Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4q-DhLoyi6-4krzZTnTFS5OvGN8.roa
File: 4q-DhLoyi6-4krzZTnTFS5OvGN8.roa (raw, json)
Hash identifier: Em9F0eEqIZ6anj9ftWcP9CZQ96+TY0kXZ6YaF9cXHFY=
Subject key identifier: E2:AF:83:84:BA:32:8B:AF:B8:92:BC:D9:4E:74:C5:4B:93:AF:18:DF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FBFB5059300EF38D865DD116856D7BF51
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4q-DhLoyi6-4krzZTnTFS5OvGN8.roa
Signing time: Tue 28 May 2024 14:57:42 +0000
ROA not before: Tue 28 May 2024 14:57:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.16.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:b5:05:93:00:ef:38:d8:65:dd:11:68:56:d7:bf:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 28 14:57:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2af8384ba328bafb892bcd94e74c54b93af18df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ca:d8:5d:30:e4:0d:2c:a9:a3:6a:ef:4f:54:
70:c4:99:42:7f:94:81:69:13:89:df:1a:69:1c:7a:
12:80:c9:e3:d7:a2:c9:25:2c:98:e7:8a:14:c8:c6:
14:1c:99:0a:ff:7a:00:a6:1c:88:b0:6f:e9:1d:d5:
93:87:f0:d6:2e:b3:aa:9e:77:76:76:e1:a4:60:7f:
0a:68:c9:f0:dd:be:ad:15:2e:26:6e:69:fb:06:4c:
01:24:2f:0e:eb:72:1a:63:52:d5:f7:47:31:2c:27:
cd:16:b5:2c:2a:01:b3:99:c2:85:cd:cc:cd:3c:44:
2f:1f:1b:74:92:41:42:2e:3a:1e:86:f6:05:3d:22:
3b:05:63:53:9f:b3:ea:93:38:b1:c8:4b:13:0d:9b:
0c:3f:64:23:7f:3a:a9:c1:5c:b2:c8:fd:19:7a:74:
26:c2:e3:58:bf:44:52:82:77:dc:01:da:1a:34:f6:
85:cd:b8:61:61:e7:20:1d:1e:61:a3:e1:bc:79:65:
93:67:4a:70:7a:ee:12:9b:7d:d8:8d:fc:93:4a:a0:
23:eb:20:32:6c:47:c0:41:59:75:83:20:f9:16:01:
5c:ff:19:4b:5c:82:27:75:df:79:8e:7c:92:ae:76:
e7:ef:a9:75:d7:86:18:90:b7:e7:49:32:c8:79:fd:
ee:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AF:83:84:BA:32:8B:AF:B8:92:BC:D9:4E:74:C5:4B:93:AF:18:DF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4q-DhLoyi6-4krzZTnTFS5OvGN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:51:cc:a8:5e:a1:ea:ca:cc:2f:46:bc:38:44:2f:f3:dc:bc:
33:50:5e:8a:2e:a8:75:f0:f6:2d:55:22:c5:e1:e3:7d:ec:a7:
a1:e4:72:18:91:d7:28:2f:df:63:a3:97:4f:d9:d0:e7:9b:4e:
a4:92:77:a5:cc:60:fb:ba:a4:13:0c:65:db:dc:f1:6a:bc:f6:
f5:2c:a0:e6:c4:6f:ec:aa:45:a4:3a:a8:d0:0d:22:20:4a:eb:
f1:b6:e4:64:b8:4e:fc:d1:6c:36:a6:f2:c8:6a:fb:24:08:f7:
54:70:d1:11:a8:f6:a1:11:10:b6:f7:99:b2:e8:10:22:37:89:
c2:d2:07:02:8b:29:68:0e:be:01:f5:ef:8b:93:44:f3:3a:45:
46:84:e8:5f:d0:28:3a:7a:ff:68:1a:e9:7c:4f:b0:2d:6a:3c:
ab:4d:95:0f:27:4b:fd:52:a5:f6:23:a9:e0:32:ce:a7:20:87:
40:88:00:cb:c9:72:a0:2f:01:d1:fb:0a:77:6e:ee:d0:6a:ff:
5c:3e:c6:1b:57:82:1e:c9:95:b6:ed:27:10:4e:d0:fd:0e:21:
69:f5:1f:d7:e5:69:cd:46:14:d4:76:34:c1:a0:aa:31:5d:36:
f7:08:c8:36:bc:cd:ce:a8:0b:dc:ad:67:5e:b1:57:25:74:c9:
ff:ae:30:7d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY+/tQWTAO842GXdEWhW179RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI4MTQ1NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFmODM4NGJhMzI4YmFmYjg5MmJjZDk0ZTc0YzU0YjkzYWYxOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsrYXTDkDSypo2rvT1RwxJlCf5SB
aROJ3xppHHoSgMnj16LJJSyY54oUyMYUHJkK/3oAphyIsG/pHdWTh/DWLrOqnnd2
duGkYH8KaMnw3b6tFS4mbmn7BkwBJC8O63IaY1LV90cxLCfNFrUsKgGzmcKFzczN
PEQvHxt0kkFCLjoehvYFPSI7BWNTn7PqkzixyEsTDZsMP2QjfzqpwVyyyP0ZenQm
wuNYv0RSgnfcAdoaNPaFzbhhYecgHR5ho+G8eWWTZ0pweu4Sm33YjfyTSqAj6yAy
bEfAQVl1gyD5FgFc/xlLXIIndd95jnySrnbn76l114YYkLfnSTLIef3ugwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFOKvg4S6MouvuJK82U50xUuTrxjfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNHEtRGhMb3lpNi00a3J6WlRuVEZTNU92R044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBUpiwAwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV6AMEA22w
EAMEAbkxfgMEBMJpUAMEAdQmWAMEAdXa0jANBgkqhkiG9w0BAQsFAAOCAQEAO1HM
qF6h6srML0a8OEQv89y8M1Beii6odfD2LVUixeHjfeynoeRyGJHXKC/fY6OXT9nQ
55tOpJJ3pcxg+7qkEwxl29zxarz29Syg5sRv7KpFpDqo0A0iIErr8bbkZLhO/NFs
NqbyyGr7JAj3VHDREaj2oREQtveZsugQIjeJwtIHAospaA6+AfXvi5NE8zpFRoTo
X9AoOnr/aBrpfE+wLWo8q02VDydL/VKl9iOp4DLOpyCHQIgAy8lyoC8B0fsKd27u
0Gr/XD7GG1eCHsmVtu0nEE7Q/Q4hafUf1+VpzUYU1HY0waCqMV029wjINrzNzqgL
3K1nXrFXJXTJ/64wfQ==
-----END CERTIFICATE-----
Generated at Sat May 17 02:22:47 2025 by rpki-client