Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tVsbrhwmb1GZLspqAMKzMEyoCxs.roa
File: tVsbrhwmb1GZLspqAMKzMEyoCxs.roa (raw, json)
Hash identifier: Rjchs0we3CalJgzhVQO8BnmC1nl3FITDxckM0p2D5PE=
Subject key identifier: B5:5B:1B:AE:1C:26:6F:51:99:2E:CA:6A:00:C2:B3:30:4C:A8:0B:1B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01911D4FA707AC5AE63127218EDED5BFB633
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tVsbrhwmb1GZLspqAMKzMEyoCxs.roa
Signing time: Sun 04 Aug 2024 12:14:04 +0000
ROA not before: Sun 04 Aug 2024 12:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.127.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.210.39.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 08:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:4f:a7:07:ac:5a:e6:31:27:21:8e:de:d5:bf:b6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 4 12:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b55b1bae1c266f51992eca6a00c2b3304ca80b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0b:f9:aa:1e:a6:f5:61:37:66:da:ed:3d:54:
95:d7:95:f4:d7:c0:96:e3:bb:6c:39:33:2e:4d:19:
19:fa:ba:54:3f:ec:2e:c7:f6:15:7c:f3:fc:81:c5:
77:b8:2c:3d:12:e4:50:0c:a8:cd:fe:84:9e:5c:c7:
70:ad:ef:c8:ff:80:31:c4:e6:71:4a:7a:6d:55:ee:
35:1a:b4:f3:99:58:ec:e8:c8:9d:e3:53:68:56:db:
12:7e:dc:73:37:67:bd:41:cd:44:72:08:ba:40:be:
7f:80:39:6c:01:fb:57:b1:69:2d:b7:a7:b2:0e:f7:
73:f3:0a:97:a8:58:dd:94:74:09:9f:6c:f0:38:89:
7b:ac:58:fa:24:5a:2f:a4:d1:ef:3e:f3:a5:f3:e9:
98:6d:6c:52:61:43:92:aa:11:31:90:26:17:06:5a:
58:0a:d2:be:64:5e:d9:75:e1:94:f4:70:77:8a:d8:
3a:8d:d6:b6:bb:a9:74:88:23:bc:0d:1a:14:e5:2d:
8e:3f:8e:80:9b:98:37:10:2f:97:72:0d:a8:31:55:
37:06:b5:e3:b8:d3:ee:72:6b:e6:8c:af:19:b9:74:
4a:99:34:b4:2b:fb:e7:80:d1:25:69:c7:e9:04:cb:
96:6d:59:df:27:4c:a8:a8:d9:13:0f:aa:a4:24:a9:
ac:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5B:1B:AE:1C:26:6F:51:99:2E:CA:6A:00:C2:B3:30:4C:A8:0B:1B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tVsbrhwmb1GZLspqAMKzMEyoCxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.98.0/24
82.153.220.0/24
82.153.255.0/24
82.163.10.0/23
89.213.127.0/24
109.176.14.0/24
109.176.30.0/24
109.176.208.0/24
213.210.39.0/24
213.218.210.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
54:46:78:fd:84:f4:eb:88:d6:4f:af:b4:55:47:da:34:47:fd:
e8:d4:b3:51:d9:57:98:d5:1d:fd:9a:36:b7:b8:20:73:ed:72:
c0:3f:1d:25:1d:2c:74:5b:57:fd:01:8b:3b:ea:74:3c:09:2c:
65:60:5a:44:90:18:21:35:f4:c3:08:c0:70:19:fb:34:43:b6:
f1:28:c9:4d:76:cb:e9:22:34:26:02:3c:fc:61:10:2f:48:6b:
b1:d4:22:8c:13:e7:34:38:04:64:35:9c:1d:1a:43:14:13:be:
93:be:7a:60:fe:7d:35:5d:68:ea:9a:37:6c:20:17:3f:db:61:
05:cc:84:6b:5d:f5:9d:45:74:61:2f:64:b6:f7:c0:c1:f5:da:
ab:44:5a:ac:85:a3:3d:fd:c8:e5:66:13:d2:f1:23:c6:81:0d:
9a:d1:1e:53:62:a7:fa:dd:8e:c8:ff:36:bc:02:aa:c7:83:71:
eb:e4:85:d6:b0:56:a6:e2:55:00:89:fe:7c:eb:33:62:41:25:
8b:fb:eb:9a:9e:aa:63:a0:ee:b0:0c:0f:ef:2d:60:e9:e0:b6:
5e:32:be:da:4c:86:0d:8a:ab:93:eb:19:d1:85:e2:62:a1:9f:
30:fe:c4:89:92:08:c7:42:7a:52:9d:85:81:cc:3f:58:bc:ad:
07:97:f0:8a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZEdT6cHrFrmMSchjt7Vv7YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODA0MTIxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTViMWJhZTFjMjY2ZjUxOTkyZWNhNmEwMGMyYjMzMDRjYTgwYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgv5qh6m9WE3ZtrtPVSV15X018CW
47tsOTMuTRkZ+rpUP+wux/YVfPP8gcV3uCw9EuRQDKjN/oSeXMdwre/I/4AxxOZx
SnptVe41GrTzmVjs6Mid41NoVtsSftxzN2e9Qc1Ecgi6QL5/gDlsAftXsWktt6ey
Dvdz8wqXqFjdlHQJn2zwOIl7rFj6JFovpNHvPvOl8+mYbWxSYUOSqhExkCYXBlpY
CtK+ZF7ZdeGU9HB3itg6jda2u6l0iCO8DRoU5S2OP46Am5g3EC+Xcg2oMVU3BrXj
uNPucmvmjK8ZuXRKmTS0K/vngNElacfpBMuWbVnfJ0yoqNkTD6qkJKmsJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLVbG64cJm9RmS7KagDCszBMqAsbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdFZzYnJod21iMUdaTHNwcUFNS3pNRXlvQ3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUah+AwQA
UphiAwQAUpncAwQAUpn/AwQBUqMKAwQAWdV/AwQAbbAOAwQAbbAeAwQAbbDQAwQA
1dInAwQA1drSAwQA1dr4MA0GCSqGSIb3DQEBCwUAA4IBAQBURnj9hPTriNZPr7RV
R9o0R/3o1LNR2VeY1R39mja3uCBz7XLAPx0lHSx0W1f9AYs76nQ8CSxlYFpEkBgh
NfTDCMBwGfs0Q7bxKMlNdsvpIjQmAjz8YRAvSGux1CKME+c0OARkNZwdGkMUE76T
vnpg/n01XWjqmjdsIBc/22EFzIRrXfWdRXRhL2S298DB9dqrRFqshaM9/cjlZhPS
8SPGgQ2a0R5TYqf63Y7I/za8AqrHg3Hr5IXWsFam4lUAif586zNiQSWL++uanqpj
oO6wDA/vLWDp4LZeMr7aTIYNiquT6xnRheJioZ8w/sSJkgjHQnpSnYWBzD9YvK0H
l/CK
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:24 2025 by rpki-client