Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2D03Oeape3ABTmUOeZ6m-neLhhU.roa
File: 2D03Oeape3ABTmUOeZ6m-neLhhU.roa (raw, json)
Hash identifier: gdrDyOXO4BiH6YszAR83yMTM4CdEVi2PY9Lj89O9Z+o=
Subject key identifier: D8:3D:37:39:E6:A9:7B:70:01:4E:65:0E:79:9E:A6:FA:77:8B:86:15
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196900CA830D08F62E5C7A0656447A7FDE5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2D03Oeape3ABTmUOeZ6m-neLhhU.roa
Signing time: Fri 02 May 2025 08:11:10 +0000
ROA not before: Fri 02 May 2025 08:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 80.240.86.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.203.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.76.0/22 maxlen: 22
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.130.135.0/24 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 18:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:0c:a8:30:d0:8f:62:e5:c7:a0:65:64:47:a7:fd:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 2 08:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d83d3739e6a97b70014e650e799ea6fa778b8615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:22:40:fd:73:a1:d5:4f:0f:a4:49:78:13:44:
f7:d0:94:bf:7b:db:58:e9:8d:0c:8a:42:28:a4:ad:
d5:4d:00:77:84:50:8b:a4:d0:0e:64:78:a4:94:06:
76:15:82:25:3a:4e:7c:86:69:c6:63:d2:1f:4c:36:
96:84:24:1b:35:e8:cf:88:ff:c0:8e:4c:8d:2c:ee:
5c:86:c9:63:14:52:dc:95:ef:32:4d:a0:50:81:64:
3e:ae:88:d6:4d:ec:84:8d:58:9f:09:c1:19:78:e4:
3e:e5:25:a2:ac:cf:6e:18:28:89:37:a1:90:d9:02:
4c:b3:0d:7d:ba:18:f7:fe:91:d8:a1:5c:51:3e:f0:
11:43:44:d0:73:47:6d:25:2d:96:e4:2c:ff:52:62:
e3:f3:47:d4:03:6e:fe:99:b4:fa:c4:89:9c:bd:88:
44:f0:6d:1f:81:4d:72:37:5c:43:02:e7:7f:79:0d:
1f:27:8f:8b:11:54:8f:51:76:c9:50:af:bd:f6:9b:
28:5f:97:be:2d:1d:45:ac:31:ae:ac:3c:55:09:32:
70:fd:e9:ab:cd:4a:84:39:68:46:2b:de:49:7d:0a:
92:1f:f1:eb:b6:e0:fb:30:9f:8e:44:60:28:e2:64:
b9:90:b7:13:39:a3:e7:f5:e8:bd:68:ba:b4:92:40:
cd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3D:37:39:E6:A9:7B:70:01:4E:65:0E:79:9E:A6:FA:77:8B:86:15
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2D03Oeape3ABTmUOeZ6m-neLhhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.152.8.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0/24
82.153.255.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.224.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.203.0-109.176.207.255
109.176.242.0/23
185.49.126.0/23
185.101.47.0/24
194.105.76.0-194.105.95.255
212.38.79.0/24
212.38.81.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.41.0/24
213.210.52.0/22
213.218.211.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
