Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/n3CqFI6PUXcEROjLR6yjIsELJNg.roa
File: n3CqFI6PUXcEROjLR6yjIsELJNg.roa (raw, json)
Hash identifier: 6aBQToJ+nivXSlM8Mt9KTvRLKBNzE6sFk5l0QyDL5VE=
Subject key identifier: 9F:70:AA:14:8E:8F:51:77:04:44:E8:CB:47:AC:A3:22:C1:0B:24:D8
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CCA2B0D2DA22CFE84641DFD8E85251C4C
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/n3CqFI6PUXcEROjLR6yjIsELJNg.roa
Signing time: Tue 02 Jan 2024 12:34:28 +0000
ROA not before: Tue 02 Jan 2024 12:34:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206564
IP address blocks: 82.98.80.0/24 maxlen: 32
212.19.40.0/24 maxlen: 32
82.98.90.0/24 maxlen: 24
82.98.91.0/24 maxlen: 32
212.19.48.0/24 maxlen: 32
213.83.48.0/24 maxlen: 32
212.19.47.0/24 maxlen: 32
213.83.52.0/24 maxlen: 24
212.19.61.0/24 maxlen: 24
82.98.105.0/24 maxlen: 32
82.98.126.0/24 maxlen: 24
82.98.127.0/24 maxlen: 24
213.83.1.0/24 maxlen: 32
213.83.5.0/24 maxlen: 32
213.83.17.0/24 maxlen: 32
82.98.67.0/24 maxlen: 32
82.98.78.0/24 maxlen: 32
82.98.74.0/24 maxlen: 32
2a02:2e0:417::/48 maxlen: 48
2a02:2e0:cd4d::/48 maxlen: 48
2a02:2e0:3e8::/48 maxlen: 128
2a02:2e0:1::/48 maxlen: 48
2a02:2e0:41c::/48 maxlen: 128
2a02:2e0:a::/48 maxlen: 48
2a02:2e0:3e5::/48 maxlen: 128
2a02:2e0:fffe::/48 maxlen: 128
2a02:2e0:41b::/48 maxlen: 128
2a02:2e0:3f5::/48 maxlen: 128
2a02:2e0:3ee::/48 maxlen: 128
2a02:2e0:cd4e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 10:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:0d:2d:a2:2c:fe:84:64:1d:fd:8e:85:25:1c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 2 12:34:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f70aa148e8f51770444e8cb47aca322c10b24d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:96:20:2f:22:d8:1c:38:19:f6:56:e9:36:9c:
59:19:cc:6a:83:53:e1:99:b1:13:76:f3:d2:0f:12:
71:37:7a:e1:e4:23:8e:dc:bb:9a:e8:82:a2:91:a5:
fd:85:7f:50:64:60:8a:08:68:dc:3c:ca:e1:72:3d:
92:4c:75:c8:ec:8d:0d:ed:5d:fc:3a:c4:ae:f1:f3:
53:6e:64:de:64:35:bc:5d:6b:7e:8d:ab:4d:1d:b6:
01:8d:05:05:b2:d5:9d:78:d6:7e:56:71:5f:09:09:
b3:19:3e:4d:3f:ed:f8:8a:e3:12:77:81:a0:b9:fd:
1a:e5:93:6e:25:24:3c:15:5d:5b:a1:23:94:7a:0e:
39:b6:21:34:0e:f6:5a:be:6d:71:71:39:c9:56:dd:
16:03:23:98:7b:d2:4a:63:46:d8:47:ee:a3:fb:71:
77:31:8d:87:85:63:9d:a3:04:6d:51:b1:76:0a:03:
30:ee:00:6e:f3:eb:b6:50:41:6b:8c:36:05:71:b2:
95:d9:24:b4:40:0b:c9:0f:c0:f1:32:be:21:41:a2:
80:7e:d9:0a:62:ad:fd:a1:92:d9:67:41:e1:57:29:
64:4d:c6:fe:38:ca:80:ee:a5:d2:17:59:09:52:29:
c1:d8:90:9c:1f:c9:5d:09:6e:de:64:e5:57:d9:8f:
29:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:70:AA:14:8E:8F:51:77:04:44:E8:CB:47:AC:A3:22:C1:0B:24:D8
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/n3CqFI6PUXcEROjLR6yjIsELJNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.67.0/24
82.98.74.0/24
82.98.78.0/24
82.98.80.0/24
82.98.90.0/23
82.98.105.0/24
