Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JEiMZfFm4_WzcrT9AMQy7ytQ7CY.roa
File: JEiMZfFm4_WzcrT9AMQy7ytQ7CY.roa (raw, json)
Hash identifier: 4s2/TxawP1ZYp3UQh0uS7waZ0zDm0NL7c3Ixf7LRFlY=
Subject key identifier: 24:48:8C:65:F1:66:E3:F5:B3:72:B4:FD:00:C4:32:EF:2B:50:EC:26
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194140414420AFAE189685D999066A7CA08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JEiMZfFm4_WzcrT9AMQy7ytQ7CY.roa
Signing time: Sun 29 Dec 2024 20:03:19 +0000
ROA not before: Sun 29 Dec 2024 20:03:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Dec 2024 20:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:14:04:14:42:0a:fa:e1:89:68:5d:99:90:66:a7:ca:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 29 20:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24488c65f166e3f5b372b4fd00c432ef2b50ec26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ed:f0:30:37:cc:ab:1d:8d:bc:d7:33:c7:44:
f4:ea:d7:1a:3d:c6:a3:20:a7:0c:7a:86:a5:ed:d4:
9e:ae:d9:0c:4f:0a:ed:8e:a9:87:40:8f:75:e9:be:
72:9c:b8:d2:b5:0a:d0:bf:d4:9e:58:c5:13:86:87:
85:ab:b7:b0:e0:e7:4f:44:08:df:75:bf:70:a5:2b:
b1:e7:d5:6f:38:ee:43:a0:27:91:42:b4:2a:5b:0d:
e0:36:ef:ee:9d:36:0d:c8:94:12:52:2f:17:2d:81:
5e:5b:85:c5:ff:3c:21:78:ca:97:e9:60:36:48:6b:
8d:5e:f9:d7:8d:6c:7c:15:4a:1a:19:62:92:30:5a:
f8:38:18:6a:e1:82:e2:36:0e:5f:1b:d5:28:85:f9:
a0:14:3d:64:62:18:e2:f8:3e:da:01:8c:bd:81:e7:
ba:4d:7d:b9:2c:03:d8:ee:d6:ed:ae:b4:1c:21:6d:
29:b2:26:28:97:96:c5:a7:91:1e:7d:79:ad:5d:1e:
35:74:a6:90:c6:f4:16:ec:07:21:db:07:c1:9f:2c:
d1:f9:e6:11:0c:6a:c2:7e:77:47:e6:fb:41:46:61:
d9:c5:7b:1d:e1:8e:c9:7c:63:01:84:be:4a:96:78:
ae:c4:36:d0:d5:19:82:9e:40:96:8d:05:86:0e:f5:
b5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:48:8C:65:F1:66:E3:F5:B3:72:B4:FD:00:C4:32:EF:2B:50:EC:26
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JEiMZfFm4_WzcrT9AMQy7ytQ7CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:3d:4e:95:8f:46:2c:44:9a:fe:74:54:c6:08:b4:8b:29:e9:
84:94:09:3c:9b:5b:09:94:8b:45:19:c2:b7:e7:51:df:63:ed:
8e:33:1d:c8:64:bc:48:61:4c:14:64:29:ca:18:0b:be:82:8b:
79:b9:29:39:82:dc:00:4a:ca:e5:8d:95:2d:ff:66:ea:4d:ad:
99:0f:c5:71:6c:7c:bc:27:b8:25:fe:4f:88:5a:fc:fa:bc:82:
47:18:fc:58:53:2c:ab:52:ca:e3:f1:b1:6a:ff:4a:47:fe:9a:
9f:b7:db:7c:10:6c:27:e2:06:67:48:0d:cf:08:e6:cd:f7:1d:
e5:b3:c1:5f:8c:d2:c9:01:00:db:20:1c:97:41:5e:60:9c:b5:
2e:99:20:ed:07:38:6f:11:b5:81:2c:0f:20:c2:68:a3:15:c1:
4a:cc:3f:0c:09:e4:6c:a5:e3:bc:a6:53:66:a2:2e:ab:41:96:
4c:37:c1:42:40:5f:25:49:47:d9:d6:2e:49:02:33:93:73:a7:
91:3a:96:fe:2f:fe:9a:1f:97:cf:c8:d1:ce:eb:f4:cf:fb:c2:
30:ee:cb:55:f7:9b:5f:d3:0c:8e:da:ad:74:5f:7c:99:ab:a9:
08:d1:61:26:3e:a9:8c:32:6a:00:39:cf:99:4e:5f:19:9d:c3:
45:12:8c:6e
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZQUBBRCCvrhiWhdmZBmp8oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjI5MjAwMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ4OGM2NWYxNjZlM2Y1YjM3MmI0ZmQwMGM0MzJlZjJiNTBlYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+3wMDfMqx2NvNczx0T06tcaPcaj
IKcMeoal7dSertkMTwrtjqmHQI916b5ynLjStQrQv9SeWMUThoeFq7ew4OdPRAjf
db9wpSux59VvOO5DoCeRQrQqWw3gNu/unTYNyJQSUi8XLYFeW4XF/zwheMqX6WA2
SGuNXvnXjWx8FUoaGWKSMFr4OBhq4YLiNg5fG9UohfmgFD1kYhji+D7aAYy9gee6
TX25LAPY7tbtrrQcIW0psiYol5bFp5EefXmtXR41dKaQxvQW7Ach2wfBnyzR+eYR
DGrCfndH5vtBRmHZxXsd4Y7JfGMBhL5KlniuxDbQ1RmCnkCWjQWGDvW1WQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFCRIjGXxZuP1s3K0/QDEMu8rUOwmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSkVpTVpmRm00X1d6Y3JUOUFNUXk3eXRRN0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWkAwQAWdWn
AwQCWdWsAwQAWdW/MAwDBAJZ1cQDBARZ1cADBABZ1dQwDAMEAlnV5AMEBFnV4AME
A22wEAMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEAtXSNAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQBNPU6V
j0YsRJr+dFTGCLSLKemElAk8m1sJlItFGcK351HfY+2OMx3IZLxIYUwUZCnKGAu+
got5uSk5gtwASsrljZUt/2bqTa2ZD8VxbHy8J7gl/k+IWvz6vIJHGPxYUyyrUsrj
8bFq/0pH/pqft9t8EGwn4gZnSA3PCObN9x3ls8FfjNLJAQDbIByXQV5gnLUumSDt
BzhvEbWBLA8gwmijFcFKzD8MCeRspeO8plNmoi6rQZZMN8FCQF8lSUfZ1i5JAjOT
c6eROpb+L/6aH5fPyNHO6/TP+8Iw7stV95tf0wyO2q10X3yZq6kI0WEmPqmMMmoA
Oc+ZTl8ZncNFEoxu
-----END CERTIFICATE-----
Generated at Sat May 17 02:25:44 2025 by rpki-client