Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pCoT2FgfwxDQIaYDehKPvNRfIZM.roa
File: pCoT2FgfwxDQIaYDehKPvNRfIZM.roa (raw, json)
Hash identifier: cyEE2p2KaLsCgMcZ0a8qeUc3a65n/PNSyDU45F9h1PE=
Subject key identifier: A4:2A:13:D8:58:1F:C3:10:D0:21:A6:03:7A:12:8F:BC:D4:5F:21:93
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01954D0EF3AD2B3C43518708EA9338A42A78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pCoT2FgfwxDQIaYDehKPvNRfIZM.roa
Signing time: Fri 28 Feb 2025 14:56:20 +0000
ROA not before: Fri 28 Feb 2025 14:56:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.224.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 14:58:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:0e:f3:ad:2b:3c:43:51:87:08:ea:93:38:a4:2a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 28 14:56:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a42a13d8581fc310d021a6037a128fbcd45f2193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:25:2a:66:dc:7a:df:07:bb:fa:00:b2:8d:
13:36:df:72:cd:d4:22:c2:05:a2:5e:f8:ab:f2:d2:
90:8a:9f:71:30:a9:80:89:ba:4d:02:24:fa:7f:7c:
51:a6:66:74:20:86:bc:94:aa:13:71:da:1d:b2:b0:
77:37:97:a1:4b:e9:f8:c6:19:06:9f:79:e9:7c:74:
9f:fd:83:0e:63:78:6e:a1:bd:f5:34:17:dc:dc:91:
cf:c5:45:69:10:38:15:c8:98:9c:21:38:6f:64:5c:
45:79:f7:88:37:4a:96:54:e1:f0:aa:39:aa:9d:92:
d1:ae:7c:ec:15:b9:86:b3:f2:8c:85:fb:a7:bf:d2:
6d:81:9d:0d:59:51:8f:f0:d4:cd:dc:c3:e7:46:2c:
a0:df:69:a6:32:7d:3c:f5:8c:da:10:2e:aa:d3:36:
7b:f0:19:2e:8e:b3:8b:04:83:c5:eb:f8:f6:ad:2d:
fc:be:38:8a:cc:26:27:0a:f0:4e:ee:b1:b3:7b:d9:
fb:05:65:0e:10:ee:88:ea:5c:83:0c:f2:37:d2:ad:
bf:e5:c3:20:08:c5:da:90:36:83:74:9e:23:87:44:
98:21:f1:3c:e0:e4:cf:ef:2a:83:53:d9:d6:0a:aa:
23:e4:35:36:8c:b9:7e:42:7e:c0:4f:2a:a0:9e:f7:
d3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2A:13:D8:58:1F:C3:10:D0:21:A6:03:7A:12:8F:BC:D4:5F:21:93
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pCoT2FgfwxDQIaYDehKPvNRfIZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.224.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.215.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
99:a3:4c:82:0e:87:a3:ea:1f:23:ef:7c:69:cb:65:2a:df:28:
8b:8f:cc:67:8b:85:19:93:3b:a8:f0:c5:e7:cf:59:f7:a2:fc:
7e:6e:13:cd:0b:d9:a5:f1:5c:14:1f:57:c4:18:e8:d6:e6:50:
14:63:3f:e3:61:cd:9f:95:ff:34:8a:02:e3:dd:e6:e7:2b:29:
7d:fe:19:39:9d:5d:f0:65:95:1e:8f:9b:4b:9c:e4:44:4d:2f:
36:9a:e7:71:41:34:95:d9:11:df:ea:4a:7b:9c:28:45:b9:95:
ec:7c:fb:2f:e7:3c:05:e3:a6:11:71:78:df:81:04:6a:76:97:
77:83:dd:4f:a6:ba:80:73:e1:51:e3:bd:0c:0a:7c:ae:a1:c8:
e7:dc:6e:fb:f8:18:3a:44:e9:9a:3a:8b:0b:a7:de:47:fe:af:
ce:2d:16:bb:51:11:51:3d:0b:c5:af:3f:54:6c:91:32:19:9d:
29:03:e0:4d:fc:12:db:f1:a5:32:03:63:e3:da:ad:fe:38:9c:
f4:09:d7:4a:07:e7:ea:73:d2:c3:a5:cb:07:1e:31:c8:f2:c0:
e4:ab:e2:6c:a0:c4:06:bb:80:56:e6:01:23:37:06:bc:fe:80:
d7:00:17:d9:d6:08:4b:73:34:9f:dc:8e:e9:17:60:28:30:02:
61:ec:d0:c5
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZVNDvOtKzxDUYcI6pM4pCp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI4MTQ1NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJhMTNkODU4MWZjMzEwZDAyMWE2MDM3YTEyOGZiY2Q0NWYyMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3UlKmbcet8Hu/oAso0TNt9yzdQi
wgWiXvir8tKQip9xMKmAibpNAiT6f3xRpmZ0IIa8lKoTcdodsrB3N5ehS+n4xhkG
n3npfHSf/YMOY3huob31NBfc3JHPxUVpEDgVyJicIThvZFxFefeIN0qWVOHwqjmq
nZLRrnzsFbmGs/KMhfunv9JtgZ0NWVGP8NTN3MPnRiyg32mmMn089YzaEC6q0zZ7
8BkujrOLBIPF6/j2rS38vjiKzCYnCvBO7rGze9n7BWUOEO6I6lyDDPI30q2/5cMg
CMXakDaDdJ4jh0SYIfE84OTP7yqDU9nWCqoj5DU2jLl+Qn7ATyqgnvfTDwIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFKQqE9hYH8MQ0CGmA3oSj7zUXyGTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcENvVDJGZ2Z3eERRSWFZRGVoS1B2TlJmSVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ4AMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBAD
BAJtsMwDBAFtsPIDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8DBAHUJlgDBADVmCsD
BALV0jQDBADV2tMDBADV2tcwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0B
AQsFAAOCAQEAmaNMgg6Ho+ofI+98actlKt8oi4/MZ4uFGZM7qPDF589Z96L8fm4T
zQvZpfFcFB9XxBjo1uZQFGM/42HNn5X/NIoC493m5yspff4ZOZ1d8GWVHo+bS5zk
RE0vNprncUE0ldkR3+pKe5woRbmV7Hz7L+c8BeOmEXF434EEanaXd4PdT6a6gHPh
UeO9DAp8rqHI59xu+/gYOkTpmjqLC6feR/6vzi0Wu1ERUT0Lxa8/VGyRMhmdKQPg
TfwS2/GlMgNj49qt/jic9AnXSgfn6nPSw6XLBx4xyPLA5KvibKDEBruAVuYBIzcG
vP6A1wAX2dYIS3M0n9yO6RdgKDACYezQxQ==
-----END CERTIFICATE-----
Generated at Sat May 17 02:29:15 2025 by rpki-client