Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AyZIzR9JkD-KcdDFYBQfTLml6ds.roa
File: AyZIzR9JkD-KcdDFYBQfTLml6ds.roa (raw, json)
Hash identifier: kHTGjUBi7os4+nmDdB6iLRivpGu1rL4A7ZSJ8AGG0AE=
Subject key identifier: 03:26:48:CD:1F:49:90:3F:8A:71:D0:C5:60:14:1F:4C:B9:A5:E9:DB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906DB778519CC675A4BC0B9252EF773428
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AyZIzR9JkD-KcdDFYBQfTLml6ds.roa
Signing time: Mon 01 Jul 2024 09:54:18 +0000
ROA not before: Mon 01 Jul 2024 09:54:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
89.213.248.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.25.0/24 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.48.0/23 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 16:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:b7:78:51:9c:c6:75:a4:bc:0b:92:52:ef:77:34:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 1 09:54:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=032648cd1f49903f8a71d0c560141f4cb9a5e9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:21:97:f8:62:f8:6e:73:a2:ec:e4:cc:7c:bf:
e0:fe:a3:f9:3d:35:6e:b1:14:84:1e:90:a7:c3:51:
91:a5:01:a7:59:85:42:42:f3:ea:f3:33:93:4a:8f:
e8:51:b1:86:1c:df:07:db:9e:56:80:d0:e2:ba:f5:
93:9f:8e:84:91:96:0c:12:5a:4d:d8:4d:76:58:f4:
b8:a0:8b:48:d5:42:c1:5f:3d:d1:0a:0d:7a:fd:df:
ca:d8:84:44:a2:e4:79:45:f5:22:7c:65:b3:94:41:
3b:55:a4:35:e5:1d:83:14:40:7b:47:41:64:87:50:
8a:30:4b:9b:30:28:e6:82:06:79:03:b6:b0:91:9c:
87:1b:6e:de:cc:6c:13:0b:da:e3:a7:8d:bc:f0:b9:
82:bd:e8:bf:ad:51:2b:ff:b7:57:0d:84:1c:ff:bd:
8a:b4:10:67:aa:d7:dd:36:fa:45:3b:63:8e:bb:83:
91:a1:08:1e:34:45:7f:ee:b4:95:a8:ed:f0:26:45:
75:bd:26:f1:3b:2d:61:e4:b0:95:67:ba:47:56:9c:
8c:67:9f:2b:ef:8b:96:22:fb:68:19:6c:39:4b:6d:
f2:71:67:10:b2:85:29:82:a1:9a:bb:1b:92:4e:25:
29:61:ee:b8:4c:af:36:5e:0e:60:ee:a1:70:81:a5:
1d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:26:48:CD:1F:49:90:3F:8A:71:D0:C5:60:14:1F:4C:B9:A5:E9:DB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AyZIzR9JkD-KcdDFYBQfTLml6ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.52.0/23
82.152.55.0/24
89.213.248.0/23
109.176.25.0/24
213.210.40.0/23
213.210.48.0/23
213.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ae:6c:39:fc:81:5a:51:c7:ef:57:d4:4f:0a:62:10:47:42:
9b:89:04:a4:6a:4e:1f:d7:54:73:40:7c:eb:49:70:df:24:d9:
da:94:02:5c:d4:d7:34:77:2b:16:23:6c:59:b2:bd:c6:c3:07:
bd:c4:4a:90:55:2e:40:67:2e:e7:d5:91:1b:91:80:34:26:03:
60:32:b4:34:42:66:2c:cd:d9:3e:a2:af:d6:32:54:5e:5a:9b:
8d:cc:97:0e:69:0d:3e:0e:cc:56:72:6a:40:aa:00:bc:4f:57:
ce:10:0b:50:5d:58:e1:3f:ec:9d:ef:a5:ff:ea:c0:4c:10:b8:
99:b5:4f:36:c2:a3:db:e9:6e:ae:dc:f3:5f:51:e8:d3:fb:ac:
26:07:11:cf:c8:b9:42:b8:d8:a9:ee:75:7e:e7:89:18:61:65:
5d:d7:01:18:62:25:19:5d:cd:62:7c:97:96:a6:d1:66:e0:14:
eb:18:9a:19:6e:30:47:98:ae:34:30:fc:2d:8a:99:04:b7:59:
d4:01:9a:01:9d:41:5e:3e:a4:42:cf:e8:b3:f8:6c:59:03:74:
c7:de:e7:fe:e4:d2:a7:1a:a4:c1:37:c9:02:29:83:09:6f:5b:
86:3a:4f:d0:a3:65:06:08:f4:ff:7c:44:75:24:36:07:81:50:
45:98:80:aa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZBtt3hRnMZ1pLwLklLvdzQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzAxMDk1NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI2NDhjZDFmNDk5MDNmOGE3MWQwYzU2MDE0MWY0Y2I5YTVlOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+SGX+GL4bnOi7OTMfL/g/qP5PTVu
sRSEHpCnw1GRpQGnWYVCQvPq8zOTSo/oUbGGHN8H255WgNDiuvWTn46EkZYMElpN
2E12WPS4oItI1ULBXz3RCg16/d/K2IREouR5RfUifGWzlEE7VaQ15R2DFEB7R0Fk
h1CKMEubMCjmggZ5A7awkZyHG27ezGwTC9rjp4288LmCvei/rVEr/7dXDYQc/72K
tBBnqtfdNvpFO2OOu4ORoQgeNEV/7rSVqO3wJkV1vSbxOy1h5LCVZ7pHVpyMZ58r
74uWIvtoGWw5S23ycWcQsoUpgqGauxuSTiUpYe64TK82Xg5g7qFwgaUdxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAMmSM0fSZA/inHQxWAUH0y5penbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXlaSXpSOUprRC1LY2RERllCUWZUTG1sNmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUpg0AwQA
Upg3AwQBWdX4AwQAbbAZAwQB1dIoAwQB1dIwAwQA1driMA0GCSqGSIb3DQEBCwUA
A4IBAQALrmw5/IFaUcfvV9RPCmIQR0KbiQSkak4f11RzQHzrSXDfJNnalAJc1Nc0
dysWI2xZsr3Gwwe9xEqQVS5AZy7n1ZEbkYA0JgNgMrQ0QmYszdk+oq/WMlReWpuN
zJcOaQ0+DsxWcmpAqgC8T1fOEAtQXVjhP+yd76X/6sBMELiZtU82wqPb6W6u3PNf
UejT+6wmBxHPyLlCuNip7nV+54kYYWVd1wEYYiUZXc1ifJeWptFm4BTrGJoZbjBH
mK40MPwtipkEt1nUAZoBnUFePqRCz+iz+GxZA3TH3uf+5NKnGqTBN8kCKYMJb1uG
Ok/Qo2UGCPT/fER1JDYHgVBFmICq
-----END CERTIFICATE-----
Generated at Sat May 17 02:21:24 2025 by rpki-client