Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vN7eUQ32ddVIOvIYQyCVf-L10VU.roa
File: vN7eUQ32ddVIOvIYQyCVf-L10VU.roa (raw, json)
Hash identifier: 6kxQgd1bjhENbQWa9Vst9fOU0dE7KaxpgXacww96ihc=
Subject key identifier: BC:DE:DE:51:0D:F6:75:D5:48:3A:F2:18:43:20:95:7F:E2:F5:D1:55
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019373D74DC01A92AD16B26127A4E2719678
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vN7eUQ32ddVIOvIYQyCVf-L10VU.roa
Signing time: Thu 28 Nov 2024 17:35:10 +0000
ROA not before: Thu 28 Nov 2024 17:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36530
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:d7:4d:c0:1a:92:ad:16:b2:61:27:a4:e2:71:96:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 28 17:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcdede510df675d5483af2184320957fe2f5d155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:da:31:8e:77:03:36:3c:d7:94:58:9e:23:
a7:81:ca:8c:a9:38:b9:a8:c4:d3:ca:3f:6b:39:65:
2c:f2:a5:b2:09:7f:1a:37:55:da:64:65:e9:9b:1d:
42:70:31:af:28:bf:e8:b3:0a:55:7f:9a:9d:6d:bb:
d2:e0:93:8e:e0:7a:a8:69:de:8e:d6:d0:0e:c9:a9:
0c:9a:8b:a9:bd:24:df:19:ce:ca:13:cc:46:c0:c8:
24:c1:47:9f:bd:0e:a4:bc:1d:f2:6f:6d:c5:98:84:
7b:1e:fa:00:f0:76:39:78:f9:32:8a:b2:10:af:ab:
6b:ae:1e:4d:89:39:62:6b:78:53:ca:4a:de:84:cc:
39:c3:0d:1d:18:4a:6e:90:08:ab:65:ff:f4:13:35:
5c:d4:88:99:bd:4e:17:e7:4e:00:1e:ed:37:8b:7b:
e6:27:ec:7c:6d:cc:0d:b6:d1:ed:12:20:84:8c:ea:
89:db:df:1e:37:c3:41:44:ae:26:cb:c2:aa:33:07:
48:fb:25:6f:5c:7b:99:32:be:66:ea:9c:ae:66:c5:
0c:e4:30:f8:72:03:42:bb:a1:b5:af:ad:41:6a:93:
fc:cd:f5:f9:a2:9b:6e:dc:60:fe:f8:94:45:69:32:
90:bb:a0:58:7e:9f:26:76:2a:2d:57:e8:a2:8c:1e:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DE:DE:51:0D:F6:75:D5:48:3A:F2:18:43:20:95:7F:E2:F5:D1:55
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vN7eUQ32ddVIOvIYQyCVf-L10VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:bd:ff:0a:94:65:e0:74:94:a0:e3:e7:61:54:4d:cd:31:bc:
da:d4:40:dd:83:3d:22:0d:78:c2:bf:ab:e4:13:b5:e7:e3:c3:
c3:a1:df:8f:fe:86:fb:e3:84:b0:b3:7f:05:5c:9b:d2:34:6b:
9a:8e:8d:04:61:87:2f:46:46:65:02:05:81:2e:a8:ed:32:14:
7a:ac:fb:f3:91:92:f2:cf:cf:87:5e:ea:b2:f4:07:06:5c:b7:
26:83:70:49:23:38:83:f6:37:86:21:7a:b1:dc:66:00:ce:96:
d7:87:be:47:55:4f:04:58:37:ea:9b:9e:5f:72:7e:79:2c:1a:
e9:4e:7b:2b:a2:f3:72:83:ac:6f:56:ca:af:2c:3d:3c:70:1d:
8b:5f:93:93:d9:61:c1:5d:40:87:7f:ed:b3:39:b9:7f:91:0a:
57:6c:46:35:b9:ea:90:5e:78:dc:e4:06:5a:6b:4d:5d:5d:07:
a7:4c:9d:d5:29:c4:0e:5d:52:21:e9:de:80:b6:a6:40:d5:a1:
fd:e3:f5:58:67:b9:b4:c1:72:b0:13:40:59:1d:cb:6f:c9:27:
49:c3:c6:39:3f:7e:0a:cc:6e:d5:9a:04:9c:77:5c:fe:c2:61:
9f:79:6d:7f:2b:af:82:2a:90:a3:b8:7e:fc:d0:d9:bd:c3:91:
27:f9:aa:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNz103AGpKtFrJhJ6TicZZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI4MTczNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2RlZGU1MTBkZjY3NWQ1NDgzYWYyMTg0MzIwOTU3ZmUyZjVkMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNfaMY53AzY815RYniOngcqMqTi5
qMTTyj9rOWUs8qWyCX8aN1XaZGXpmx1CcDGvKL/oswpVf5qdbbvS4JOO4Hqoad6O
1tAOyakMmoupvSTfGc7KE8xGwMgkwUefvQ6kvB3yb23FmIR7HvoA8HY5ePkyirIQ
r6trrh5NiTlia3hTykrehMw5ww0dGEpukAirZf/0EzVc1IiZvU4X504AHu03i3vm
J+x8bcwNttHtEiCEjOqJ298eN8NBRK4my8KqMwdI+yVvXHuZMr5m6pyuZsUM5DD4
cgNCu6G1r61BapP8zfX5optu3GD++JRFaTKQu6BYfp8mdiotV+iijB773QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLze3lEN9nXVSDryGEMglX/i9dFVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdk43ZVVRMzJkZFZJT3ZJWVF5Q1ZmLUwxMFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpiOAwQA
WdVoAwQAWdV7AwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAe
vf8KlGXgdJSg4+dhVE3NMbza1EDdgz0iDXjCv6vkE7Xn48PDod+P/ob744Sws38F
XJvSNGuajo0EYYcvRkZlAgWBLqjtMhR6rPvzkZLyz8+HXuqy9AcGXLcmg3BJIziD
9jeGIXqx3GYAzpbXh75HVU8EWDfqm55fcn55LBrpTnsrovNyg6xvVsqvLD08cB2L
X5OT2WHBXUCHf+2zObl/kQpXbEY1ueqQXnjc5AZaa01dXQenTJ3VKcQOXVIh6d6A
tqZA1aH94/VYZ7m0wXKwE0BZHctvySdJw8Y5P34KzG7VmgScd1z+wmGfeW1/K6+C
KpCjuH780Nm9w5En+apl
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:38 2025 by rpki-client