Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w3xlwnIp_T9ugU2nks5x1322XSE.roa
File: w3xlwnIp_T9ugU2nks5x1322XSE.roa (raw, json)
Hash identifier: ElHa+heje1jJuoPYg41DKgX6PP8P7Qb8qkHgtlMkqP4=
Subject key identifier: C3:7C:65:C2:72:29:FD:3F:6E:81:4D:A7:92:CE:71:D7:7D:B6:5D:21
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F28B1A9C8111FC1B970155F6A5547EFC5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w3xlwnIp_T9ugU2nks5x1322XSE.roa
Signing time: Mon 29 Apr 2024 07:11:22 +0000
ROA not before: Mon 29 Apr 2024 07:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 80.240.88.0/21 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.108.0/23 maxlen: 24
89.213.110.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.194.0/23 maxlen: 24
89.213.240.0/23 maxlen: 24
89.213.250.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 07:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:b1:a9:c8:11:1f:c1:b9:70:15:5f:6a:55:47:ef:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 29 07:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c37c65c27229fd3f6e814da792ce71d77db65d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:6e:4b:be:c1:b3:cc:b4:64:d6:5c:29:ef:
fb:08:ca:c3:b9:f5:86:41:9e:a2:8b:7f:f1:8f:a7:
0f:62:3c:78:ca:2a:16:19:ce:3f:75:08:58:38:0d:
aa:30:2d:9b:11:c7:07:e8:01:c3:00:7a:24:30:aa:
7f:f6:a0:54:9d:ae:19:29:c8:16:12:e3:80:57:d3:
28:43:c2:f7:f3:e6:34:49:6d:3d:9b:d4:cb:44:2a:
fa:15:66:b9:13:a5:71:4b:c2:da:70:22:e1:e1:50:
3a:c9:58:24:a6:de:f6:16:11:4a:5a:13:7f:6e:75:
1d:55:e5:6d:99:2d:8f:88:62:1b:8b:ac:bf:41:f1:
82:ce:f8:dd:56:79:b0:9c:18:49:28:cc:fd:61:68:
b8:bd:31:dc:f4:a4:77:5b:fb:03:4f:e0:dc:e3:0b:
54:2e:4e:da:fc:4d:e1:94:be:32:80:ff:67:44:fc:
81:c9:7a:1e:f5:85:82:8f:34:c8:b9:bf:e7:df:0f:
61:67:73:f9:86:39:17:79:2c:02:08:bd:87:a8:4e:
31:b5:d8:2a:11:8c:1f:08:61:41:16:d5:a5:4a:1f:
ed:51:71:55:dc:d2:5d:64:2c:bb:b1:86:ad:5a:57:
d6:61:2c:83:8e:c1:51:34:58:ad:00:05:e2:dd:a0:
50:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7C:65:C2:72:29:FD:3F:6E:81:4D:A7:92:CE:71:D7:7D:B6:5D:21
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w3xlwnIp_T9ugU2nks5x1322XSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
82.152.174.0/23
82.153.208.0/22
82.163.19.0/24
82.163.24.0/21
89.213.108.0-89.213.110.255
89.213.122.0/24
89.213.126.0/24
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.194.0/23
89.213.240.0/23
89.213.250.0/24
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:26:c5:40:39:dc:b3:40:43:a2:fa:17:6b:d0:aa:fd:a4:ec:
23:a1:80:7a:f6:9c:f9:dd:47:fd:2f:85:22:06:db:1f:d2:a7:
b6:55:12:3f:9c:90:ce:f1:fa:01:99:4b:e6:11:b0:52:8e:13:
5d:b1:12:07:a8:a3:85:c4:c1:5f:9e:7c:4f:cf:60:13:c7:9c:
d1:6d:a9:69:35:39:4d:ad:67:85:8d:b1:f5:20:95:ea:c8:6b:
24:b9:46:cb:29:a1:6b:65:d4:2e:c3:69:47:87:3c:f1:c4:46:
b7:72:11:78:c7:31:bc:57:ab:ee:d2:f8:d5:e3:b8:6c:bf:ea:
33:a5:9f:64:e3:e2:f7:fb:43:ac:bc:0e:a7:99:43:88:76:22:
de:ed:25:60:53:8b:30:d5:69:e5:f0:1e:8b:d8:6c:32:f0:ad:
db:d2:a4:e6:ce:80:64:a7:4e:d7:6d:cc:2d:61:ac:8a:01:10:
ce:0d:6e:7f:cd:4d:9f:a5:4c:50:f7:69:f4:36:9c:12:d8:0c:
8b:45:cb:e6:23:d4:e7:4b:4d:42:4e:21:ac:d6:55:3f:b8:26:
d7:79:5b:28:d0:e2:df:3f:1f:15:4d:1f:11:3b:8f:c0:53:f1:
76:51:a1:cc:ea:9c:f3:83:5f:83:14:fa:a2:28:6b:16:44:01:
71:23:11:47
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAY8osanIER/BuXAVX2pVR+/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MDcxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzdjNjVjMjcyMjlmZDNmNmU4MTRkYTc5MmNlNzFkNzdkYjY1ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA1uS77Bs8y0ZNZcKe/7CMrDufWG
QZ6ii3/xj6cPYjx4yioWGc4/dQhYOA2qMC2bEccH6AHDAHokMKp/9qBUna4ZKcgW
EuOAV9MoQ8L38+Y0SW09m9TLRCr6FWa5E6VxS8LacCLh4VA6yVgkpt72FhFKWhN/
bnUdVeVtmS2PiGIbi6y/QfGCzvjdVnmwnBhJKMz9YWi4vTHc9KR3W/sDT+Dc4wtU
Lk7a/E3hlL4ygP9nRPyByXoe9YWCjzTIub/n3w9hZ3P5hjkXeSwCCL2HqE4xtdgq
EYwfCGFBFtWlSh/tUXFV3NJdZCy7sYatWlfWYSyDjsFRNFitAAXi3aBQ4QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFMN8ZcJyKf0/boFNp5LOcdd9tl0hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzN4bHduSXBfVDl1Z1UybmtzNXgxMzIyWFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBANQ
8FgDBAFSmK4DBAJSmdADBABSoxMDBANSoxgwDAMEAlnVbAMEAFnVbgMEAFnVegME
AFnVfgMEAFnVjwMEAFnVkwMEAFnVtQMEAVnVwgMEAVnV8AMEAFnV+gMEANXSEAME
ANXSEgMEANXSIQMEANXSMwMEANXa3AMEANmQlzANBgkqhkiG9w0BAQsFAAOCAQEA
OybFQDncs0BDovoXa9Cq/aTsI6GAevac+d1H/S+FIgbbH9KntlUSP5yQzvH6AZlL
5hGwUo4TXbESB6ijhcTBX558T89gE8ec0W2paTU5Ta1nhY2x9SCV6shrJLlGyymh
a2XULsNpR4c88cRGt3IReMcxvFer7tL41eO4bL/qM6WfZOPi9/tDrLwOp5lDiHYi
3u0lYFOLMNVp5fAei9hsMvCt29Kk5s6AZKdO123MLWGsigEQzg1uf81Nn6VMUPdp
9DacEtgMi0XL5iPU50tNQk4hrNZVP7gm13lbKNDi3z8fFU0fETuPwFPxdlGhzOqc
84NfgxT6oihrFkQBcSMRRw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:22 2025 by rpki-client