Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wv4ELeYM3Ojsv-m6XQ6lJI6RBr4.roa
File: wv4ELeYM3Ojsv-m6XQ6lJI6RBr4.roa (raw, json)
Hash identifier: isa1e65u3OyWKCZsQi1g752fESEL8eHALuq/Id6iqgg=
Subject key identifier: C2:FE:04:2D:E6:0C:DC:E8:EC:BF:E9:BA:5D:0E:A5:24:8E:91:06:BE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019199C9C4ACCEDDA96B5D4A60AF735EBB50
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wv4ELeYM3Ojsv-m6XQ6lJI6RBr4.roa
Signing time: Wed 28 Aug 2024 16:20:22 +0000
ROA not before: Wed 28 Aug 2024 16:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.248.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.73.0/24 maxlen: 24
217.145.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 12:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:c9:c4:ac:ce:dd:a9:6b:5d:4a:60:af:73:5e:bb:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 28 16:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2fe042de60cdce8ecbfe9ba5d0ea5248e9106be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:b5:87:d6:a6:92:03:fc:68:a5:b7:a8:2a:
86:0a:7b:ec:6e:3e:83:85:98:36:03:22:50:56:aa:
0e:ad:92:eb:84:82:d1:e3:d7:71:6b:83:6e:14:37:
67:31:08:13:42:00:55:c2:26:99:65:6b:97:b1:d5:
6d:f9:af:eb:86:27:86:d3:9d:64:0a:bc:6b:e2:93:
dd:50:c1:23:f1:70:05:de:18:4f:28:dd:b6:80:c3:
13:c9:2e:94:e8:e8:9e:41:e9:bc:24:15:3e:b5:b1:
90:64:db:85:52:9d:50:a1:75:84:e7:d4:f5:a1:d0:
23:53:81:27:ee:2a:84:fb:a9:7d:96:c7:17:36:d8:
4b:01:3f:01:c7:58:c5:55:31:d1:9f:89:d0:f2:03:
64:9c:1d:1f:24:9c:af:e5:cf:f7:8c:ce:e8:0f:ec:
a1:ed:80:bc:1c:bf:52:4a:35:16:a3:33:37:64:8b:
8e:2e:aa:23:72:f1:21:a5:96:a2:c8:bc:ed:4a:51:
54:69:9d:c0:38:c9:69:d0:1b:1a:c1:90:9d:75:08:
a4:db:a8:05:c8:27:34:4b:71:54:6b:c7:b3:e7:bf:
36:fe:8f:3d:ff:16:da:d5:00:7a:a2:98:61:63:78:
72:74:82:24:3a:f8:28:12:02:16:48:7f:32:bc:fa:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:FE:04:2D:E6:0C:DC:E8:EC:BF:E9:BA:5D:0E:A5:24:8E:91:06:BE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wv4ELeYM3Ojsv-m6XQ6lJI6RBr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.145.0/24
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
89.213.248.0/23
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:12:30:37:f1:50:2a:fd:92:e6:67:ca:8c:25:ce:18:6f:7f:
fb:0d:35:f2:fe:8a:b8:88:7c:63:58:59:af:6f:6f:dc:bb:6d:
33:93:8b:96:5c:ad:fd:98:bd:83:e9:3e:d4:02:38:7e:e2:e0:
b6:5e:37:ab:e7:d0:db:de:19:6d:4f:9b:8b:86:b4:a1:a6:7e:
99:88:69:44:6f:f4:b4:88:cd:2f:88:84:01:55:78:a4:b2:e7:
8c:17:00:fa:4e:a6:5c:9b:f9:03:e7:0c:1b:9e:47:36:43:0f:
86:e1:8e:dd:9c:27:8d:03:19:02:18:91:e3:fb:f8:83:63:ff:
40:8a:8d:14:a7:5a:fa:06:da:b2:52:c0:00:da:de:c7:d9:ff:
9c:17:10:ab:fe:97:40:61:76:67:26:39:4a:2f:64:a4:d9:3a:
30:96:b0:5f:29:33:48:33:48:dc:5d:84:44:77:73:bb:12:d1:
2d:f2:3e:ae:8b:51:f1:3d:b8:1c:71:e8:97:8b:6d:46:9d:67:
cd:0d:b5:04:9b:64:b4:01:12:cf:cf:82:f2:4f:a5:fe:ac:36:
a8:1e:a5:01:21:1b:90:f8:98:2d:2d:66:0f:33:bd:47:e1:d8:
d2:44:87:c4:bc:29:93:dd:02:bd:ef:e4:84:26:e3:4c:f0:03:
44:4f:b9:f8
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZGZycSszt2pa11KYK9zXrtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODI4MTYyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmZlMDQyZGU2MGNkY2U4ZWNiZmU5YmE1ZDBlYTUyNDhlOTEwNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodC1h9amkgP8aKW3qCqGCnvsbj6D
hZg2AyJQVqoOrZLrhILR49dxa4NuFDdnMQgTQgBVwiaZZWuXsdVt+a/rhieG051k
Crxr4pPdUMEj8XAF3hhPKN22gMMTyS6U6OieQem8JBU+tbGQZNuFUp1QoXWE59T1
odAjU4En7iqE+6l9lscXNthLAT8Bx1jFVTHRn4nQ8gNknB0fJJyv5c/3jM7oD+yh
7YC8HL9SSjUWozM3ZIuOLqojcvEhpZaiyLztSlFUaZ3AOMlp0BsawZCddQik26gF
yCc0S3FUa8ez5782/o89/xba1QB6ophhY3hydIIkOvgoEgIWSH8yvPr5KQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFML+BC3mDNzo7L/pul0OpSSOkQa+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd3Y0RUxlWU0zT2pzdi1tNlhRNmxKSTZSQnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAFS
mLADBAJSmYgDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1ZEwDAMEAlnVlAMEBVnVgAME
AFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBAFZ1fgDBANt
sBADBAJtsMwDBAG5MX4DBATCaVADBAHUJlgDBADV2tMDBADZkUIDBAPZkUgwDQYJ
KoZIhvcNAQELBQADggEBADsSMDfxUCr9kuZnyowlzhhvf/sNNfL+iriIfGNYWa9v
b9y7bTOTi5Zcrf2YvYPpPtQCOH7i4LZeN6vn0NveGW1Pm4uGtKGmfpmIaURv9LSI
zS+IhAFVeKSy54wXAPpOplyb+QPnDBueRzZDD4bhjt2cJ40DGQIYkeP7+INj/0CK
jRSnWvoG2rJSwADa3sfZ/5wXEKv+l0BhdmcmOUovZKTZOjCWsF8pM0gzSNxdhER3
c7sS0S3yPq6LUfE9uBxx6JeLbUadZ80NtQSbZLQBEs/PgvJPpf6sNqgepQEhG5D4
mC0tZg8zvUfh2NJEh8S8KZPdAr3v5IQm40zwA0RPufg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:26 2025 by rpki-client