Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa
File: t_W3tVyPouHnZiw8bFFDOxFm2eo.roa (raw, json)
Hash identifier: uS/P4klLticTqUxjF21Z5lWotgCH2nXWYDhtjCRav7Q=
Subject key identifier: B7:F5:B7:B5:5C:8F:A2:E1:E7:66:2C:3C:6C:51:43:3B:11:66:D9:EA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EE0C71620A1A652411274CB376B5939A8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa
Signing time: Mon 15 Apr 2024 08:02:07 +0000
ROA not before: Mon 15 Apr 2024 08:02:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.49.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.152.177.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.130.149.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 07:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:c7:16:20:a1:a6:52:41:12:74:cb:37:6b:59:39:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 15 08:02:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7f5b7b55c8fa2e1e7662c3c6c51433b1166d9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:55:6a:dc:05:2e:c5:7d:74:df:a0:29:f6:38:
02:1e:f5:f9:8c:8c:76:48:59:3e:2f:10:a0:40:e4:
9f:2f:e4:39:0a:be:31:a0:0a:1d:b4:9a:cb:df:00:
54:23:a4:24:21:9d:de:0a:87:f9:cb:64:2b:d3:09:
d2:eb:10:89:57:53:bc:0f:86:2a:3b:6a:ec:43:79:
38:b9:d7:58:99:2c:6d:d8:40:9d:8d:be:7b:9b:3f:
d2:79:58:dc:ce:61:12:61:fb:56:a4:37:ef:73:14:
8e:59:17:92:2b:94:54:d0:f7:3c:17:68:e5:13:16:
a8:af:63:3c:b5:cb:85:14:08:9d:31:22:c6:75:e2:
84:2b:30:ec:1f:9d:ff:55:0b:19:35:51:45:31:03:
59:46:a2:51:b7:44:70:2b:7e:5a:0b:8e:00:00:85:
2d:be:44:2c:b1:96:79:46:eb:7b:dc:32:5d:52:e6:
d2:1a:9f:05:b9:21:f2:ba:c9:92:c6:bf:4e:22:ec:
f6:01:72:ed:71:07:5b:84:49:42:89:81:55:8e:72:
e6:1a:cc:0a:16:c5:c8:60:5c:0f:06:a9:9f:d6:af:
b2:75:32:88:f0:3c:eb:dd:b7:b7:a3:74:08:8b:e2:
30:b9:5d:07:3c:39:01:ba:e5:1c:8a:34:09:fd:54:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F5:B7:B5:5C:8F:A2:E1:E7:66:2C:3C:6C:51:43:3B:11:66:D9:EA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t_W3tVyPouHnZiw8bFFDOxFm2eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.49.0/24
82.152.176.0/23
82.153.65.0/24
82.153.136.0/22
82.153.245.0/24
89.213.133.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.130.149.0/24
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
54:64:c1:47:bf:b6:db:6e:36:3d:da:a2:e1:17:5c:95:c1:e3:
9e:02:3c:df:32:b5:f3:55:a2:6a:c4:4b:8d:fb:67:ba:dc:ab:
a4:62:cd:3c:b0:53:dd:2a:b4:9b:d8:f1:5d:70:84:2d:21:c7:
fb:3c:5a:20:f9:40:cb:67:2f:97:a4:65:fb:4d:a3:64:ac:16:
37:00:54:ba:8a:7d:78:b0:0c:c4:c0:7a:ea:21:46:ad:26:38:
77:b1:f0:c4:e7:ba:df:e4:ce:c4:76:ef:42:0b:3d:52:eb:91:
eb:ee:75:c0:2b:62:2e:e6:f7:da:f1:36:09:81:25:31:c5:8a:
cd:29:e6:67:96:67:db:9f:e3:dc:02:7b:cc:f1:48:ce:35:a7:
de:1f:22:69:d1:07:f5:59:5f:f3:34:9e:69:8d:76:f9:ea:64:
64:d5:e0:9c:20:66:7f:5c:82:c6:4f:c0:7f:ff:a1:06:a2:ee:
2e:90:dc:b9:27:ac:51:0b:5f:79:ed:cb:c3:c3:b0:71:ba:09:
7f:c8:19:c2:77:aa:cc:10:8f:e3:1c:be:e3:31:93:e0:fc:96:
5f:38:b5:49:da:e0:b5:c9:a5:be:61:02:45:73:f6:e8:b5:4a:
08:9a:17:85:2a:dc:a1:c5:ca:e6:f6:d3:7f:4c:88:dc:7b:39:
e3:ac:01:de
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY7gxxYgoaZSQRJ0yzdrWTmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDE1MDgwMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y1YjdiNTVjOGZhMmUxZTc2NjJjM2M2YzUxNDMzYjExNjZkOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VVq3AUuxX1036Ap9jgCHvX5jIx2
SFk+LxCgQOSfL+Q5Cr4xoAodtJrL3wBUI6QkIZ3eCof5y2Qr0wnS6xCJV1O8D4Yq
O2rsQ3k4uddYmSxt2ECdjb57mz/SeVjczmESYftWpDfvcxSOWReSK5RU0Pc8F2jl
Exaor2M8tcuFFAidMSLGdeKEKzDsH53/VQsZNVFFMQNZRqJRt0RwK35aC44AAIUt
vkQssZZ5Rut73DJdUubSGp8FuSHyusmSxr9OIuz2AXLtcQdbhElCiYFVjnLmGswK
FsXIYFwPBqmf1q+ydTKI8Dzr3be3o3QIi+IwuV0HPDkBuuUcijQJ/VT1hQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLf1t7Vcj6Lh52YsPGxRQzsRZtnqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdF9XM3RWeVBvdUhuWml3OGJGRkRPeEZtMmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUpgxAwQB
UpiwAwQAUplBAwQCUpmIAwQAUpn1AwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awD
BABZ1bQDBAG5MX4DBADVgpUDBADVmCowDQYJKoZIhvcNAQELBQADggEBAFRkwUe/
tttuNj3aouEXXJXB454CPN8ytfNVomrES437Z7rcq6RizTywU90qtJvY8V1whC0h
x/s8WiD5QMtnL5ekZftNo2SsFjcAVLqKfXiwDMTAeuohRq0mOHex8MTnut/kzsR2
70ILPVLrkevudcArYi7m99rxNgmBJTHFis0p5meWZ9uf49wCe8zxSM41p94fImnR
B/VZX/M0nmmNdvnqZGTV4JwgZn9cgsZPwH//oQai7i6Q3LknrFELX3nty8PDsHG6
CX/IGcJ3qswQj+McvuMxk+D8ll84tUna4LXJpb5hAkVz9ui1SgiaF4Uq3KHFyub2
039MiNx7OeOsAd4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:08 2025 by rpki-client