05:eb:4e:5b:04:aa:2a:16:64:95:c5:25:d6:c1:dc:d7:27:bb:
03:4c:cf:28:45:18:64:32:01:f2:3c:d6:a4:ed:5d:5c:0a:f4:
f9:9f:5e:eb:cf:5a:2c:fa:5b:37:d7:38:ce:b2:43:a9:45:fd:
f5:b7:8e:3e:81:fc:1d:73:59:df:6f:bb:81:56:ef:3f:99:06:
3a:83:87:42:3f:ba:14:34:52:d2:d5:fa:0f:d5:dd:7a:44:66:
40:75:8a:7c:4a:e4:3b:0b:6c:44:a8:a6:1f:e3:90:bb:55:d7:
ce:1f:36:13:1d:d7:41:f4:9c:1d:7d:37:1a:d2:b6:23:07:9c:
32:2e:1a:c3:ae:f0:ab:2a:ed:bc:1d:3c:83:15:f5:29:40:5b:
67:bd:bb:f7:2c:3c:40:6e:44:a1:80:b5:dc:60:e9:6d:48:1f:
dd:e8:7f:dd:a1:2b:3f:6c:76:67:de:18:d9:c2:98:b3:5e:1c:
73:66:9b:9d:af:45:43:f6:cf:d5:89:0c:86:d9:d8:a9:06:4b:
24:1d:29:78:cf:a4:62:13:de:ec:74:f8:2c:69:13:57:b3:3d:
fd:98:a0:fd:82:4a:6d:1f:7e:8f:63:7b:f8:22:ea:97:fa:15:
5e:70:bf:aa:8a:26:12:5c:cb:7a:ff:e7:34:ba:62:a2:f4:d8:
c9:67:e7:7e
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZaQDKgw0I9i5cegZWRHp/3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTAyMDgxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNkMzczOWU2YTk3YjcwMDE0ZTY1MGU3OTllYTZmYTc3OGI4NjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SJA/XOh1U8PpEl4E0T30JS/e9tY
6Y0MikIopK3VTQB3hFCLpNAOZHiklAZ2FYIlOk58hmnGY9IfTDaWhCQbNejPiP/A
jkyNLO5chsljFFLcle8yTaBQgWQ+rojWTeyEjVifCcEZeOQ+5SWirM9uGCiJN6GQ
2QJMsw19uhj3/pHYoVxRPvARQ0TQc0dtJS2W5Cz/UmLj80fUA27+mbT6xImcvYhE
8G0fgU1yN1xDAud/eQ0fJ4+LEVSPUXbJUK+99psoX5e+LR1FrDGurDxVCTJw/emr
zUqEOWhGK95JfQqSH/HrtuD7MJ+ORGAo4mS5kLcTOaPn9ei9aLq0kkDNTwIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFNg9NznmqXtwAU5lDnmepvp3i4YVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkQwM09lYXBlM0FCVG1VT2VaNm0tbmVMaGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAFDwVgMEAFKYCAMEAVKYsAMEAFKZRQMEAlKZiAMEAFKZ2QMEAFKZ/wMEAVnV
LDAMAwQBWdUyAwQCWdU4AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwDBABZ1ZED
BABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnVqTAMAwQA
WdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cADBABZ1dQD
BABZ1eAwDAMEAlnV5AMEBFnV4AMEA22wEDAMAwQAbbDLAwQEbbDAAwQBbbDyAwQB
uTF+AwQAuWUvMAwDBALCaUwDBAXCaUADBADUJk8DBADUJlEDBAHUJlgDBALVgoQD
BADVmCsDBADV0ikDBALV0jQDBADV2tMwDAMEAtXa9AMEANXa+DAMAwQA2ZFBAwQA
2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQAF605bBKoqFmSVxSXWwdzXJ7sD
TM8oRRhkMgHyPNak7V1cCvT5n17rz1os+ls31zjOskOpRf31t44+gfwdc1nfb7uB
Vu8/mQY6g4dCP7oUNFLS1foP1d16RGZAdYp8SuQ7C2xEqKYf45C7VdfOHzYTHddB
9JwdfTca0rYjB5wyLhrDrvCrKu28HTyDFfUpQFtnvbv3LDxAbkShgLXcYOltSB/d
6H/doSs/bHZn3hjZwpizXhxzZpudr0VD9s/ViQyG2dipBkskHSl4z6RiE97sdPgs
aRNXsz39mKD9gkptH36PY3v4IuqX+hVecL+qiiYSXMt6/+c0umKi9NjJZ+d+
-----END CERTIFICATE-----
Generated at Sat May 17 02:17:59 2025 by rpki-client