Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zjpZgmXZClbjdHirXhTDW5FzrC4.roa
File: zjpZgmXZClbjdHirXhTDW5FzrC4.roa (raw, json)
Hash identifier: jglu+17E5SghKhctxVvqWAAhiU2KAfa31xLK6rsTpP8=
Subject key identifier: CE:3A:59:82:65:D9:0A:56:E3:74:78:AB:5E:14:C3:5B:91:73:AC:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194CB371218ADD42DBC25DF7232F571C560
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zjpZgmXZClbjdHirXhTDW5FzrC4.roa
Signing time: Mon 03 Feb 2025 09:49:31 +0000
ROA not before: Mon 03 Feb 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.196.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 12:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:37:12:18:ad:d4:2d:bc:25:df:72:32:f5:71:c5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 3 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce3a598265d90a56e37478ab5e14c35b9173ac2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:93:39:02:ab:a3:c7:d6:ab:e1:a6:b6:49:
99:36:05:89:32:52:37:86:e4:63:3c:88:18:2f:62:
7a:76:5f:c2:4d:4c:c9:d9:95:2b:81:7f:b2:b3:61:
e3:41:e1:82:76:8e:b5:3c:de:8b:6b:30:1a:3a:09:
f9:84:32:e4:e4:97:c0:d7:cd:ce:a5:57:10:fa:eb:
3a:03:35:ea:c5:60:66:3a:a6:bd:4c:a5:1f:9f:3e:
93:a2:8f:aa:7b:63:b6:22:aa:21:66:b3:aa:63:94:
b9:2b:7c:9c:0f:dc:b1:d9:cd:c5:2a:4a:94:38:8b:
e9:7a:d0:7b:49:86:11:98:80:96:3a:5f:99:ba:be:
ca:6a:87:04:69:27:1d:8e:53:27:87:e5:1f:4b:62:
94:ac:65:46:59:63:b4:d9:50:0d:38:32:58:a5:b4:
0c:15:d7:a5:8f:64:28:cc:55:f3:7a:2f:18:34:f1:
a9:34:76:ca:5b:25:0f:41:fe:07:cb:92:91:bb:f2:
2e:3e:19:77:d8:1e:db:4f:01:f7:56:44:24:7d:f9:
f0:75:f8:26:de:19:f6:a5:76:58:91:a0:6b:93:79:
cf:75:21:ca:1d:0c:4e:ed:8e:43:20:65:57:c8:4f:
b8:38:49:fe:46:aa:ea:2c:bb:6d:36:6d:69:60:86:
4e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3A:59:82:65:D9:0A:56:E3:74:78:AB:5E:14:C3:5B:91:73:AC:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zjpZgmXZClbjdHirXhTDW5FzrC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.69.0/24
82.153.136.0/22
82.153.222.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:5f:e5:a7:f8:4e:01:d8:8a:ac:2f:c2:ce:e1:8d:41:9e:01:
8c:25:f8:0d:00:3f:0c:ff:76:3a:b1:7e:bd:93:2b:f9:7b:46:
50:01:5c:eb:84:ce:fe:4b:bb:85:b1:9f:d6:0c:43:51:2a:57:
80:da:f6:86:e1:7d:0f:93:8f:c2:1a:03:c7:d8:a4:45:18:bc:
71:7a:13:85:2e:93:80:94:3f:0d:74:b9:02:96:9a:cb:67:87:
96:17:c4:53:8f:c6:95:0b:10:10:dc:fb:f3:99:ec:2d:50:a0:
05:25:86:de:32:d6:3a:b0:dc:68:bf:5b:1b:e9:81:23:2f:c9:
73:be:25:92:71:03:02:6c:e8:62:81:9a:4e:35:da:1d:da:f4:
41:67:21:a4:58:04:46:42:86:07:d2:49:86:39:57:db:ac:4b:
53:c8:39:ca:1b:c4:d3:06:11:36:65:d4:23:0f:8e:1b:58:5c:
b2:78:91:e0:70:17:b1:63:4d:eb:a1:95:d9:41:86:47:62:56:
34:b8:3b:fc:79:14:43:c3:70:72:8f:b7:e4:d9:fb:5c:d7:9c:
de:c0:d4:ea:d0:8d:8a:bf:7e:0d:4a:8f:d4:cf:fb:68:1b:15:
0f:c7:f3:f1:3d:e7:ff:5f:6b:e1:e0:ec:07:36:4f:af:9c:ae:
88:d7:f1:28
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZTLNxIYrdQtvCXfcjL1ccVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjAzMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNhNTk4MjY1ZDkwYTU2ZTM3NDc4YWI1ZTE0YzM1YjkxNzNhYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIqTOQKro8fWq+GmtkmZNgWJMlI3
huRjPIgYL2J6dl/CTUzJ2ZUrgX+ys2HjQeGCdo61PN6LazAaOgn5hDLk5JfA183O
pVcQ+us6AzXqxWBmOqa9TKUfnz6Too+qe2O2IqohZrOqY5S5K3ycD9yx2c3FKkqU
OIvpetB7SYYRmICWOl+Zur7KaocEaScdjlMnh+UfS2KUrGVGWWO02VANODJYpbQM
Fdelj2QozFXzei8YNPGpNHbKWyUPQf4Hy5KRu/IuPhl32B7bTwH3VkQkffnwdfgm
3hn2pXZYkaBrk3nPdSHKHQxO7Y5DIGVXyE+4OEn+RqrqLLttNm1pYIZO4QIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFM46WYJl2QpW43R4q14Uw1uRc6wuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvempwWmdtWFpDbGJqZEhpclhoVERXNUZ6ckM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFKYCAMEAVKYsAMEAFKZMgMEAFKZRQMEAlKZiAMEAFKZ3gMEAFKZ8wMEAVnV
LAMEAVnVMgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQA
WdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnV
qwMEBFnVoAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eAD
BANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBADVmCsD
BALV0jQDBADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOC
AQEALV/lp/hOAdiKrC/CzuGNQZ4BjCX4DQA/DP92OrF+vZMr+XtGUAFc64TO/ku7
hbGf1gxDUSpXgNr2huF9D5OPwhoDx9ikRRi8cXoThS6TgJQ/DXS5Apaay2eHlhfE
U4/GlQsQENz785nsLVCgBSWG3jLWOrDcaL9bG+mBIy/Jc74lknEDAmzoYoGaTjXa
Hdr0QWchpFgERkKGB9JJhjlX26xLU8g5yhvE0wYRNmXUIw+OG1hcsniR4HAXsWNN
66GV2UGGR2JWNLg7/HkUQ8Nwco+35Nn7XNec3sDU6tCNir9+DUqP1M/7aBsVD8fz
8T3n/19r4eDsBzZPr5yuiNfxKA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:39 2025 by rpki-client