Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vOYq-IR16pr2gQJDUM3vBb0pDZQ.roa
File: vOYq-IR16pr2gQJDUM3vBb0pDZQ.roa (raw, json)
Hash identifier: uj4sJIWesYo3bpQ9tXsjBE1+tUq8DQ9hsBXor05LFNw=
Subject key identifier: BC:E6:2A:F8:84:75:EA:9A:F6:81:02:43:50:CD:EF:05:BD:29:0D:94
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F43B529243CF6901BF161752E0C221D45
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vOYq-IR16pr2gQJDUM3vBb0pDZQ.roa
Signing time: Sat 04 May 2024 13:04:56 +0000
ROA not before: Sat 04 May 2024 13:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.74.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.84.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 18:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:43:b5:29:24:3c:f6:90:1b:f1:61:75:2e:0c:22:1d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 4 13:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bce62af88475ea9af681024350cdef05bd290d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:b0:53:67:29:6d:7d:81:17:d2:cb:06:92:
31:8e:96:13:ac:db:d3:e0:32:b4:15:81:3b:f8:6f:
2b:c5:be:db:c0:77:0c:ea:0e:77:2e:47:7e:ac:6e:
3c:1c:09:3a:c5:ec:97:cd:6c:8b:ff:40:d0:0a:29:
fb:aa:dc:8a:da:10:99:b4:65:40:b8:77:41:4e:85:
18:f9:90:d3:0b:7e:06:ab:55:d2:bd:df:65:9c:4a:
80:bf:bd:8d:ac:33:14:1c:93:1f:8e:cf:4d:54:c3:
fa:84:be:48:e8:3f:d1:64:c9:e4:eb:bb:f3:9d:8c:
7a:14:fe:f8:34:23:2a:00:20:6b:bf:b6:f5:0a:75:
f7:7b:78:80:48:1d:e6:0e:17:fa:16:4a:bc:c0:6b:
42:01:aa:9a:77:cc:02:9a:96:4d:6b:d5:bc:6c:de:
98:d6:44:f4:22:9e:0d:82:78:73:cb:1f:64:93:db:
af:2a:0c:cf:46:b2:84:6b:11:4e:4e:62:86:14:af:
34:a7:37:6e:e4:4a:82:a5:37:30:a5:89:b9:d0:1f:
a1:4a:e9:e5:5d:e2:b8:7f:be:13:27:9c:af:05:0e:
57:43:5d:fd:34:da:c2:20:f4:7e:ba:5f:98:69:f0:
1c:7c:5e:2e:fa:3d:5b:2e:24:c6:aa:27:35:e9:04:
b7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E6:2A:F8:84:75:EA:9A:F6:81:02:43:50:CD:EF:05:BD:29:0D:94
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vOYq-IR16pr2gQJDUM3vBb0pDZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.74.0/24
212.38.79.0/24
212.38.84.0/24
213.130.149.0/24
213.218.210.0/23
213.218.213.0/24
Signature Algorithm: sha256WithRSAEncryption
29:29:fd:d5:da:c6:27:e9:ec:46:4b:dd:4f:9f:ed:0a:4c:25:
12:33:19:cd:b0:02:1f:27:37:06:6c:73:31:d8:15:98:07:a1:
a6:e2:00:65:35:80:17:d0:fc:86:53:61:52:65:32:47:84:03:
31:6c:45:a4:47:2d:64:ae:28:f2:e4:eb:dc:86:fe:3b:fc:8d:
5c:20:d1:bc:ca:d8:16:1a:f5:a6:fc:0a:9c:8b:b8:3e:e3:a4:
ee:a5:bc:27:31:b3:1c:28:82:7a:61:82:38:a5:11:cb:d9:45:
39:15:89:1a:e5:d1:af:6c:6d:4e:66:fe:54:65:e8:29:8a:48:
5a:b5:c8:ac:cb:11:d1:42:da:3b:0d:71:a5:6f:9d:c3:e5:1a:
0e:46:52:f1:b3:90:0a:68:c6:f7:3e:2a:93:b0:e2:48:f4:cd:
10:82:2a:58:4f:6f:54:4c:50:91:f8:38:62:40:ff:bd:67:f1:
ba:17:8f:25:73:81:92:b9:d7:e6:6d:2c:58:b9:db:79:42:fa:
f5:c8:db:c5:e7:30:2f:aa:b8:0d:c8:f0:19:cd:5f:c6:ac:f8:
49:0e:0c:2e:9f:86:9d:1f:6f:61:45:c4:d8:f9:e9:82:c2:9c:
b9:b5:97:d0:fe:9b:dd:84:43:5f:a6:b1:4d:5f:54:a9:e3:74:
71:be:42:6d
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY9DtSkkPPaQG/FhdS4MIh1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA0MTMwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U2MmFmODg0NzVlYTlhZjY4MTAyNDM1MGNkZWYwNWJkMjkwZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzWwU2cpbX2BF9LLBpIxjpYTrNvT
4DK0FYE7+G8rxb7bwHcM6g53Lkd+rG48HAk6xeyXzWyL/0DQCin7qtyK2hCZtGVA
uHdBToUY+ZDTC34Gq1XSvd9lnEqAv72NrDMUHJMfjs9NVMP6hL5I6D/RZMnk67vz
nYx6FP74NCMqACBrv7b1CnX3e3iASB3mDhf6Fkq8wGtCAaqad8wCmpZNa9W8bN6Y
1kT0Ip4Ngnhzyx9kk9uvKgzPRrKEaxFOTmKGFK80pzdu5EqCpTcwpYm50B+hSunl
XeK4f74TJ5yvBQ5XQ139NNrCIPR+ul+YafAcfF4u+j1bLiTGqic16QS3bQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFLzmKviEdeqa9oECQ1DN7wW9KQ2UMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdk9ZcS1JUjE2cHIyZ1FKRFVNM3ZCYjBwRFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFGofgME
AVKYsAMEAlKZiAMEAFKZ9QMEAFKjDzAMAwQCWdWUAwQFWdWAAwQCWdWsAwQAWdW0
AwQDbbAQAwQBuTF+AwQEwmlQAwQA1CZKAwQA1CZPAwQA1CZUAwQA1YKVAwQB1drS
AwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQApKf3V2sYn6exGS91Pn+0KTCUSMxnN
sAIfJzcGbHMx2BWYB6Gm4gBlNYAX0PyGU2FSZTJHhAMxbEWkRy1krijy5Ovchv47
/I1cING8ytgWGvWm/Aqci7g+46TupbwnMbMcKIJ6YYI4pRHL2UU5FYka5dGvbG1O
Zv5UZegpikhatcisyxHRQto7DXGlb53D5RoORlLxs5AKaMb3PiqTsOJI9M0QgipY
T29UTFCR+DhiQP+9Z/G6F48lc4GSudfmbSxYudt5Qvr1yNvF5zAvqrgNyPAZzV/G
rPhJDgwun4adH29hRcTY+emCwpy5tZfQ/pvdhENfprFNX1Sp43RxvkJt
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:08 2025 by rpki-client