Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Eag6YOFvKjh2X_rJFyVwRDs1Vvs.roa
File: Eag6YOFvKjh2X_rJFyVwRDs1Vvs.roa (raw, json)
Hash identifier: uxtMY52qV39B7Nzk4OsNL7Di5x8eJrTbrWstsyA072k=
Subject key identifier: 11:A8:3A:60:E1:6F:2A:38:76:5F:FA:C9:17:25:70:44:3B:35:56:FB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F3314708376E4354D6E4EC9BD95AC843A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Eag6YOFvKjh2X_rJFyVwRDs1Vvs.roa
Signing time: Wed 01 May 2024 07:35:28 +0000
ROA not before: Wed 01 May 2024 07:35:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.24.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:14:70:83:76:e4:35:4d:6e:4e:c9:bd:95:ac:84:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 1 07:35:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11a83a60e16f2a38765ffac9172570443b3556fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:10:cf:1b:e4:83:29:48:c0:e0:26:4d:41:
11:47:86:50:ae:8a:d5:f7:e6:24:c3:eb:6e:3e:55:
10:ae:2a:da:b1:74:6a:8a:06:2d:35:0f:85:1f:82:
28:2f:d0:97:cc:6f:ef:70:e5:32:6a:eb:23:b9:47:
68:4c:67:b0:bb:5f:2d:81:1b:81:98:e7:a2:45:78:
46:a0:1b:3b:8d:eb:8e:7e:82:b8:9b:e6:5d:ee:f2:
ca:e6:57:54:ee:13:c3:5e:c4:4c:c9:73:09:85:06:
80:33:ea:87:d8:c2:80:7a:cb:a8:bc:03:d2:66:bc:
a9:ab:12:d7:39:cd:fa:ab:e5:5d:b5:26:bf:dd:db:
43:88:29:50:2d:98:05:14:40:87:15:5d:21:ce:70:
72:60:e1:a2:6a:cc:6d:6a:47:a4:35:9a:6e:ca:42:
4d:eb:b9:a1:4e:df:30:db:fb:36:2c:53:c9:cd:ec:
f7:19:30:1e:bd:d8:16:42:9a:5e:4d:2d:e3:a2:f1:
d6:41:52:5a:8f:de:f9:59:b8:d2:88:a7:be:59:a5:
c2:15:a1:69:e9:fd:6d:6f:73:9f:21:df:3c:09:4b:
e3:2d:7e:d5:95:1e:93:a7:eb:05:55:95:51:6b:15:
8a:7a:14:92:9d:68:91:c7:a5:72:f7:75:7c:51:cc:
59:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A8:3A:60:E1:6F:2A:38:76:5F:FA:C9:17:25:70:44:3B:35:56:FB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Eag6YOFvKjh2X_rJFyVwRDs1Vvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
89.213.133.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0-109.176.24.255
185.49.126.0/23
194.105.80.0/20
213.130.149.0/24
213.218.210.0/23
213.218.213.0/24
213.218.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:e5:14:8f:17:b3:0c:86:ab:0b:d8:cc:12:86:3b:c6:a6:91:
65:f1:e0:f8:db:86:ea:d1:f2:ea:4e:31:78:c4:f5:89:16:a8:
f6:b4:ee:0b:83:b0:39:5a:a3:9e:13:ad:de:16:57:30:e9:d7:
f5:03:1d:30:35:49:6a:37:b0:e8:47:c8:cd:29:5a:4a:0f:04:
c6:9b:53:c1:5b:05:3b:bf:e2:24:72:2a:af:fd:57:15:fe:cd:
91:47:1d:aa:b5:85:b1:1a:3c:bc:cc:0b:21:04:0a:f1:da:fc:
37:7d:40:52:29:86:4b:cb:08:8c:28:91:25:41:e4:f8:fa:15:
b3:59:b4:51:a0:94:80:dd:23:28:37:f5:e2:64:d8:aa:ee:24:
1f:b9:69:c5:7a:e6:f2:d7:5b:46:11:6e:f8:1f:ab:1e:36:00:
4e:ae:5e:45:fb:f1:6c:e3:75:ad:c6:2e:c5:20:d3:67:a9:ed:
a4:14:d3:bc:36:5c:e5:f1:1f:fa:e7:9f:1f:66:38:1e:23:59:
1e:56:eb:b6:c6:d1:58:85:18:f1:2e:79:bf:a3:41:24:9b:59:
5e:ce:07:a2:27:6e:c5:0f:ba:0c:92:21:17:08:af:c9:38:34:
fd:8f:cd:f1:b7:90:2c:d3:6b:8f:96:a8:6e:78:62:56:b2:a4:
58:66:20:fb
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY8zFHCDduQ1TW5Oyb2VrIQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMDczNTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWE4M2E2MGUxNmYyYTM4NzY1ZmZhYzkxNzI1NzA0NDNiMzU1NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz4QzxvkgylIwOAmTUERR4ZQrorV
9+Ykw+tuPlUQrirasXRqigYtNQ+FH4IoL9CXzG/vcOUyausjuUdoTGewu18tgRuB
mOeiRXhGoBs7jeuOfoK4m+Zd7vLK5ldU7hPDXsRMyXMJhQaAM+qH2MKAesuovAPS
ZrypqxLXOc36q+VdtSa/3dtDiClQLZgFFECHFV0hznByYOGiasxtakekNZpuykJN
67mhTt8w2/s2LFPJzez3GTAevdgWQppeTS3jovHWQVJaj975WbjSiKe+WaXCFaFp
6f1tb3OfId88CUvjLX7VlR6Tp+sFVZVRaxWKehSSnWiRx6Vy93V8UcxZ3QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBGoOmDhbyo4dl/6yRclcEQ7NVb7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRWFnNllPRnZLamgyWF9ySkZ5VndSRHMxVnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIAwQAUpn1AwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQwDAMEBG2w
EAMEAG2wGAMEAbkxfgMEBMJpUAMEANWClQMEAdXa0gMEANXa1QMEANXa6jANBgkq
hkiG9w0BAQsFAAOCAQEAC+UUjxezDIarC9jMEoY7xqaRZfHg+NuG6tHy6k4xeMT1
iRao9rTuC4OwOVqjnhOt3hZXMOnX9QMdMDVJajew6EfIzSlaSg8ExptTwVsFO7/i
JHIqr/1XFf7NkUcdqrWFsRo8vMwLIQQK8dr8N31AUimGS8sIjCiRJUHk+PoVs1m0
UaCUgN0jKDf14mTYqu4kH7lpxXrm8tdbRhFu+B+rHjYATq5eRfvxbON1rcYuxSDT
Z6ntpBTTvDZc5fEf+uefH2Y4HiNZHlbrtsbRWIUY8S55v6NBJJtZXs4HoiduxQ+6
DJIhFwivyTg0/Y/N8beQLNNrj5aobnhiVrKkWGYg+w==
-----END CERTIFICATE-----
Generated at Sat May 17 02:14:44 2025 by rpki-client