Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hH2_4ItGcRmcDc4exFXoVWtOC4c.roa
File: hH2_4ItGcRmcDc4exFXoVWtOC4c.roa (raw, json)
Hash identifier: 6D3enOSU8X18+vc4MPUOP3t7xWUUFbMjPej7blvnfxM=
Subject key identifier: 84:7D:BF:E0:8B:46:71:19:9C:0D:CE:1E:C4:55:E8:55:6B:4E:0B:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196B6D58D50998EF3BBF7A6437A295EFA1A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hH2_4ItGcRmcDc4exFXoVWtOC4c.roa
Signing time: Fri 09 May 2025 20:56:10 +0000
ROA not before: Fri 09 May 2025 20:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.203.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 May 2025 20:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b6:d5:8d:50:99:8e:f3:bb:f7:a6:43:7a:29:5e:fa:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 9 20:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=847dbfe08b4671199c0dce1ec455e8556b4e0b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:4c:b1:35:25:fe:29:a2:2c:ae:00:46:dc:
19:1d:fa:a9:fd:70:fc:ed:d9:aa:b7:7f:be:33:0d:
47:75:de:f1:cb:aa:ba:a8:ef:4d:30:e4:9b:a4:1d:
28:80:6d:d7:9e:3b:a0:7b:96:e9:ce:fb:6c:33:89:
72:b0:0b:e8:4f:e2:11:bb:49:2d:3f:a0:5e:d5:87:
e6:7d:12:62:2a:39:cd:74:2e:7e:af:3c:21:d7:a1:
12:3d:ba:20:a6:8f:d9:72:1c:cd:ab:95:50:f0:9c:
51:3b:e6:eb:f8:2d:fe:2b:48:fb:b5:ce:34:47:67:
52:a7:6d:8a:3f:83:a9:ac:84:7f:a3:b4:10:61:c9:
ae:3e:cd:5e:e4:c7:d8:9b:2c:5b:c5:bb:d7:68:d6:
74:55:d6:28:08:e1:45:33:c8:f9:6d:37:14:4d:ea:
f8:1a:eb:46:59:a5:f2:e0:37:cc:c8:cc:49:51:8e:
43:9c:ba:56:3f:8d:aa:8a:dd:9b:5d:55:f4:82:56:
2f:97:2e:bf:f2:d4:f4:2e:d6:d3:c3:67:23:a0:6d:
b5:c4:47:88:d2:3d:29:61:fd:a3:4c:0d:c7:69:bf:
8a:c8:2e:eb:08:b2:6a:97:f9:cb:52:8f:dd:a6:fc:
94:97:3b:c2:fa:a7:f6:c7:8f:aa:32:41:0d:7d:57:
cd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7D:BF:E0:8B:46:71:19:9C:0D:CE:1E:C4:55:E8:55:6B:4E:0B:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hH2_4ItGcRmcDc4exFXoVWtOC4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0/24
82.153.255.0/24
89.213.6.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.212.0/24
89.213.224.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.203.0-109.176.207.255
109.176.242.0/23
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.239.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:8c:43:83:8f:35:f8:d5:d6:68:4e:e5:5c:bc:98:88:6a:1b:
ae:2d:0b:b9:5f:68:f5:91:3f:12:81:fe:82:20:f2:a4:72:1f:
