Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/s9Gt_mAukQwvHwPpXmSbq01YebY.roa
File: s9Gt_mAukQwvHwPpXmSbq01YebY.roa (raw, json)
Hash identifier: H9B7PQpnjbPtOcKTWphzQHQJt9Qx1hcDYaZZlrTjt6c=
Subject key identifier: B3:D1:AD:FE:60:2E:91:0C:2F:1F:03:E9:5E:64:9B:AB:4D:58:79:B6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019108E5D2BCBFF52D361C968672059A33A0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/s9Gt_mAukQwvHwPpXmSbq01YebY.roa
Signing time: Wed 31 Jul 2024 13:06:04 +0000
ROA not before: Wed 31 Jul 2024 13:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
194.105.76.0/22 maxlen: 24
213.130.132.0/22 maxlen: 22
213.210.52.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 03 Oct 2024 16:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:e5:d2:bc:bf:f5:2d:36:1c:96:86:72:05:9a:33:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 31 13:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3d1adfe602e910c2f1f03e95e649bab4d5879b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:e2:e6:a2:00:e7:ac:73:97:f3:08:69:bb:
ac:0c:4b:78:05:83:52:52:3b:15:81:84:60:e3:70:
e6:66:44:b1:1c:59:4d:b3:de:f9:86:84:f5:54:1d:
56:fe:ff:f2:9d:a2:7c:aa:f7:1b:14:10:8d:ad:08:
22:09:c8:ee:d5:dd:a3:3d:62:e0:f4:76:dd:e9:e3:
cc:eb:1e:51:3c:d2:ca:09:bf:dc:6e:52:0d:5f:53:
15:61:33:fd:67:2f:4b:0a:83:5d:8b:42:7e:b8:6a:
40:f0:85:c5:24:ba:23:19:26:9d:97:7f:5f:8a:57:
4a:d5:97:42:31:d1:0d:79:4c:84:08:ad:80:ed:80:
94:df:4f:a4:90:01:be:da:73:4a:02:75:3a:41:44:
ed:ce:9a:4a:f7:60:b9:e5:97:06:66:9c:b4:16:cc:
ee:14:6d:57:bb:44:e5:28:a2:5d:b8:20:52:65:4b:
eb:ba:0d:5a:c9:40:1c:86:b5:4a:7c:43:c9:c5:d5:
0d:3c:37:f1:36:c4:a5:89:1b:16:67:f6:13:75:02:
e0:01:ea:9b:6b:c9:5a:2d:37:2e:aa:ce:e4:30:8b:
03:34:7a:e3:a7:c2:34:7d:e3:e7:7a:9f:82:a7:98:
d1:fa:bf:16:69:0c:eb:a1:f1:54:b1:bf:6a:ab:7c:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D1:AD:FE:60:2E:91:0C:2F:1F:03:E9:5E:64:9B:AB:4D:58:79:B6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/s9Gt_mAukQwvHwPpXmSbq01YebY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
194.105.76.0/22
213.130.132.0/22
213.210.52.0/22
213.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
17:eb:d4:52:96:6c:6f:f9:7c:60:8b:09:8e:70:c7:a4:69:03:
8d:eb:fd:84:ad:94:82:6f:fb:46:93:ba:b5:64:f1:63:aa:9d:
ae:b3:ff:bc:73:be:3e:8b:9e:d0:a3:02:f0:8b:1c:4e:6b:ed:
2a:a5:f5:1e:ae:68:de:ad:e4:d8:e5:28:e6:5d:5b:66:4e:24:
07:29:43:79:1a:b0:76:6a:bc:f0:83:79:88:d4:94:70:59:cf:
fd:f4:c9:a9:75:b3:5b:a0:de:bf:89:38:35:02:75:08:e3:2d:
c5:ea:44:85:0b:d8:4c:a7:d8:ed:90:68:27:4f:a6:16:be:dd:
99:b0:c0:66:30:e8:cc:bf:96:f2:1b:e5:c2:b2:aa:d4:de:a3:
1e:b5:83:35:15:f3:4e:72:ab:81:ea:42:82:77:c9:6a:8f:41:
b2:a6:56:b8:ca:2c:35:16:48:fd:31:bd:0b:81:99:3a:cc:d9:
e6:67:97:45:98:b6:34:43:86:1a:94:ff:48:4c:07:24:f6:4b:
d5:42:05:b1:0b:e5:c8:bc:9e:e5:20:33:27:25:bc:25:d4:fb:
7a:2c:6e:bb:31:03:c5:68:39:3c:ac:cc:6b:5d:1a:a4:94:93:
21:c7:32:74:32:3e:39:19:b3:c4:f7:1b:8d:9a:41:e6:db:55:
a5:00:06:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEI5dK8v/UtNhyWhnIFmjOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzMxMTMwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2QxYWRmZTYwMmU5MTBjMmYxZjAzZTk1ZTY0OWJhYjRkNTg3OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15Pi5qIA56xzl/MIabusDEt4BYNS
UjsVgYRg43DmZkSxHFlNs975hoT1VB1W/v/ynaJ8qvcbFBCNrQgiCcju1d2jPWLg
9Hbd6ePM6x5RPNLKCb/cblINX1MVYTP9Zy9LCoNdi0J+uGpA8IXFJLojGSadl39f
ildK1ZdCMdENeUyECK2A7YCU30+kkAG+2nNKAnU6QUTtzppK92C55ZcGZpy0Fszu
FG1Xu0TlKKJduCBSZUvrug1ayUAchrVKfEPJxdUNPDfxNsSliRsWZ/YTdQLgAeqb
a8laLTcuqs7kMIsDNHrjp8I0fePnep+Cp5jR+r8WaQzrofFUsb9qq3wU2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLPRrf5gLpEMLx8D6V5km6tNWHm2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvczlHdF9tQXVrUXd2SHdQcFhtU2JxMDFZZWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUpnYAwQC
wmlMAwQC1YKEAwQC1dI0AwQC1dr0MA0GCSqGSIb3DQEBCwUAA4IBAQAX69RSlmxv
+XxgiwmOcMekaQON6/2ErZSCb/tGk7q1ZPFjqp2us/+8c74+i57QowLwixxOa+0q
pfUermjereTY5SjmXVtmTiQHKUN5GrB2arzwg3mI1JRwWc/99MmpdbNboN6/iTg1
AnUI4y3F6kSFC9hMp9jtkGgnT6YWvt2ZsMBmMOjMv5byG+XCsqrU3qMetYM1FfNO
cquB6kKCd8lqj0Gypla4yiw1Fkj9Mb0LgZk6zNnmZ5dFmLY0Q4YalP9ITAck9kvV
QgWxC+XIvJ7lIDMnJbwl1Pt6LG67MQPFaDk8rMxrXRqklJMhxzJ0Mj45GbPE9xuN
mkHm21WlAAY6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:05 2025 by rpki-client