Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tN92y_ai6YarRQZxtcrm11mwzlQ.roa
File: tN92y_ai6YarRQZxtcrm11mwzlQ.roa (raw, json)
Hash identifier: S2/KZxs+sq+vNzoMon2XLo6aNJsqLXPnpXnT3OzOSp0=
Subject key identifier: B4:DF:76:CB:F6:A2:E9:86:AB:45:06:71:B5:CA:E6:D7:59:B0:CE:54
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019349C335450DAD6A90717E591A848E509E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tN92y_ai6YarRQZxtcrm11mwzlQ.roa
Signing time: Wed 20 Nov 2024 13:29:10 +0000
ROA not before: Wed 20 Nov 2024 13:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.105.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.226.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 11:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:c3:35:45:0d:ad:6a:90:71:7e:59:1a:84:8e:50:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 20 13:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4df76cbf6a2e986ab450671b5cae6d759b0ce54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:4b:eb:2b:41:1f:13:48:e0:62:96:e7:5a:
9d:42:bc:5c:2b:30:7f:9a:16:76:ec:bc:b7:96:b9:
b4:60:42:5e:d0:33:4e:f6:75:ee:16:85:6c:15:83:
03:eb:f1:87:9e:e0:4d:d6:5d:5c:6d:2e:bd:d5:6c:
39:45:50:79:b7:3a:c8:33:89:63:da:e1:f1:ad:18:
ae:df:27:26:35:0f:a3:15:36:b1:99:a0:7a:cf:3e:
1e:dc:89:fd:c8:28:29:58:0e:44:58:de:38:4e:1f:
4d:f3:2d:ec:cb:44:d3:f0:ec:88:96:e5:92:ff:80:
59:76:a8:7a:c4:aa:3b:b4:55:6c:24:c6:43:a8:cd:
b8:3c:5d:91:a6:e4:a8:07:4d:8a:51:44:c9:58:9c:
b6:dd:90:d8:0f:4d:4a:22:76:2f:24:e6:84:ba:3d:
9f:8d:58:04:29:a8:44:ba:45:81:c2:8d:ce:7d:5b:
56:70:d7:17:fa:92:e6:55:75:bc:08:6d:67:4e:38:
de:5c:12:7d:35:11:19:04:7c:48:ed:af:0f:ab:cc:
f1:e1:78:1d:70:5e:1e:81:21:fa:6c:d5:3b:3c:88:
58:0d:1a:f0:87:16:b1:91:31:be:4b:4b:b3:a1:1a:
88:f2:51:cc:17:a7:f2:c6:50:b2:77:19:51:d0:4a:
56:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DF:76:CB:F6:A2:E9:86:AB:45:06:71:B5:CA:E6:D7:59:B0:CE:54
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tN92y_ai6YarRQZxtcrm11mwzlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.105.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.226.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:00:a9:b8:bb:ab:1c:9a:67:92:03:42:11:66:17:02:fe:33:
57:5f:47:bd:0a:6c:f3:61:dd:df:ec:36:1d:69:51:eb:c3:a1:
fb:2f:1e:cd:0b:a2:5e:15:4f:c7:88:23:16:23:a0:80:01:dd:
ab:f5:c0:d3:57:2a:53:39:40:63:ca:80:fe:a1:e8:36:9f:7d:
e1:1b:a4:88:5b:e8:94:b7:9d:5d:3d:a2:0f:3f:61:e7:2f:60:
60:99:d5:fe:16:04:d0:d7:a1:39:f4:90:bc:b2:bc:bc:01:ca:
30:36:b9:d6:ce:4d:53:17:18:5a:39:99:dd:ac:2e:41:24:5e:
cf:5e:45:2a:93:dc:99:ab:5d:2d:86:4a:93:7f:4c:f1:d4:3c:
f4:df:68:6a:2c:9f:f1:c4:58:7c:03:ec:7a:fc:6f:ce:0e:c4:
af:7c:f8:5c:31:df:cc:06:77:19:7c:2e:88:6c:32:3e:76:62:
b5:34:6d:80:c9:5f:18:ca:f3:36:9b:10:b4:f6:4b:62:22:c2:
e1:37:0f:7a:58:8c:83:20:d2:55:55:80:fe:ed:87:04:2d:85:
48:59:2d:1d:15:f9:99:88:e2:b6:98:09:5a:a9:cf:22:da:60:
e0:3f:a3:1f:1f:b7:ac:da:f6:00:de:93:20:49:b1:9c:c9:bb:
5d:b3:ca:85
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZNJwzVFDa1qkHF+WRqEjlCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTIwMTMyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGRmNzZjYmY2YTJlOTg2YWI0NTA2NzFiNWNhZTZkNzU5YjBjZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtxL6ytBHxNI4GKW51qdQrxcKzB/
mhZ27Ly3lrm0YEJe0DNO9nXuFoVsFYMD6/GHnuBN1l1cbS691Ww5RVB5tzrIM4lj
2uHxrRiu3ycmNQ+jFTaxmaB6zz4e3In9yCgpWA5EWN44Th9N8y3sy0TT8OyIluWS
/4BZdqh6xKo7tFVsJMZDqM24PF2RpuSoB02KUUTJWJy23ZDYD01KInYvJOaEuj2f
jVgEKahEukWBwo3OfVtWcNcX+pLmVXW8CG1nTjjeXBJ9NREZBHxI7a8Pq8zx4Xgd
cF4egSH6bNU7PIhYDRrwhxaxkTG+S0uzoRqI8lHMF6fyxlCydxlR0EpW7wIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFLTfdsv2oumGq0UGcbXK5tdZsM5UMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdE45MnlfYWk2WWFyUlFaeHRjcm0xMW13emxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1WkDBABZ1YEDBABZ
1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWn
AwQCWdWsMAwDBAJZ1cQDBARZ1cADBABZ1eIwDAMEAlnV5AMEBFnV4AMEA22wEAME
Am2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAMEANXa0zAMAwQA2ZFB
AwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQB9AKm4u6scmmeSA0IRZhcC
/jNXX0e9CmzzYd3f7DYdaVHrw6H7Lx7NC6JeFU/HiCMWI6CAAd2r9cDTVypTOUBj
yoD+oeg2n33hG6SIW+iUt51dPaIPP2HnL2BgmdX+FgTQ16E59JC8sry8AcowNrnW
zk1TFxhaOZndrC5BJF7PXkUqk9yZq10thkqTf0zx1Dz032hqLJ/xxFh8A+x6/G/O
DsSvfPhcMd/MBncZfC6IbDI+dmK1NG2AyV8YyvM2mxC09ktiIsLhNw96WIyDINJV
VYD+7YcELYVIWS0dFfmZiOK2mAlaqc8i2mDgP6MfH7es2vYA3pMgSbGcybtds8qF
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:41 2025 by rpki-client