJ+89BeHBtizJ04
iVs1s+IJOiDv1YNsXk8clI5EU+oe+NZbSh/OJQ1wcE5TH4ff4yEky56wt9Z/vVVp
cET1OFRx2DlNXaLBEIJzhHR5ijHteHqnY2BZgrRdvJozlIPZCV8Xvsd+eee+pmI2
83ebE4n8q9olO1KT9rA9GAb4f4xduqc1DMcMkLcuWwwYKy617Hggx5WbVQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFK71CGUZLHt8J2OkdZ0M4+57c0/jMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcnZVSVpSa3NlM3duWTZSMW5Remo3bnR6VC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUah+AwQB
UpiwAwQCUpmIAwQAUpn1MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBANtsBAD
BAG5MX4DBATCaVADBADVgpUDBAHV2tIDBADV2tUDBADV2uoDBADV2uwwDQYJKoZI
hvcNAQELBQADggEBAAkvPb5lu+/ROkMbTU/d2VW/diTxBDB1EfzEXLEZ8Zrfb1sY
J4szjftLFCSNnAuqRF1s4D0GftgRhpgP7OfS8bf6gU2lH3axW2mMxd+bROxNV7oq
s+XT8QAWsiI7Z82iYwQXi7eird6k+DVPAvY4Y8ouvgI6fysYUbvvzwFqRP5cTzbG
36jLe5b3XfOXr/KZ46earHdTWIbZp1hYCt/gqA+YX3FFgZI/SXO0ZM2+zPSSCOcR
NZN10OI1nWF8LQ/2Jj3HkM+taEDeeCp7ugELQsuQOu9mOj8UnJvjBoNQfTESwikD
ukGsQUFMZwjOEdHMb+fDE0jGdVQZUfW7tQkrNkg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:25 2025 by rpki-client