Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa
File: w48cWCFE-TBbMA0noETEfsyuwaQ.roa (raw, json)
Hash identifier: /RnIubNUG4IFCTDRh0glHNWaDp1K1ivioTC4ee5qNFs=
Subject key identifier: C3:8F:1C:58:21:44:F9:30:5B:30:0D:27:A0:44:C4:7E:CC:AE:C1:A4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F5C4B69300A785AE212A7A3D7F185AB3D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa
Signing time: Thu 09 May 2024 07:39:56 +0000
ROA not before: Thu 09 May 2024 07:39:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.54.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.98.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.130.156.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
217.144.158.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 10:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:4b:69:30:0a:78:5a:e2:12:a7:a3:d7:f1:85:ab:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 9 07:39:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c38f1c582144f9305b300d27a044c47eccaec1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:84:60:37:a5:f2:15:4b:a1:40:2f:1a:9d:
2a:bb:65:ec:56:c5:80:d7:51:f9:a0:7a:99:f8:a6:
e5:10:45:88:12:cc:b4:c3:88:28:1e:9f:46:b0:3f:
5e:34:eb:d2:13:48:18:ce:35:13:07:48:18:ae:ea:
64:3f:98:f3:fa:18:7e:ed:3a:d5:cf:fc:a8:49:e6:
50:01:fc:d0:d1:81:c8:48:06:21:18:ba:ee:0d:71:
8c:1b:2f:98:8b:80:4f:08:6c:8b:f6:3e:70:96:23:
df:e3:33:d5:1f:b4:87:8e:51:c0:b6:c5:f9:9d:7e:
33:70:63:14:0e:0d:ea:3d:4c:1d:0e:47:66:47:18:
cf:17:9d:3b:4d:b7:60:50:9c:69:ab:3c:5e:82:b3:
54:49:a9:57:b4:34:f2:bb:18:aa:6e:e2:54:a6:63:
9d:02:c7:64:ab:00:84:bd:ab:1b:cf:a7:72:db:a4:
87:22:5d:2e:33:db:64:2e:0c:78:33:59:ad:23:d5:
be:6a:2b:94:39:8b:d8:9a:cd:43:aa:0b:34:81:dc:
08:32:a2:5b:d8:0b:6e:12:f7:05:29:b2:12:4c:18:
b9:c8:a3:64:e0:30:37:84:87:0c:e9:27:c2:3d:47:
e3:d9:22:b7:61:b4:4f:80:da:94:7f:91:b5:d1:17:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8F:1C:58:21:44:F9:30:5B:30:0D:27:A0:44:C4:7E:CC:AE:C1:A4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w48cWCFE-TBbMA0noETEfsyuwaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.54.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
89.213.98.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
109.176.201.0/24
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.130.156.0/24
213.210.59.0/24
213.218.210.0/23
213.218.213.0/24
213.218.227.0/24
213.218.231.0/24
217.144.158.0/24
217.145.66.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c4:29:d7:ed:d5:a5:98:fd:63:14:cd:3d:64:dd:48:c4:f6:
a7:e3:0c:c6:16:13:22:b8:cf:6e:b8:79:c1:6c:2e:6d:eb:44:
e0:9d:0b:25:dc:1b:f8:3c:3d:27:70:9d:6b:75:26:66:52:94:
93:29:0b:d2:56:cf:52:a0:4c:da:39:33:e6:ea:57:0b:dc:b1:
c1:24:f5:3c:ab:2a:2d:73:6c:fd:ae:52:c1:87:36:7d:ef:44:
46:69:b0:67:1e:b0:b6:7b:df:61:22:20:97:31:ef:5c:9b:84:
37:cb:d9:31:38:b2:a2:b3:de:66:c8:10:06:0b:b8:73:be:64:
9b:27:cf:ed:f6:e3:53:f2:90:28:f7:0f:56:c5:ad:be:bb:85:
97:cd:e5:4f:23:0e:7c:a3:42:ad:e6:c4:57:32:c4:32:f1:5b:
3e:14:0a:99:1a:3a:b5:89:33:82:45:0e:62:5d:d9:b9:37:09:
3d:7b:27:ca:4e:37:e1:1d:29:29:ee:4f:ea:3e:e1:3b:40:d5:
4e:04:20:4a:87:9a:1a:34:45:7c:2e:5a:65:89:93:5b:51:53:
a7:04:d0:ff:41:9d:1f:84:bf:5a:22:ee:ec:58:b1:61:2d:0a:
63:d6:b6:7d:08:0f:dc:84:2d:30:9d:dd:d5:c1:0d:72:b3:fc:
24:e1:85:fb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY9cS2kwCnha4hKno9fxhas9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA5MDczOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhmMWM1ODIxNDRmOTMwNWIzMDBkMjdhMDQ0YzQ3ZWNjYWVjMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKKEYDel8hVLoUAvGp0qu2XsVsWA
11H5oHqZ+KblEEWIEsy0w4goHp9GsD9eNOvSE0gYzjUTB0gYrupkP5jz+hh+7TrV
z/yoSeZQAfzQ0YHISAYhGLruDXGMGy+Yi4BPCGyL9j5wliPf4zPVH7SHjlHAtsX5
nX4zcGMUDg3qPUwdDkdmRxjPF507TbdgUJxpqzxegrNUSalXtDTyuxiqbuJUpmOd
AsdkqwCEvasbz6dy26SHIl0uM9tkLgx4M1mtI9W+aiuUOYvYms1Dqgs0gdwIMqJb
2AtuEvcFKbISTBi5yKNk4DA3hIcM6SfCPUfj2SK3YbRPgNqUf5G10RdZFQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFMOPHFghRPkwWzANJ6BExH7MrsGkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzQ4Y1dDRkUtVEJiTUEwbm9FVEVmc3l1d2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABR
qH4DBABSmDYDBAFSmLADBABSmTIDBAJSmYgDBABZ1WIwDAMEAlnVlAMEBVnVgAME
AlnVrAMEAFnVtAMEA22wEAMEAG2wyQMEAbkxfgMEBMJpUAMEANWCggMEANWClQME
ANWCnAMEANXSOwMEAdXa0gMEANXa1QMEANXa4wMEANXa5wMEANmQngMEANmRQjAN
BgkqhkiG9w0BAQsFAAOCAQEAgMQp1+3VpZj9YxTNPWTdSMT2p+MMxhYTIrjPbrh5
wWwubetE4J0LJdwb+Dw9J3Cda3UmZlKUkykL0lbPUqBM2jkz5upXC9yxwST1PKsq
LXNs/a5SwYc2fe9ERmmwZx6wtnvfYSIglzHvXJuEN8vZMTiyorPeZsgQBgu4c75k
myfP7fbjU/KQKPcPVsWtvruFl83lTyMOfKNCrebEVzLEMvFbPhQKmRo6tYkzgkUO
Yl3ZuTcJPXsnyk434R0pKe5P6j7hO0DVTgQgSoeaGjRFfC5aZYmTW1FTpwTQ/0Gd
H4S/WiLu7FixYS0KY9a2fQgP3IQtMJ3d1cENcrP8JOGF+w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:50 2025 by rpki-client