82.98.126.0/23
212.19.40.0/24
212.19.47.0-212.19.48.255
212.19.61.0/24
213.83.1.0/24
213.83.5.0/24
213.83.17.0/24
213.83.48.0/24
213.83.52.0/24
IPv6:
2a02:2e0:1::/48
2a02:2e0:a::/48
2a02:2e0:3e5::/48
2a02:2e0:3e8::/48
2a02:2e0:3ee::/48
2a02:2e0:3f5::/48
2a02:2e0:417::/48
2a02:2e0:41b::-2a02:2e0:41c:ffff:ffff:ffff:ffff:ffff
2a02:2e0:cd4d::-2a02:2e0:cd4e:ffff:ffff:ffff:ffff:ffff
2a02:2e0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
0f:6b:e1:14:75:fd:5b:7a:5c:f1:38:11:0c:35:98:da:18:7c:
7c:cd:21:c8:6a:a9:a5:0e:06:44:18:e2:4a:64:d5:f2:a0:59:
8a:b8:b0:b3:aa:db:22:73:e2:b2:61:62:74:44:73:c3:39:83:
ea:06:9b:4e:f6:db:5a:ee:1a:92:4e:cc:fd:97:06:cb:f4:cd:
4e:17:74:30:27:ae:24:40:eb:d6:da:f5:96:e3:b5:b9:cc:a9:
d5:de:da:14:28:0d:16:19:a2:76:1d:f2:73:10:9b:23:b7:ba:
5d:52:8a:b7:e7:0d:74:cf:9f:09:c6:47:e2:65:f7:0d:05:cb:
ec:69:11:96:bd:fd:cf:a9:84:b8:92:c7:9f:37:56:6c:c1:82:
53:ca:84:da:8c:51:e2:33:c8:de:f9:e4:66:4a:03:d9:98:94:
59:35:a8:1f:2a:07:fa:c7:c5:2a:da:ab:7c:e2:b1:3b:7f:aa:
39:4f:45:bb:4d:1c:ae:af:4c:ed:a8:33:e1:c0:4d:1c:e2:54:
b0:fd:b5:44:ec:99:fd:28:ee:6c:a4:00:cb:95:04:35:97:40:
2a:19:cc:58:4b:41:8c:b2:78:79:0b:12:02:91:74:41:ef:6e:
c5:00:e1:92:b7:c3:81:5b:a6:80:d7:b1:06:f9:2a:9f:30:98:
50:88:10:f0
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYzKKw0toiz+hGQd/Y6FJRxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTAyMTIzNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjcwYWExNDhlOGY1MTc3MDQ0NGU4Y2I0N2FjYTMyMmMxMGIyNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppYgLyLYHDgZ9lbpNpxZGcxqg1Ph
mbETdvPSDxJxN3rh5COO3Lua6IKikaX9hX9QZGCKCGjcPMrhcj2STHXI7I0N7V38
OsSu8fNTbmTeZDW8XWt+jatNHbYBjQUFstWdeNZ+VnFfCQmzGT5NP+34iuMSd4Gg
uf0a5ZNuJSQ8FV1boSOUeg45tiE0DvZavm1xcTnJVt0WAyOYe9JKY0bYR+6j+3F3
MY2HhWOdowRtUbF2CgMw7gBu8+u2UEFrjDYFcbKV2SS0QAvJD8DxMr4hQaKAftkK
Yq39oZLZZ0HhVylkTcb+OMqA7qXSF1kJUinB2JCcH8ldCW7eZOVX2Y8pJwIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFJ9wqhSOj1F3BEToy0esoyLBCyTYMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvbjNDcUZJNlBVWGNFUk9qTFI2eWpJc0VMSk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jBoBAIAATBiAwQAUmJD
AwQAUmJKAwQAUmJOAwQAUmJQAwQBUmJaAwQAUmJpAwQBUmJ+AwQA1BMoMAwDBADU
Ey8DBADUEzADBADUEz0DBADVUwEDBADVUwUDBADVUxEDBADVUzADBADVUzQwdgQC
AAIwcAMHACoCAuAAAQMHACoCAuAACgMHACoCAuAD5QMHACoCAuAD6AMHACoCAuAD
7gMHACoCAuAD9QMHACoCAuAEFzASAwcAKgIC4AQbAwcAKgIC4AQcMBIDBwAqAgLg
zU0DBwAqAgLgzU4DBwAqAgLg//4wDQYJKoZIhvcNAQELBQADggEBAA9r4RR1/Vt6
XPE4EQw1mNoYfHzNIchqqaUOBkQY4kpk1fKgWYq4sLOq2yJz4rJhYnREc8M5g+oG
m07221ruGpJOzP2XBsv0zU4XdDAnriRA69ba9ZbjtbnMqdXe2hQoDRYZonYd8nMQ
myO3ul1SirfnDXTPnwnGR+Jl9w0Fy+xpEZa9/c+phLiSx583VmzBglPKhNqMUeIz
yN755GZKA9mYlFk1qB8qB/rHxSraq3zisTt/qjlPRbtNHK6vTO2oM+HATRziVLD9
tUTsmf0o7mykAMuVBDWXQCoZzFhLQYyyeHkLEgKRdEHvbsUA4ZK3w4FbpoDXsQb5
Kp8wmFCIEPA=
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:13 2024 by rpki-client on console-ams.rpki-client.org