Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xhKQWXB9YaDKH_tyDaU6q2gQjS0.roa
File: xhKQWXB9YaDKH_tyDaU6q2gQjS0.roa (raw, json)
Hash identifier: U7oy5uVvrt1ScjNTRZCsQMZWRr+tdFXi54/fZYcaOKw=
Subject key identifier: C6:12:90:59:70:7D:61:A0:CA:1F:FB:72:0D:A5:3A:AB:68:10:8D:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE216AC83BDEFFB24BDF7299D2B1F635B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xhKQWXB9YaDKH_tyDaU6q2gQjS0.roa
Signing time: Tue 04 Jun 2024 07:11:27 +0000
ROA not before: Tue 04 Jun 2024 07:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
213.130.132.0/22 maxlen: 22
213.210.52.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
217.145.72.0/21 maxlen: 22
Validation: Failed, certificate revoked on Fri 28 Jun 2024 14:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:16:ac:83:bd:ef:fb:24:bd:f7:29:9d:2b:1f:63:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 07:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6129059707d61a0ca1ffb720da53aab68108d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:90:5b:7a:71:8a:4d:0d:4b:2b:eb:4f:ab:
bd:e1:bb:cc:93:bb:0c:a7:77:d6:54:c4:52:94:3b:
0a:36:9a:e4:b2:75:0c:ec:b3:96:ae:6a:52:80:b0:
53:8c:c1:fd:c2:e1:9a:91:c5:29:88:f7:21:ef:d1:
5a:23:89:d8:4a:41:9d:73:38:f2:5f:53:1c:6a:67:
e8:f3:73:55:f5:8c:ea:4d:7a:ef:15:62:d9:08:0c:
90:0c:92:95:d7:ca:d1:29:21:7a:1f:f7:c9:7c:13:
ed:68:1e:1b:db:2e:a2:75:97:22:15:7a:68:23:7a:
0c:e3:59:0b:2e:94:1e:a5:39:07:8f:1b:c3:46:a5:
57:19:f0:70:90:fd:43:46:b0:3e:21:ff:1a:a8:91:
76:b3:04:d2:67:e5:ee:1d:d1:2a:2b:d2:53:1b:4a:
80:fb:d2:a2:5e:6a:9c:4a:e0:0c:de:07:2b:55:2b:
53:13:fb:d2:25:21:bd:eb:53:82:dc:49:57:ce:dd:
f9:2f:81:62:3e:d6:ed:fa:a0:7d:12:e8:9c:ef:17:
37:64:19:ed:c4:f8:eb:df:a3:a6:35:3f:83:72:3d:
9e:2b:d4:c4:84:d8:40:d7:67:92:fd:77:a6:eb:15:
0a:ee:3a:21:70:2e:1a:e8:6c:86:f1:99:6c:a8:83:
48:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:12:90:59:70:7D:61:A0:CA:1F:FB:72:0D:A5:3A:AB:68:10:8D:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xhKQWXB9YaDKH_tyDaU6q2gQjS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
213.130.132.0/22
213.210.52.0/22
213.218.244.0/22
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:d9:74:dc:e6:fe:46:eb:57:16:b5:a4:62:75:60:b5:61:2e:
9b:f3:fe:b4:e5:c6:14:a6:90:13:8c:84:70:77:d0:c9:54:59:
84:cb:45:df:a7:bd:bc:d3:2b:bd:af:93:af:c2:66:1c:0b:73:
1d:a9:4f:25:b6:6e:b6:13:2c:20:b5:ee:b3:59:10:76:ab:1e:
c6:64:f2:d4:5d:74:8f:a3:8e:5f:38:b2:c1:06:12:86:65:42:
6f:4e:bb:82:6d:f9:40:7c:98:f4:9a:34:6c:0d:ed:b5:0e:c1:
00:38:bf:9a:b1:8b:28:bd:42:ac:01:fc:ec:60:76:e9:6b:0c:
10:52:94:dc:c5:83:85:fd:15:c9:1e:08:63:41:2d:b2:cb:bf:
a7:a7:7d:54:49:f2:6b:0b:a5:27:df:89:0c:95:d9:fe:d9:6d:
96:aa:4e:87:69:f9:b2:47:1e:ce:a4:db:9a:9d:70:8f:34:be:
7c:7e:7a:88:56:d8:69:e6:80:16:f2:9c:ef:bd:2e:be:31:95:
59:4b:5b:67:7f:28:a9:90:cd:a3:ac:dc:c9:03:ed:d4:ee:23:
4e:46:d2:de:33:77:85:0d:d6:4f:7e:f9:5c:08:76:42:fb:e0:
9a:5c:c5:cd:23:9c:f9:59:56:e9:57:c8:d3:06:d0:93:85:22:
23:3d:e0:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/iFqyDve/7JL33KZ0rH2NbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA0MDcxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjEyOTA1OTcwN2Q2MWEwY2ExZmZiNzIwZGE1M2FhYjY4MTA4ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW6QW3pxik0NSyvrT6u94bvMk7sM
p3fWVMRSlDsKNprksnUM7LOWrmpSgLBTjMH9wuGakcUpiPch79FaI4nYSkGdczjy
X1Mcamfo83NV9YzqTXrvFWLZCAyQDJKV18rRKSF6H/fJfBPtaB4b2y6idZciFXpo
I3oM41kLLpQepTkHjxvDRqVXGfBwkP1DRrA+If8aqJF2swTSZ+XuHdEqK9JTG0qA
+9KiXmqcSuAM3gcrVStTE/vSJSG961OC3ElXzt35L4FiPtbt+qB9Euic7xc3ZBnt
xPjr36OmNT+Dcj2eK9TEhNhA12eS/Xem6xUK7johcC4a6GyG8ZlsqINIRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMYSkFlwfWGgyh/7cg2lOqtoEI0tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveGhLUVdYQjlZYURLSF90eURhVTZxMmdRalMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUpnYAwQC
1YKEAwQC1dI0AwQC1dr0AwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQCc2XTc5v5G
61cWtaRidWC1YS6b8/605cYUppATjIRwd9DJVFmEy0Xfp7280yu9r5OvwmYcC3Md
qU8ltm62Eywgte6zWRB2qx7GZPLUXXSPo45fOLLBBhKGZUJvTruCbflAfJj0mjRs
De21DsEAOL+asYsovUKsAfzsYHbpawwQUpTcxYOF/RXJHghjQS2yy7+np31USfJr
C6Un34kMldn+2W2Wqk6HafmyRx7OpNuanXCPNL58fnqIVthp5oAW8pzvvS6+MZVZ
S1tnfyipkM2jrNzJA+3U7iNORtLeM3eFDdZPfvlcCHZC++CaXMXNI5z5WVbpV8jT
BtCThSIjPeBI
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:31 2025 by rpki-client