Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPFmUjxEiMfulGeEATAB6m4VreI.roa
File: yPFmUjxEiMfulGeEATAB6m4VreI.roa (raw, json)
Hash identifier: 6nVhS8W2tABO8bWn7j58leheLO9NeoLGGHrlWYo1yOE=
Subject key identifier: C8:F1:66:52:3C:44:88:C7:EE:94:67:84:01:30:01:EA:6E:15:AD:E2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01900D12801199A936BEBC3D33EC703787F0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPFmUjxEiMfulGeEATAB6m4VreI.roa
Signing time: Wed 12 Jun 2024 15:30:34 +0000
ROA not before: Wed 12 Jun 2024 15:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
82.152.12.0/24 maxlen: 24
82.152.140.0/24 maxlen: 24
82.152.142.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.34.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.159.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jun 2024 15:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:12:80:11:99:a9:36:be:bc:3d:33:ec:70:37:87:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 12 15:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f166523c4488c7ee946784013001ea6e15ade2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:8a:b8:c9:76:4e:ff:48:17:57:66:8a:45:
19:3d:09:92:fd:6e:80:a3:cd:00:29:aa:48:0d:e6:
1e:60:7f:9b:76:7b:0c:8d:17:7a:80:b5:91:54:c3:
0f:90:41:46:24:9f:59:88:21:88:de:9e:bd:cb:2a:
91:a4:cf:0d:87:cf:7e:30:d1:c9:0f:ee:ab:34:dc:
a8:c2:53:05:e7:db:4e:83:15:68:13:2f:98:b5:ab:
db:39:3f:de:2a:34:28:b0:13:fd:65:70:0c:ce:f8:
b6:bd:ad:7f:58:93:1b:be:b3:15:a8:fa:83:3e:21:
47:80:50:82:7c:1f:1d:87:bd:62:87:88:1d:d7:b9:
d8:6b:34:13:4c:3f:77:76:8e:f0:d8:e1:c3:ee:9f:
a8:c7:3d:a8:1e:0e:a6:30:93:fe:f4:de:ce:cb:8f:
fb:af:43:94:bb:21:dc:06:fd:16:77:4f:3a:0e:c1:
05:ab:7a:ab:44:69:9c:4a:17:09:f0:b1:3e:9d:e9:
5f:da:2a:6f:81:0c:a3:48:5b:54:a3:9b:26:f9:8b:
6c:1b:79:2f:02:c4:bf:d4:e2:e9:b8:49:48:7f:ec:
90:3f:bd:10:07:18:b7:44:02:f7:cd:36:a4:11:f7:
18:29:9d:42:d2:4e:c6:58:b1:c7:87:99:e9:ea:6d:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F1:66:52:3C:44:88:C7:EE:94:67:84:01:30:01:EA:6E:15:AD:E2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yPFmUjxEiMfulGeEATAB6m4VreI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
81.168.50.0/24
82.152.12.0/24
82.152.140.0/24
82.152.142.0/24
82.152.176.0/23
82.153.34.0/23
82.153.136.0/22
82.153.159.0/24
82.153.201.0/24
82.163.15.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.202.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:cd:b4:01:da:5d:c6:73:2f:af:56:6f:46:58:9b:87:23:b2:
12:e7:80:0b:66:7d:44:63:8b:ce:da:db:60:64:0e:07:b6:5e:
14:42:89:11:ad:7c:70:9a:4b:2f:f1:25:ca:4e:5d:09:32:57:
02:e6:df:16:03:ee:ec:d7:6c:16:2f:11:29:09:ce:87:db:8f:
63:3f:f1:3c:8d:79:f9:85:7a:72:92:76:6e:93:90:15:49:88:
2c:36:3b:a5:7f:a0:cd:41:1a:25:19:a2:4a:4a:ed:6a:78:2b:
59:46:b1:ec:52:1f:7b:88:23:a0:f1:02:1d:f4:5f:a8:50:eb:
0e:66:21:1f:76:8c:50:a7:e5:98:36:cb:b1:58:a8:73:66:fa:
be:34:51:55:1a:e3:08:bf:ef:95:a1:86:5f:e6:19:05:a0:18:
2d:2e:0f:ad:95:01:87:d3:d9:66:18:50:e6:82:61:8f:b3:7d:
43:52:cd:9c:ca:64:d1:b5:25:23:07:b8:34:ec:81:cc:db:3b:
37:1b:12:2a:64:8d:e4:a7:cc:af:3d:7b:4a:65:c5:8c:f2:8b:
c6:be:7c:b8:fb:54:ff:b0:13:29:17:d2:bb:40:62:e4:97:11:
a6:40:c8:41:7f:c3:84:6a:1f:be:49:d7:73:15:47:33:7f:0e:
bf:ca:00:b7
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZANEoARmak2vrw9M+xwN4fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjEyMTUzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYxNjY1MjNjNDQ4OGM3ZWU5NDY3ODQwMTMwMDFlYTZlMTVhZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpWKuMl2Tv9IF1dmikUZPQmS/W6A
o80AKapIDeYeYH+bdnsMjRd6gLWRVMMPkEFGJJ9ZiCGI3p69yyqRpM8Nh89+MNHJ
D+6rNNyowlMF59tOgxVoEy+YtavbOT/eKjQosBP9ZXAMzvi2va1/WJMbvrMVqPqD
PiFHgFCCfB8dh71ih4gd17nYazQTTD93do7w2OHD7p+oxz2oHg6mMJP+9N7Oy4/7
r0OUuyHcBv0Wd086DsEFq3qrRGmcShcJ8LE+nelf2ipvgQyjSFtUo5sm+YtsG3kv
AsS/1OLpuElIf+yQP70QBxi3RAL3zTakEfcYKZ1C0k7GWLHHh5np6m3QHwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFMjxZlI8RIjH7pRnhAEwAepuFa3iMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveVBGbVVqeEVpTWZ1bEdlRUFUQUI2bTRWcmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAl
/BsDBABRqDIDBABSmAwDBABSmIwDBABSmI4DBAFSmLADBAFSmSIDBAJSmYgDBABS
mZ8DBABSmckDBABSow8wDAMEAlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQEWdXA
AwQDWdXoAwQDbbAQAwQAbbDKAwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQB1drS
MA0GCSqGSIb3DQEBCwUAA4IBAQCgzbQB2l3Gcy+vVm9GWJuHI7IS54ALZn1EY4vO
2ttgZA4Htl4UQokRrXxwmksv8SXKTl0JMlcC5t8WA+7s12wWLxEpCc6H249jP/E8
jXn5hXpyknZuk5AVSYgsNjulf6DNQRolGaJKSu1qeCtZRrHsUh97iCOg8QId9F+o
UOsOZiEfdoxQp+WYNsuxWKhzZvq+NFFVGuMIv++VoYZf5hkFoBgtLg+tlQGH09lm
GFDmgmGPs31DUs2cymTRtSUjB7g07IHM2zs3GxIqZI3kp8yvPXtKZcWM8ovGvny4
+1T/sBMpF9K7QGLklxGmQMhBf8OEah++SddzFUczfw6/ygC3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:42 2025 by rpki-client