Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yjRzjiU8oIruVAgv6HF7-r8TdAA.roa
File: yjRzjiU8oIruVAgv6HF7-r8TdAA.roa (raw, json)
Hash identifier: 6XHXqqbeEDAQ4Ht5DOSnwlKaXUHxFzu997kXQAwd9Yk=
Subject key identifier: CA:34:73:8E:25:3C:A0:8A:EE:54:08:2F:E8:71:7B:FA:BF:13:74:00
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01905F44BD8AECA89AA286D4BD967C0C31FE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yjRzjiU8oIruVAgv6HF7-r8TdAA.roa
Signing time: Fri 28 Jun 2024 14:34:18 +0000
ROA not before: Fri 28 Jun 2024 14:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jun 2024 10:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:44:bd:8a:ec:a8:9a:a2:86:d4:bd:96:7c:0c:31:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 28 14:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca34738e253ca08aee54082fe8717bfabf137400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:16:6a:17:47:fd:92:45:e3:21:d7:27:28:4e:
e7:93:d1:67:f5:db:dd:37:09:13:88:df:46:2d:c3:
d5:96:10:e3:79:0d:a7:01:cf:9d:f9:95:b5:21:77:
ef:a6:e0:56:1d:cf:77:b5:af:fd:1c:be:33:96:45:
98:df:87:9c:ac:be:07:2c:3b:e9:9f:f7:38:ca:23:
4f:de:22:85:5a:f9:dc:e0:40:95:c9:8e:ad:44:d2:
fd:3e:7f:82:28:a7:e5:eb:64:a3:a3:b5:70:5b:7f:
54:05:ba:70:c9:f8:5c:d0:3e:49:a9:63:58:11:b7:
94:cb:78:98:37:75:68:d2:83:fe:db:b8:37:86:1d:
2c:64:ba:96:b7:3b:ca:fb:4e:00:30:50:35:a2:7a:
79:04:4f:3f:8e:e7:34:8e:b6:02:89:84:9f:79:06:
e7:42:36:5b:ed:a0:88:74:ea:85:c3:84:87:46:5a:
cd:d5:f0:2e:ac:98:81:f5:65:58:c6:42:a2:f4:3c:
75:46:3c:73:2b:f1:62:c2:a0:25:57:77:9d:f8:01:
1d:87:53:d6:16:78:95:1f:3c:ee:af:6e:84:6f:ae:
a1:fc:e5:0e:b6:cf:40:a4:3e:ba:15:fb:d9:8c:5d:
16:96:71:d3:88:71:91:8d:93:c7:ee:18:87:81:5d:
bf:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:34:73:8E:25:3C:A0:8A:EE:54:08:2F:E8:71:7B:FA:BF:13:74:00
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yjRzjiU8oIruVAgv6HF7-r8TdAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.50.0-89.213.59.255
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
Signature Algorithm: sha256WithRSAEncryption
97:14:46:66:74:ab:3a:60:07:50:71:24:c7:34:46:34:e9:61:
41:7f:d2:22:78:be:f7:a2:57:70:d8:c9:00:8a:c4:74:89:f3:
b5:34:e4:bd:6e:1e:1c:0b:8e:8e:27:59:fb:44:50:21:d3:42:
61:d3:06:a2:6f:85:4e:48:81:92:72:53:bc:3c:20:00:7d:36:
73:27:d0:3c:69:7f:14:85:4a:8f:88:79:dc:e4:47:ec:2d:73:
1b:7a:f2:88:9e:ff:85:0f:2b:13:b1:a3:e2:88:eb:61:4c:1f:
17:46:ae:57:d2:dd:76:50:f3:f8:8d:c3:83:79:fd:32:7d:36:
e5:f1:18:bf:12:b0:19:16:83:c6:01:31:e7:d4:08:c7:be:bd:
79:1d:b0:49:c9:d4:80:8b:24:60:03:31:6c:1b:6c:d4:73:27:
8d:16:ea:2d:7c:27:a6:dc:2e:d0:49:59:e2:86:12:aa:d9:47:
4a:6e:5a:5f:79:33:e6:5e:be:7a:98:a0:91:2c:2c:af:68:e2:
cb:9d:55:eb:10:b9:9b:45:db:ef:ff:8c:55:89:1e:0e:d5:a6:
bc:d5:60:29:00:cf:37:a9:92:88:be:9c:81:77:0f:10:fb:3c:
fa:f8:e7:62:bf:ff:83:91:7b:73:8f:24:4f:2c:6a:5e:61:84:
ac:08:57:ff
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZBfRL2K7KiaoobUvZZ8DDH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjI4MTQzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM0NzM4ZTI1M2NhMDhhZWU1NDA4MmZlODcxN2JmYWJmMTM3NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhZqF0f9kkXjIdcnKE7nk9Fn9dvd
NwkTiN9GLcPVlhDjeQ2nAc+d+ZW1IXfvpuBWHc93ta/9HL4zlkWY34ecrL4HLDvp
n/c4yiNP3iKFWvnc4ECVyY6tRNL9Pn+CKKfl62Sjo7VwW39UBbpwyfhc0D5JqWNY
EbeUy3iYN3Vo0oP+27g3hh0sZLqWtzvK+04AMFA1onp5BE8/juc0jrYCiYSfeQbn
QjZb7aCIdOqFw4SHRlrN1fAurJiB9WVYxkKi9Dx1RjxzK/FiwqAlV3ed+AEdh1PW
FniVHzzur26Eb66h/OUOts9ApD66FfvZjF0WlnHTiHGRjZPH7hiHgV2/jQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMo0c44lPKCK7lQIL+hxe/q/E3QAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveWpSemppVThvSXJ1VkFndjZIRjctcjhUZEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAVKYsAME
AlKZiDAMAwQBWdUyAwQCWdU4AwQAWdWGMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAME
AlnVxAMEBFnVwAMEA1nV6AMEA22wEAMEAm2wzAMEAbkxfgMEBMJpUAMEAdQmWAME
AdXa0jANBgkqhkiG9w0BAQsFAAOCAQEAlxRGZnSrOmAHUHEkxzRGNOlhQX/SIni+
96JXcNjJAIrEdInztTTkvW4eHAuOjidZ+0RQIdNCYdMGom+FTkiBknJTvDwgAH02
cyfQPGl/FIVKj4h53ORH7C1zG3ryiJ7/hQ8rE7Gj4ojrYUwfF0auV9LddlDz+I3D
g3n9Mn025fEYvxKwGRaDxgEx59QIx769eR2wScnUgIskYAMxbBts1HMnjRbqLXwn
ptwu0ElZ4oYSqtlHSm5aX3kz5l6+epigkSwsr2jiy51V6xC5m0Xb7/+MVYkeDtWm
vNVgKQDPN6mSiL6cgXcPEPs8+vjnYr//g5F7c48kTyxqXmGErAhX/w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:27 2025 by rpki-client