Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vX6L2rZNSk6zW9wehmzVqIUyXd0.roa
File: vX6L2rZNSk6zW9wehmzVqIUyXd0.roa (raw, json)
Hash identifier: lJT6u57boQWi79bJqU+A3/sWKGQWsqmjl1Cw0ymWhO0=
Subject key identifier: BD:7E:8B:DA:B6:4D:4A:4E:B3:5B:DC:1E:86:6C:D5:A8:85:32:5D:DD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143CD0EF28B8E345B425B2DF77E2758
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vX6L2rZNSk6zW9wehmzVqIUyXd0.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.93.143.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.18.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:cd:0e:f2:8b:8e:34:5b:42:5b:2d:f7:7e:27:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd7e8bdab64d4a4eb35bdc1e866cd5a885325ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:95:8f:30:b2:cb:69:c9:89:c2:6d:4b:e9:35:
d4:db:49:09:ee:33:11:19:ed:f2:89:fc:b3:3f:a3:
ea:94:ba:e6:9a:30:ef:96:0f:37:46:7b:a5:d8:fe:
8e:23:73:41:75:92:cf:c2:25:66:51:f7:1a:ee:b8:
4f:44:62:ac:97:f1:b8:11:a7:04:c5:1c:02:cd:0c:
87:16:1e:66:a8:be:00:10:8f:0a:41:69:68:70:52:
19:51:4c:d0:60:3f:eb:d1:72:7b:e3:ee:2e:d1:8e:
ca:de:9e:66:9e:e7:29:62:fe:fa:0a:e4:06:30:65:
58:08:8c:39:e8:7e:ee:48:de:92:f4:07:d9:ef:4a:
8c:a7:58:9f:72:74:47:42:27:88:c7:15:fd:76:92:
a1:4b:38:4c:63:71:db:6e:4b:37:d9:b6:08:78:a8:
5c:1b:9d:6f:bf:5e:7f:74:8d:63:2e:d0:82:d2:b0:
d6:85:63:59:48:cd:9a:da:fd:e1:e7:5e:22:82:22:
b1:ff:4a:41:52:c3:43:61:00:25:70:4c:e4:31:68:
47:5f:97:b2:19:02:f2:83:83:cd:0a:3e:c6:fe:fa:
b9:a4:e6:54:dd:32:40:ba:3f:65:24:97:ca:01:db:
9d:60:d1:ad:de:14:d5:04:6d:95:8d:74:d2:d8:52:
01:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7E:8B:DA:B6:4D:4A:4E:B3:5B:DC:1E:86:6C:D5:A8:85:32:5D:DD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vX6L2rZNSk6zW9wehmzVqIUyXd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.143.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.172.0/22
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0-213.218.212.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:c0:6f:de:8a:a5:f6:82:56:d8:74:f2:e1:16:69:6c:c5:24:
a3:1b:f4:c3:fe:9b:5d:a4:e4:5e:5f:b8:c3:0b:49:bc:a3:69:
dd:ff:fb:2f:0b:df:98:7e:18:c0:2f:b5:e7:fb:fd:be:8e:5f:
73:eb:55:77:d7:9d:c4:e8:fb:b8:df:1c:c4:86:38:55:6b:52:
5f:3c:63:fb:9b:1b:90:ab:02:e7:76:46:05:d2:8c:1b:48:ed:
b8:bb:f2:d0:bf:71:91:98:24:a1:c3:4b:9f:34:4d:43:30:58:
e6:48:f9:55:aa:51:fa:85:45:b1:15:1f:b1:63:26:9e:34:b2:
f8:39:08:8e:df:7d:5c:73:c1:c8:ea:20:3d:c9:1d:33:5c:d9:
2e:fc:7e:37:03:66:23:0b:0d:1e:cb:2f:46:20:0e:ea:ba:a4:
cf:1d:dd:0f:e8:e7:47:22:c2:37:fd:8e:59:75:80:e7:36:1a:
0a:fa:3f:a9:2a:8f:0b:89:72:73:a8:e5:d0:56:29:a0:4a:c1:
ab:b3:d8:23:a2:89:0a:78:1c:5a:81:75:9a:61:5f:d5:ee:b4:
28:5f:be:8f:85:71:75:3b:e2:5c:76:f5:b6:87:f3:38:d6:10:
50:f8:36:07:16:75:45:6b:06:ae:cf:80:72:ac:46:a0:d2:b9:
cf:ae:81:16
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZQhQ80O8ouONFtCWy33fidYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdlOGJkYWI2NGQ0YTRlYjM1YmRjMWU4NjZjZDVhODg1MzI1ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5WPMLLLacmJwm1L6TXU20kJ7jMR
Ge3yifyzP6PqlLrmmjDvlg83Rnul2P6OI3NBdZLPwiVmUfca7rhPRGKsl/G4EacE
xRwCzQyHFh5mqL4AEI8KQWlocFIZUUzQYD/r0XJ74+4u0Y7K3p5mnucpYv76CuQG
MGVYCIw56H7uSN6S9AfZ70qMp1ifcnRHQieIxxX9dpKhSzhMY3Hbbks32bYIeKhc
G51vv15/dI1jLtCC0rDWhWNZSM2a2v3h514igiKx/0pBUsNDYQAlcEzkMWhHX5ey
GQLyg4PNCj7G/vq5pOZU3TJAuj9lJJfKAdudYNGt3hTVBG2VjXTS2FIBtwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFL1+i9q2TUpOs1vcHoZs1aiFMl3dMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdlg2TDJyWk5TazZ6Vzl3ZWhtelZxSVV5WGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwAwQA
TV2PAwQAUpgIAwQBUpiwAwQCUpmIAwQBWdUsAwQBWdUyAwQCWdU4AwQAWdWBAwQA
WdWEAwQAWdWLAwQAWdWPMAwDBABZ1ZEDBABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnV
ogMEAFnVpAMEAFnVpwMEAlnVrAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwD
BAJZ1eQDBARZ1eADBANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8D
BAHUJlgDBALV0jQwDAMEANXa0wMEANXa1DAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0G
CSqGSIb3DQEBCwUAA4IBAQAuwG/eiqX2glbYdPLhFmlsxSSjG/TD/ptdpOReX7jD
C0m8o2nd//svC9+YfhjAL7Xn+/2+jl9z61V3153E6Pu43xzEhjhVa1JfPGP7mxuQ
qwLndkYF0owbSO24u/LQv3GRmCShw0ufNE1DMFjmSPlVqlH6hUWxFR+xYyaeNLL4
OQiO331cc8HI6iA9yR0zXNku/H43A2YjCw0eyy9GIA7quqTPHd0P6OdHIsI3/Y5Z
dYDnNhoK+j+pKo8LiXJzqOXQVimgSsGrs9gjookKeBxagXWaYV/V7rQoX76PhXF1
O+JcdvW2h/M41hBQ+DYHFnVFawauz4ByrEag0rnProEW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:07 2025 by rpki-client