Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zO706jvjQyFkhwQsyuQK805Y__4.roa
File: zO706jvjQyFkhwQsyuQK805Y__4.roa (raw, json)
Hash identifier: alFvVSHW6xVdzDYYzHa6sahEoMik+XI3fwwY1XlH6kg=
Subject key identifier: CC:EE:F4:EA:3B:E3:43:21:64:87:04:2C:CA:E4:0A:F3:4E:58:FF:FE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01937200BA1D9DEEC876AF21E0DE24B5F0CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zO706jvjQyFkhwQsyuQK805Y__4.roa
Signing time: Thu 28 Nov 2024 09:01:10 +0000
ROA not before: Thu 28 Nov 2024 09:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.152.176.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.226.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 09:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:00:ba:1d:9d:ee:c8:76:af:21:e0:de:24:b5:f0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 28 09:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cceef4ea3be343216487042ccae40af34e58fffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:cb:66:81:8f:2d:58:6a:c5:b9:52:8c:df:
b8:0f:c4:f3:94:39:02:23:5f:92:56:8c:0e:3b:b7:
b6:7d:76:40:86:43:24:04:a8:44:04:c5:a3:28:50:
66:62:d4:d2:51:d2:1c:45:7d:95:d9:43:00:5a:8e:
2c:5b:ed:6a:46:87:21:33:05:fe:a6:4a:5c:16:1a:
f7:3f:c0:77:8a:ab:47:66:d0:83:97:a2:e4:db:ab:
b9:19:7d:6b:0b:fd:a3:8d:54:27:54:fe:89:f2:53:
f0:50:6e:cd:aa:7e:5f:11:5f:6c:63:d6:c3:b7:fc:
c8:ec:39:4c:07:38:e2:63:30:92:94:bd:83:86:9d:
21:8e:ab:99:75:26:82:78:01:ea:e4:fe:5f:9e:2b:
c3:a9:09:f3:4e:7e:35:62:a7:db:68:2e:8b:21:bc:
9a:cd:77:a3:d8:ae:a5:e5:db:7f:a2:82:09:d5:4c:
20:7e:8a:31:95:e0:8c:46:12:56:22:be:b9:e8:e0:
59:68:fc:f6:73:76:46:4b:c1:27:03:44:d3:61:e9:
cb:2e:df:8a:c2:9c:e2:07:f8:ef:ee:7c:4d:a7:04:
59:d1:44:54:53:cc:1f:7c:f5:8e:ad:eb:a0:89:a4:
59:48:b0:2b:40:fd:88:f7:bc:75:2e:b5:6e:ff:3f:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EE:F4:EA:3B:E3:43:21:64:87:04:2C:CA:E4:0A:F3:4E:58:FF:FE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zO706jvjQyFkhwQsyuQK805Y__4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/24
82.153.255.0/24
82.163.10.0/23
89.213.127.0/24
89.213.226.0/24
109.176.14.0/24
109.176.30.0/24
109.176.208.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
60:0d:4a:ed:60:a0:a1:48:0b:c3:fe:e0:a5:fa:1f:ce:eb:41:
f2:ec:95:42:7c:34:c2:78:02:75:68:e8:1e:40:1a:d4:87:a7:
15:d9:fc:84:3e:e6:21:4b:d7:31:a2:bf:13:d4:71:84:12:3c:
1d:99:81:f8:9f:12:3e:09:55:ff:58:65:22:a3:dc:5e:6a:c1:
04:59:d8:d2:99:f7:0c:43:c7:fe:46:b5:ee:2f:72:d0:e2:76:
c5:b2:a3:41:0d:17:b9:5b:bf:c1:76:7c:1b:d0:b9:4e:08:5d:
f2:d5:fe:65:b9:15:79:b5:13:75:de:92:06:ac:af:1e:75:24:
a2:78:34:be:3d:6a:8a:6b:d8:81:5c:17:76:d7:64:07:fa:1b:
0b:55:6a:fd:3a:ae:c7:d8:07:35:4e:bf:9a:2f:5e:c8:75:3c:
ee:fa:17:b2:7c:6c:fe:e3:f1:7a:7c:0e:9e:16:60:7c:3f:6c:
f3:3b:77:4f:93:07:e0:1b:ea:88:49:f4:75:28:68:bc:37:37:
56:1c:42:f8:dc:75:7c:63:ee:22:a6:c7:12:f2:ab:f3:fd:ee:
d9:34:f7:f5:53:4f:8e:98:5f:5e:2a:d6:aa:72:04:05:da:bd:
66:24:7e:65:8e:f5:1f:dd:d5:ca:2d:e8:81:66:14:f2:a5:56:
34:83:56:bd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNyALodne7Idq8h4N4ktfDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI4MDkwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2VlZjRlYTNiZTM0MzIxNjQ4NzA0MmNjYWU0MGFmMzRlNThmZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HHLZoGPLVhqxblSjN+4D8TzlDkC
I1+SVowOO7e2fXZAhkMkBKhEBMWjKFBmYtTSUdIcRX2V2UMAWo4sW+1qRochMwX+
pkpcFhr3P8B3iqtHZtCDl6Lk26u5GX1rC/2jjVQnVP6J8lPwUG7Nqn5fEV9sY9bD
t/zI7DlMBzjiYzCSlL2Dhp0hjquZdSaCeAHq5P5fnivDqQnzTn41YqfbaC6LIbya
zXej2K6l5dt/ooIJ1UwgfooxleCMRhJWIr656OBZaPz2c3ZGS8EnA0TTYenLLt+K
wpziB/jv7nxNpwRZ0URUU8wffPWOreugiaRZSLArQP2I97x1LrVu/z/ArQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMzu9Oo740MhZIcELMrkCvNOWP/+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvek83MDZqdmpReUZraHdRc3l1UUs4MDVZX180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUpiwAwQA
Upn/AwQBUqMKAwQAWdV/AwQAWdXiAwQAbbAOAwQAbbAeAwQAbbDQAwQA1dr4MA0G
CSqGSIb3DQEBCwUAA4IBAQBgDUrtYKChSAvD/uCl+h/O60Hy7JVCfDTCeAJ1aOge
QBrUh6cV2fyEPuYhS9cxor8T1HGEEjwdmYH4nxI+CVX/WGUio9xeasEEWdjSmfcM
Q8f+RrXuL3LQ4nbFsqNBDRe5W7/Bdnwb0LlOCF3y1f5luRV5tRN13pIGrK8edSSi
eDS+PWqKa9iBXBd212QH+hsLVWr9Oq7H2Ac1Tr+aL17IdTzu+heyfGz+4/F6fA6e
FmB8P2zzO3dPkwfgG+qISfR1KGi8NzdWHEL43HV8Y+4ipscS8qvz/e7ZNPf1U0+O
mF9eKtaqcgQF2r1mJH5ljvUf3dXKLeiBZhTypVY0g1a9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:03 2025 by rpki-client