Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xgflkuEZPHeW6hJPFnXn4aCmZT0.roa
File: xgflkuEZPHeW6hJPFnXn4aCmZT0.roa (raw, json)
Hash identifier: Ux/D3rXw6198LQLaGr9atnkXMiXiu6B+O/wg4GhmzPw=
Subject key identifier: C6:07:E5:92:E1:19:3C:77:96:EA:12:4F:16:75:E7:E1:A0:A6:65:3D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192B8B2C7A7AFBEAC4606AE230AC7CBFB80
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xgflkuEZPHeW6hJPFnXn4aCmZT0.roa
Signing time: Wed 23 Oct 2024 09:26:17 +0000
ROA not before: Wed 23 Oct 2024 09:26:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 12:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:b2:c7:a7:af:be:ac:46:06:ae:23:0a:c7:cb:fb:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 23 09:26:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c607e592e1193c7796ea124f1675e7e1a0a6653d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f5:f5:cd:ea:a5:40:71:3b:3c:36:cb:a2:34:
b2:35:e9:0a:d5:3e:84:31:d2:54:04:1a:65:a6:20:
a8:9b:7c:b9:2c:1c:7d:9e:15:52:ea:3c:4d:88:ba:
72:d5:30:c7:06:46:07:3b:13:fa:34:df:9d:62:c6:
8a:2d:ad:1f:54:e6:99:21:d6:ab:7f:ba:16:fe:57:
ad:33:79:8c:39:72:64:43:21:37:16:29:e4:97:ea:
69:6c:f7:6c:6c:3b:bf:65:5d:05:58:db:22:c4:d8:
42:31:0a:f4:03:4e:53:76:5e:77:73:ca:ff:de:97:
ca:34:f4:b3:30:dc:f4:c1:47:c9:92:00:e1:1b:f0:
b8:fb:2c:f6:d5:89:40:58:1b:89:e8:b0:49:ef:bb:
c9:12:74:3e:fe:69:b3:43:a2:97:dc:fe:e2:53:94:
15:c8:62:e8:f5:40:a0:7a:22:9b:e4:cf:91:bb:12:
c0:99:ed:44:d4:16:22:d6:4b:e0:aa:43:9a:a1:b5:
66:7d:23:a6:c5:55:08:48:75:c1:58:8d:d1:ac:7e:
9d:25:e0:36:30:54:b0:4e:6e:f9:78:51:30:08:1c:
8c:78:9a:40:11:bc:0c:a7:d2:7e:fb:13:79:cd:ec:
6d:f0:41:b1:d5:61:1c:2e:8f:8a:f1:d1:76:f3:ae:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:07:E5:92:E1:19:3C:77:96:EA:12:4F:16:75:E7:E1:A0:A6:65:3D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xgflkuEZPHeW6hJPFnXn4aCmZT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.98.0/24
82.152.131.0/24
82.153.205.0/24
82.153.222.0/24
82.153.243.0/24
89.213.50.0/24
109.176.230.0/24
109.176.244.0/24
213.218.234.0/24
213.218.238.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
98:32:4c:ed:d3:78:be:ba:aa:3b:32:ce:d5:32:99:a5:20:39:
b0:4c:cc:1e:9a:24:82:e4:49:ae:49:07:74:c0:18:94:2b:c7:
06:43:7e:e0:58:28:d4:29:64:52:f8:c8:aa:a6:b7:8a:74:65:
10:e8:69:9e:a9:b8:12:48:e9:33:ed:82:eb:8e:4f:2e:c0:9c:
43:b5:88:3e:dc:dd:18:02:42:fd:53:42:bf:f2:c8:3e:37:b4:
14:eb:9f:dd:5e:0c:e6:ce:4b:ca:b3:92:e8:61:b9:de:d8:0a:
f7:7b:14:47:1c:8d:ce:90:a7:b6:40:75:a6:8b:58:3c:dd:5f:
16:4c:a2:a6:2d:2a:57:f8:2e:e4:d9:24:96:c4:eb:d7:af:7c:
63:db:ef:18:b3:22:a0:5a:79:ad:be:0f:dd:48:13:48:8b:98:
cb:b9:58:1d:bb:5b:92:0c:0d:d3:38:09:59:94:b9:be:f5:fb:
12:d2:5d:da:98:1c:63:96:35:fc:31:69:9b:49:e3:61:ba:25:
7f:72:c8:c8:21:f7:16:a6:cc:67:27:6e:27:b6:6e:36:c9:56:
0f:c0:64:c0:7f:cd:4a:b7:df:34:82:77:de:ca:38:b7:de:f6:
15:a5:4f:f2:38:68:8a:3d:bb:d5:30:97:d6:5f:2c:ab:96:b5:
68:20:5c:bb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZK4ssenr76sRgauIwrHy/uAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDIzMDkyNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA3ZTU5MmUxMTkzYzc3OTZlYTEyNGYxNjc1ZTdlMWEwYTY2NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPX1zeqlQHE7PDbLojSyNekK1T6E
MdJUBBplpiCom3y5LBx9nhVS6jxNiLpy1TDHBkYHOxP6NN+dYsaKLa0fVOaZIdar
f7oW/letM3mMOXJkQyE3Finkl+ppbPdsbDu/ZV0FWNsixNhCMQr0A05Tdl53c8r/
3pfKNPSzMNz0wUfJkgDhG/C4+yz21YlAWBuJ6LBJ77vJEnQ+/mmzQ6KX3P7iU5QV
yGLo9UCgeiKb5M+RuxLAme1E1BYi1kvgqkOaobVmfSOmxVUISHXBWI3RrH6dJeA2
MFSwTm75eFEwCByMeJpAEbwMp9J++xN5zext8EGx1WEcLo+K8dF2867RcQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMYH5ZLhGTx3luoSTxZ15+GgpmU9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveGdmbGt1RVpQSGVXNmhKUEZuWG40YUNtWlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUah6AwQA
UphiAwQAUpiDAwQAUpnNAwQAUpneAwQAUpnzAwQAWdUyAwQAbbDmAwQAbbD0AwQA
1drqAwQA1druAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQCYMkzt03i+uqo7Ms7V
MpmlIDmwTMwemiSC5EmuSQd0wBiUK8cGQ37gWCjUKWRS+MiqpreKdGUQ6GmeqbgS
SOkz7YLrjk8uwJxDtYg+3N0YAkL9U0K/8sg+N7QU65/dXgzmzkvKs5LoYbne2Ar3
exRHHI3OkKe2QHWmi1g83V8WTKKmLSpX+C7k2SSWxOvXr3xj2+8YsyKgWnmtvg/d
SBNIi5jLuVgdu1uSDA3TOAlZlLm+9fsS0l3amBxjljX8MWmbSeNhuiV/csjIIfcW
psxnJ24ntm42yVYPwGTAf81Kt980gnfeyji33vYVpU/yOGiKPbvVMJfWXyyrlrVo
IFy7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:13 2025 by rpki-client