Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEvtRsp0ioH3diORzSbggljD2IQ.roa
File: sEvtRsp0ioH3diORzSbggljD2IQ.roa (raw, json)
Hash identifier: yt0qU4sNDB4ID2oL+OT2MTlqcfp6xVjCrgqqxjyhFKo=
Subject key identifier: B0:4B:ED:46:CA:74:8A:81:F7:76:23:91:CD:26:E0:82:58:C3:D8:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190081298A92881D3E56E3CD81955F79563
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEvtRsp0ioH3diORzSbggljD2IQ.roa
Signing time: Tue 11 Jun 2024 16:12:34 +0000
ROA not before: Tue 11 Jun 2024 16:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.58.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Jun 2024 19:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:12:98:a9:28:81:d3:e5:6e:3c:d8:19:55:f7:95:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 11 16:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b04bed46ca748a81f7762391cd26e08258c3d884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:f8:49:2d:8d:fe:2e:9b:6e:67:d8:4b:31:
9a:81:bf:ac:32:7e:ed:59:57:18:55:6d:71:de:c9:
28:77:36:59:52:5d:12:5b:61:0e:28:56:09:40:79:
6f:9c:64:16:f9:a8:91:2b:1e:65:57:ef:01:55:3d:
71:ae:6d:d6:b6:91:a2:de:25:90:af:64:74:fe:cd:
0a:3b:af:04:d3:54:2a:2d:00:05:1b:03:2d:23:cc:
a2:cc:01:84:0b:ad:81:6a:2c:1c:09:04:f3:a2:7b:
77:bd:cb:7e:97:a1:59:f4:a8:b5:58:1a:11:d2:a2:
a4:08:aa:d2:d2:70:59:63:f9:af:50:a9:d7:4f:4c:
98:22:50:ca:7f:fb:a6:eb:c6:19:7d:7b:ac:e0:4c:
47:1a:76:b2:82:24:e0:6e:a9:e7:ba:be:a8:71:7c:
78:af:a5:ba:71:32:54:7b:f7:04:b1:de:95:d7:b3:
cc:d1:eb:cd:0d:46:cb:06:2a:af:e1:89:4d:37:98:
c9:ca:c1:49:ff:7e:75:9f:7e:31:1d:00:04:98:e0:
31:12:55:4e:99:72:89:6e:57:a2:fa:09:4a:ba:47:
d5:26:a9:73:08:83:f0:b8:ba:8a:4d:6d:bc:26:da:
cb:d8:21:79:6f:bc:70:15:a8:9f:ba:6d:c5:bb:ea:
f2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4B:ED:46:CA:74:8A:81:F7:76:23:91:CD:26:E0:82:58:C3:D8:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEvtRsp0ioH3diORzSbggljD2IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.225.0/24
82.153.239.0/24
89.213.43.0/24
89.213.98.0/24
89.213.145.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.32.0/19
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.58.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
61:70:1c:3b:ef:06:e3:d6:95:f8:b4:c6:b2:9c:23:51:79:c8:
95:b8:33:f9:02:11:88:16:b8:48:dc:91:32:b0:a9:a0:f8:ac:
fc:a5:5e:b7:75:01:1e:c1:3d:1a:2e:d1:73:61:a7:66:bb:b7:
cc:89:83:64:67:90:60:eb:04:ed:3f:d5:7f:a6:dd:ba:ff:ca:
40:ff:4f:cb:14:d0:83:1d:e1:98:48:46:6e:06:b7:08:5f:71:
bd:0f:0a:68:3f:15:d4:37:1f:b1:ed:ba:af:02:05:9e:c0:6b:
de:97:1d:55:43:74:be:f2:1e:5a:e6:10:be:77:d0:b4:56:95:
8b:f5:e8:8b:51:97:24:88:c6:29:2a:69:4a:7c:e0:b7:73:bf:
f2:44:60:6d:2f:bd:73:e9:43:85:32:e8:33:7a:c7:17:d9:52:
5f:a0:93:f0:0b:78:cc:d9:06:10:25:61:a3:2e:5a:33:35:8a:
0a:a5:5e:4d:16:c0:a0:95:df:73:0d:0a:d0:dc:25:48:7f:01:
a5:13:50:15:22:51:a1:1e:c7:1a:02:de:f6:0d:9f:42:0a:0f:
30:cb:45:ef:9d:b1:f6:58:1a:e8:d3:76:60:02:fd:83:91:e6:
9e:1f:41:20:fc:e4:57:fa:6a:a8:7b:8d:d6:60:dd:98:13:1c:
e7:4e:8e:db
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZAIEpipKIHT5W482BlV95VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjExMTYxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRiZWQ0NmNhNzQ4YTgxZjc3NjIzOTFjZDI2ZTA4MjU4YzNkODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3j4SS2N/i6bbmfYSzGagb+sMn7t
WVcYVW1x3skodzZZUl0SW2EOKFYJQHlvnGQW+aiRKx5lV+8BVT1xrm3WtpGi3iWQ
r2R0/s0KO68E01QqLQAFGwMtI8yizAGEC62BaiwcCQTzont3vct+l6FZ9Ki1WBoR
0qKkCKrS0nBZY/mvUKnXT0yYIlDKf/um68YZfXus4ExHGnaygiTgbqnnur6ocXx4
r6W6cTJUe/cEsd6V17PM0evNDUbLBiqv4YlNN5jJysFJ/351n34xHQAEmOAxElVO
mXKJblei+glKukfVJqlzCIPwuLqKTW28JtrL2CF5b7xwFaifum3Fu+rygwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFLBL7UbKdIqB93Yjkc0m4IJYw9iEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0V2dFJzcDBpb0gzZGlPUnpTYmdnbGpEMklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZ4QMEAFKZ7wMEAFnVKwMEAFnVYgME
AFnVkQMEAFnVoTAMAwQDWdXoAwQBWdXsAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKV
AwQA1dI6AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQBhcBw77wbj1pX4
tMaynCNReciVuDP5AhGIFrhI3JEysKmg+Kz8pV63dQEewT0aLtFzYadmu7fMiYNk
Z5Bg6wTtP9V/pt26/8pA/0/LFNCDHeGYSEZuBrcIX3G9DwpoPxXUNx+x7bqvAgWe
wGvelx1VQ3S+8h5a5hC+d9C0VpWL9eiLUZckiMYpKmlKfOC3c7/yRGBtL71z6UOF
MugzescX2VJfoJPwC3jM2QYQJWGjLlozNYoKpV5NFsCgld9zDQrQ3CVIfwGlE1AV
IlGhHscaAt72DZ9CCg8wy0XvnbH2WBro03ZgAv2DkeaeH0Eg/ORX+mqoe43WYN2Y
ExznTo7b
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:14 2025 by rpki-client