Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzkEe_ya-3srQ-o_hG_xOKfkphQ.roa
File: xzkEe_ya-3srQ-o_hG_xOKfkphQ.roa (raw, json)
Hash identifier: ARXzTYhIbudjblOFhTwuIxA6NsB3lurN8DThKE7VxLw=
Subject key identifier: C7:39:04:7B:FC:9A:FB:7B:2B:43:EA:3F:84:6F:F1:38:A7:E4:A6:14
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FD47B184EB4228F081C4FF16C7C0F4873
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzkEe_ya-3srQ-o_hG_xOKfkphQ.roa
Signing time: Sat 01 Jun 2024 15:46:27 +0000
ROA not before: Sat 01 Jun 2024 15:46:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 11:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:7b:18:4e:b4:22:8f:08:1c:4f:f1:6c:7c:0f:48:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 1 15:46:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c739047bfc9afb7b2b43ea3f846ff138a7e4a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5c:b3:c4:f4:b9:91:4d:d0:43:5d:58:eb:a0:
9c:c6:61:67:ff:87:91:3f:ed:ed:5b:40:38:ac:2a:
57:c6:29:bb:be:ff:50:38:c2:e9:a4:3c:1a:af:d9:
50:d1:0e:79:8a:83:1f:b5:b2:8d:eb:8b:72:47:25:
23:a7:13:c4:7a:f9:48:82:3d:75:10:2e:c2:7c:f2:
bc:ca:fb:a5:b3:9c:68:51:bd:56:d3:81:b1:82:33:
2f:67:1c:16:45:a9:38:e3:ba:18:8c:87:7d:41:9c:
59:ff:16:85:b5:6a:38:3f:01:60:de:d1:43:0f:f2:
31:8a:71:a5:47:3d:2d:73:01:91:af:f8:cd:a7:10:
ae:e7:2a:74:a4:66:9d:6e:16:c8:3c:c3:e2:92:92:
a7:74:47:17:4f:0f:34:74:c3:bc:e5:3c:f9:56:4b:
cb:35:7a:2c:b1:07:f6:6a:9a:be:6f:a3:99:f2:bc:
0a:13:4d:ec:52:99:e8:56:ce:e5:98:ef:4e:09:c1:
d1:a2:77:fb:a1:2b:c1:97:af:59:d2:fe:48:c7:a1:
03:c8:86:4d:02:c3:d9:fb:0a:e1:a9:cc:42:84:27:
03:34:51:2c:20:17:66:90:37:93:de:c9:9b:b3:07:
3a:46:49:9f:2a:39:3d:0c:45:a6:cc:42:65:33:f4:
3e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:39:04:7B:FC:9A:FB:7B:2B:43:EA:3F:84:6F:F1:38:A7:E4:A6:14
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzkEe_ya-3srQ-o_hG_xOKfkphQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c5:08:a7:fb:e7:02:4d:20:96:78:8a:e7:99:d1:b1:a0:ee:
a6:bc:dd:f6:0b:91:12:26:f8:ce:6b:65:12:dc:8c:f8:75:9f:
c4:af:82:6e:77:a3:c8:52:c8:ed:a8:ad:44:0c:73:88:84:03:
46:f8:4e:4a:98:8d:62:a2:3d:e8:8f:0d:15:cb:30:b5:4b:21:
d1:a0:c5:14:cc:e3:d7:0c:04:08:d5:1e:b8:8f:51:70:c5:4f:
dc:af:0f:b7:de:3a:eb:b6:1c:79:b4:14:5b:cb:64:d6:b6:25:
68:5f:f6:69:b3:82:e4:34:46:31:7d:1d:ba:8b:6f:f1:74:b9:
be:fd:4a:44:04:30:9f:30:42:e3:9e:c8:2c:45:5c:4a:cb:db:
1f:7a:66:11:02:b6:5f:2c:4d:38:38:cb:9e:47:73:ce:b4:ba:
00:1c:b3:53:62:ca:b8:28:71:b4:22:f1:9a:8f:e7:27:80:dd:
e1:21:da:ff:fc:4f:28:12:f6:18:5c:94:27:7c:29:e0:f9:5c:
7c:56:5b:fa:80:49:4c:89:3d:86:d1:98:b3:72:6e:4e:bf:0a:
a7:db:b8:bc:72:42:2d:53:f1:df:4a:0a:a6:10:84:49:95:92:
60:fb:6d:f2:0a:fd:92:8b:45:df:96:cd:10:cc:5f:50:7a:ad:
78:a9:5c:63
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY/UexhOtCKPCBxP8Wx8D0hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjAxMTU0NjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM5MDQ3YmZjOWFmYjdiMmI0M2VhM2Y4NDZmZjEzOGE3ZTRhNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlyzxPS5kU3QQ11Y66CcxmFn/4eR
P+3tW0A4rCpXxim7vv9QOMLppDwar9lQ0Q55ioMftbKN64tyRyUjpxPEevlIgj11
EC7CfPK8yvuls5xoUb1W04GxgjMvZxwWRak447oYjId9QZxZ/xaFtWo4PwFg3tFD
D/IxinGlRz0tcwGRr/jNpxCu5yp0pGadbhbIPMPikpKndEcXTw80dMO85Tz5VkvL
NXossQf2apq+b6OZ8rwKE03sUpnoVs7lmO9OCcHRonf7oSvBl69Z0v5Ix6EDyIZN
AsPZ+wrhqcxChCcDNFEsIBdmkDeT3smbswc6RkmfKjk9DEWmzEJlM/Q+hwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMc5BHv8mvt7K0PqP4Rv8Tin5KYUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveHprRWVfeWEtM3NyUS1vX2hHX3hPS2ZrcGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBUpiwAwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEA22w
EAMEAbkxfgMEBMJpUAMEAdQmWAMEAdXa0gMEANmRRDANBgkqhkiG9w0BAQsFAAOC
AQEAf8UIp/vnAk0glniK55nRsaDuprzd9guREib4zmtlEtyM+HWfxK+CbnejyFLI
7aitRAxziIQDRvhOSpiNYqI96I8NFcswtUsh0aDFFMzj1wwECNUeuI9RcMVP3K8P
t94667YcebQUW8tk1rYlaF/2abOC5DRGMX0duotv8XS5vv1KRAQwnzBC457ILEVc
SsvbH3pmEQK2XyxNODjLnkdzzrS6AByzU2LKuChxtCLxmo/nJ4Dd4SHa//xPKBL2
GFyUJ3wp4PlcfFZb+oBJTIk9htGYs3JuTr8Kp9u4vHJCLVPx30oKphCESZWSYPtt
8gr9kotF35bNEMxfUHqteKlcYw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:00 2025 by rpki-client