Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/plVNlrqtlJToIonboCAqSxyZgg4.roa
File: plVNlrqtlJToIonboCAqSxyZgg4.roa (raw, json)
Hash identifier: 0i1Xt1Rc3/YQnAA0vpiA43hrnegB19sLLRFdhn5h8Uc=
Subject key identifier: A6:55:4D:96:BA:AD:94:94:E8:22:89:DB:A0:20:2A:4B:1C:99:82:0E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190D550C8BC73460B89D80C2EFC181DEF98
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/plVNlrqtlJToIonboCAqSxyZgg4.roa
Signing time: Sun 21 Jul 2024 12:42:39 +0000
ROA not before: Sun 21 Jul 2024 12:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.197.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 12:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d5:50:c8:bc:73:46:0b:89:d8:0c:2e:fc:18:1d:ef:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 21 12:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6554d96baad9494e82289dba0202a4b1c99820e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:09:09:37:5b:6c:24:0a:9f:6b:63:8a:bb:5c:
98:1d:d3:e7:17:f6:93:6a:4f:8b:d8:bd:50:bc:ee:
3b:a1:bb:4b:70:b0:cb:36:cf:0b:d0:63:91:2d:34:
dc:05:6e:7c:8f:76:cb:67:b6:3a:bd:31:ee:2e:f2:
97:c0:52:ff:44:6b:04:a8:8c:5d:5f:0f:3a:8f:ae:
6c:cd:a4:ce:d2:ca:97:b0:ea:48:fa:d3:43:c5:8c:
f9:13:7e:75:c4:d0:03:d0:10:13:43:13:a9:15:39:
91:4e:f5:d6:32:62:da:e1:60:37:9f:7a:e1:6c:a0:
56:d4:0f:66:b5:cc:2b:aa:be:99:cf:69:b3:69:57:
93:38:5c:25:38:b3:48:ae:e6:53:b1:2a:2f:8a:db:
24:16:33:78:ac:ac:3b:84:de:db:a4:21:be:69:88:
eb:b9:18:1d:cc:8c:a6:ec:2c:2d:ef:b5:32:62:13:
2b:c2:05:6b:ae:38:ef:06:2d:4d:7b:cb:95:e5:69:
24:79:f4:ed:ad:3a:76:d4:cf:2f:23:cd:5d:f6:78:
09:9d:e7:dc:91:2f:92:50:cb:a5:2b:2c:f6:dc:d0:
bc:97:c1:76:27:55:ae:60:8c:8b:c4:eb:41:53:b8:
45:0c:ac:eb:19:c8:00:26:b0:e6:3c:a7:01:81:5a:
45:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:55:4D:96:BA:AD:94:94:E8:22:89:DB:A0:20:2A:4B:1C:99:82:0E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/plVNlrqtlJToIonboCAqSxyZgg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.4.0/23
82.152.131.0/24
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
82.163.0.0/24
89.213.197.0/24
109.176.193.0/24
109.176.229.0-109.176.230.255
109.176.244.0/24
212.38.79.0/24
213.130.150.0/23
213.210.63.0/24
213.218.211.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
21:eb:9a:ce:04:58:4f:7e:10:f5:8d:08:cf:45:6a:62:67:84:
ef:df:ac:c5:00:59:12:ba:d9:0a:27:84:04:ca:31:f0:db:af:
3c:05:ce:58:a1:eb:86:42:58:85:ce:f2:2d:f3:08:df:d1:48:
a1:b3:b3:d5:62:8e:d0:29:69:4a:8a:55:0e:74:a2:1b:d5:6f:
38:c4:4a:84:61:ba:29:f4:25:c0:1d:3d:64:cb:ca:6b:6e:81:
39:52:d1:3a:58:a6:45:bb:22:7c:6f:b0:c0:3c:18:30:33:9c:
bc:13:77:37:fe:5f:8a:9a:ec:3d:a6:35:fc:af:a6:b2:d1:68:
6d:fa:35:d4:17:75:9d:78:f9:2e:bb:a7:27:86:eb:5c:88:f9:
6d:26:ec:65:ee:3a:9a:3c:ed:eb:2a:19:68:b4:52:68:81:d1:
7d:70:55:b3:77:ce:6a:86:6f:5f:85:e4:62:cc:08:4c:f0:08:
2a:22:d7:ba:8c:3b:f2:7b:ac:5e:6d:2d:c9:c6:c6:f8:03:2e:
a3:81:5b:6b:bd:dd:1b:96:3e:0c:ca:ce:b2:29:d9:8d:4e:79:
83:ba:de:e3:31:d5:8a:1e:bc:47:5c:11:af:38:00:c2:e4:db:
90:78:42:e8:a3:67:9e:b5:93:f6:88:90:e8:67:d9:85:11:9c:
8e:f1:0d:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZDVUMi8c0YLidgMLvwYHe+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIxMTI0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjU1NGQ5NmJhYWQ5NDk0ZTgyMjg5ZGJhMDIwMmE0YjFjOTk4MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAkJN1tsJAqfa2OKu1yYHdPnF/aT
ak+L2L1QvO47obtLcLDLNs8L0GORLTTcBW58j3bLZ7Y6vTHuLvKXwFL/RGsEqIxd
Xw86j65szaTO0sqXsOpI+tNDxYz5E351xNAD0BATQxOpFTmRTvXWMmLa4WA3n3rh
bKBW1A9mtcwrqr6Zz2mzaVeTOFwlOLNIruZTsSovitskFjN4rKw7hN7bpCG+aYjr
uRgdzIym7Cwt77UyYhMrwgVrrjjvBi1Ne8uV5WkkefTtrTp21M8vI81d9ngJnefc
kS+SUMulKyz23NC8l8F2J1WuYIyLxOtBU7hFDKzrGcgAJrDmPKcBgVpFDwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFKZVTZa6rZSU6CKJ26AgKkscmYIOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcGxWTmxycXRsSlRvSW9uYm9DQXFTeHlaZ2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFGoegME
AVKYBAMEAFKYgwMEAFKZmQMEAFKZnAMEAFKZyAMEAFKjAAMEAFnVxQMEAG2wwTAM
AwQAbbDlAwQAbbDmAwQAbbD0AwQA1CZPAwQB1YKWAwQA1dI/AwQA1drTAwQA1drp
MA0GCSqGSIb3DQEBCwUAA4IBAQAh65rOBFhPfhD1jQjPRWpiZ4Tv36zFAFkSutkK
J4QEyjHw2688Bc5YoeuGQliFzvIt8wjf0Uihs7PVYo7QKWlKilUOdKIb1W84xEqE
Ybop9CXAHT1ky8prboE5UtE6WKZFuyJ8b7DAPBgwM5y8E3c3/l+Kmuw9pjX8r6ay
0Wht+jXUF3WdePkuu6cnhutciPltJuxl7jqaPO3rKhlotFJogdF9cFWzd85qhm9f
heRizAhM8AgqIte6jDvye6xebS3Jxsb4Ay6jgVtrvd0blj4Mys6yKdmNTnmDut7j
MdWKHrxHXBGvOADC5NuQeELoo2eetZP2iJDoZ9mFEZyO8Q22
-----END CERTIFICATE-----
Generated at Sat May 17 02:31:39 2025 by rpki-client