44:27:0e:47:84:bc:08:38:5b:d6:2c:10:b3:e8:ab:f1:fa:b8:
5f:2c:3b:13:aa:be:9b:90:82:a6:9f:02:74:39:87:20:d3:36:
6f:fb:03:50:c2:ed:2a:7f:4c:44:53:be:47:89:4a:d6:0f:8c:
52:4c:a0:22:b5:e1:78:d8:75:d9:73:ea:86:f6:2e:da:ca:e1:
3b:bf:ed:22:d6:1e:31:b4:6e:2c:2e:51:e5:d7:fa:78:2f:6b:
b4:f9:48:4c:95:fd:08:63:3c:b2:9d:e0:95:0f:0d:3d:40:b8:
7f:c5:b5:ce:19:b1:04:cb:16:8c:e0:e9:2a:39:61:21:30:23:
e8:50:ea:fe:d8:03:1e:14:7a:f7:60:4b:ff:cb:d1:e4:4c:95:
7d:4f:b0:70:6a:b5:7e:b3:1b:e7:65:06:f7:1c:f3:c0:d5:da:
ed:15:72:b2:8c:a2:b8:b2:2d:f1:b5:27:14:4b:33:e5:6c:6f:
b0:e3:fc:0d:e0:1e:be:bb:3c:1e:18:39:83:16:a2:1e:72:80:
85:18:59:c4:cf:bf:f3:e4:6c:fe:a2:07:ea:91:51:fc:25:15:
4a:24:25:e0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAZa21Y1QmY7zu/emQ3opXvoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTA5MjA1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdkYmZlMDhiNDY3MTE5OWMwZGNlMWVjNDU1ZTg1NTZiNGUwYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k9MsTUl/imiLK4ARtwZHfqp/XD8
7dmqt3++Mw1Hdd7xy6q6qO9NMOSbpB0ogG3Xnjuge5bpzvtsM4lysAvoT+IRu0kt
P6Be1YfmfRJiKjnNdC5+rzwh16ESPbogpo/ZchzNq5VQ8JxRO+br+C3+K0j7tc40
R2dSp22KP4OprIR/o7QQYcmuPs1e5MfYmyxbxbvXaNZ0VdYoCOFFM8j5bTcUTer4
GutGWaXy4DfMyMxJUY5DnLpWP42qit2bXVX0glYvly6/8tT0LtbTw2cjoG21xEeI
0j0pYf2jTA3Hab+KyC7rCLJql/nLUo/dpvyUlzvC+qf2x4+qMkENfVfNSQIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFIR9v+CLRnEZnA3OHsRV6FVrTguHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaEgyXzRJdEdjUm1jRGM0ZXhGWG9WV3RPQzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEAFKYCAMEAVKYsAMEAFKZRQMEAlKZiAMEAFKZ2QMEAFKZ/wMEAFnVBgMEAVnV
LDAMAwQBWdUyAwQCWdU4AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwDBABZ1ZED
BABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnVqTAMAwQA
WdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cADBABZ1dQD
BABZ1eAwDAMEAlnV5AMEBFnV4AMEA22wEDAMAwQAbbDLAwQEbbDAAwQBbbDyAwQB
uTF+AwQAuWUvAwQEwmlQAwQA1CZPAwQB1CZYAwQC1YKEAwQA1ZgrAwQC1dI0AwQA
1drTAwQA1drvAwQC1dr0MAwDBADZkUEDBADZkUIDBAPZkUgwDQYJKoZIhvcNAQEL
BQADggEBAF6MQ4OPNfjV1mhO5Vy8mIhqG64tC7lfaPWRPxKB/oIg8qRyH0QnDkeE
vAg4W9YsELPoq/H6uF8sOxOqvpuQgqafAnQ5hyDTNm/7A1DC7Sp/TERTvkeJStYP
jFJMoCK14XjYddlz6ob2LtrK4Tu/7SLWHjG0biwuUeXX+ngva7T5SEyV/QhjPLKd
4JUPDT1AuH/Ftc4ZsQTLFozg6So5YSEwI+hQ6v7YAx4UevdgS//L0eRMlX1PsHBq
tX6zG+dlBvcc88DV2u0VcrKMoriyLfG1JxRLM+Vsb7Dj/A3gHr67PB4YOYMWoh5y
gIUYWcTPv/PkbP6iB+qRUfwlFUokJeA=
-----END CERTIFICATE-----
Generated at Sat May 17 02:19:27 2025 by rpki-client