Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rtkBmd2QPciZbcwPMaan23pvgpY.roa
File: rtkBmd2QPciZbcwPMaan23pvgpY.roa (raw, json)
Hash identifier: V84Fe8+q6y/Mt1YQKQWcs1OVNWKNKBntq4TstP2coj0=
Subject key identifier: AE:D9:01:99:DD:90:3D:C8:99:6D:CC:0F:31:A6:A7:DB:7A:6F:82:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01903B36A23DB1082BB3820FEE3841CC8CB5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rtkBmd2QPciZbcwPMaan23pvgpY.roa
Signing time: Fri 21 Jun 2024 14:32:34 +0000
ROA not before: Fri 21 Jun 2024 14:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
81.168.50.0/24 maxlen: 24
82.152.6.0/24 maxlen: 24
82.152.7.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.35.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.97.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.219.0/24 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.239.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.202.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 15:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:36:a2:3d:b1:08:2b:b3:82:0f:ee:38:41:cc:8c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 21 14:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aed90199dd903dc8996dcc0f31a6a7db7a6f8296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:66:98:4d:8f:63:1d:15:28:39:de:6a:6c:
2f:d1:c0:9f:1e:16:fb:09:48:27:a3:77:24:b7:30:
af:21:40:30:1c:1f:09:06:e1:60:95:64:df:4d:43:
2e:b1:b7:e9:ba:52:cb:ab:cb:d2:1a:9b:14:e2:64:
3e:7f:c1:cb:d7:0d:dd:b1:3d:49:2c:e7:38:8f:3a:
8f:17:9f:0f:72:08:f5:2a:46:6e:8c:7e:35:27:21:
e3:3b:ac:76:4c:83:0f:0c:14:49:a9:8c:c3:33:24:
5f:3b:e8:4b:fa:af:1f:f5:b7:21:26:25:1b:9e:04:
a0:17:67:12:4e:a3:ec:a3:b7:ca:e6:f4:a2:53:28:
8d:fd:95:c1:11:57:52:f7:95:31:bf:a1:2f:66:15:
18:ef:fc:ae:e1:35:60:54:44:47:6c:19:6e:c9:0c:
37:1a:9a:a6:96:de:a6:21:d6:c7:72:90:a0:87:96:
0f:27:e9:63:f0:a9:6a:87:98:2e:62:8f:c9:e9:6c:
56:41:76:94:1d:85:df:31:17:cb:e0:0a:10:a3:d9:
22:ce:36:90:e7:bf:7e:f8:13:51:de:24:37:c0:e6:
29:41:51:7f:08:b7:cf:eb:59:36:84:34:bd:99:67:
f3:a8:1c:f4:44:ce:fa:17:df:fc:5f:b2:26:40:74:
e4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D9:01:99:DD:90:3D:C8:99:6D:CC:0F:31:A6:A7:DB:7A:6F:82:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rtkBmd2QPciZbcwPMaan23pvgpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
81.168.50.0/24
82.152.6.0/23
82.152.176.0/23
82.153.35.0/24
82.153.136.0/22
89.213.97.0/24
89.213.134.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.219.0/24
89.213.232.0/21
109.176.16.0/21
109.176.202.0/24
109.176.204.0/22
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.210.0/23
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:99:6e:c9:a8:f0:32:36:8b:38:ea:a4:99:0a:c6:76:c0:9f:
b9:8d:fb:9f:72:f6:43:d4:62:af:18:4b:1f:e2:10:2a:18:6a:
42:3b:9f:0d:0f:f5:e0:95:d5:a2:05:2a:82:06:bf:02:df:3d:
ad:5f:cd:3d:77:e9:09:04:a6:a4:d6:1c:12:e2:f2:55:34:53:
18:91:2e:5d:a8:04:e9:3d:22:bc:f1:55:5f:9d:83:c8:22:29:
ee:bb:fd:48:bf:7f:90:81:98:c4:29:97:1e:a7:c4:f0:03:d7:
73:eb:5e:57:37:03:36:be:a6:53:25:2b:53:a1:b4:ed:89:8c:
51:dc:49:f2:bc:35:3a:e8:29:39:39:03:2e:8a:7b:8e:57:88:
b9:be:fd:7a:4f:86:ef:72:09:a6:c3:5e:33:8e:3f:59:ee:54:
2c:a2:13:00:ec:1a:bb:b5:c2:11:9d:83:5b:21:d9:0a:56:4c:
65:b4:1b:4c:b8:b4:68:a6:67:28:e0:ae:61:cb:51:1e:1b:3a:
99:4e:f4:59:88:8c:30:ed:c2:22:f9:02:95:9a:10:3d:87:34:
56:dc:11:46:e7:a6:68:cf:1d:27:e2:8e:9a:f3:8b:6c:f7:6c:
13:ec:2a:e6:68:b1:fa:fe:73:b8:f9:ee:76:4c:35:fd:fd:50:
9d:93:b2:60
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZA7NqI9sQgrs4IP7jhBzIy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIxMTQzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ5MDE5OWRkOTAzZGM4OTk2ZGNjMGYzMWE2YTdkYjdhNmY4Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0RmmE2PYx0VKDneamwv0cCfHhb7
CUgno3cktzCvIUAwHB8JBuFglWTfTUMusbfpulLLq8vSGpsU4mQ+f8HL1w3dsT1J
LOc4jzqPF58Pcgj1KkZujH41JyHjO6x2TIMPDBRJqYzDMyRfO+hL+q8f9bchJiUb
ngSgF2cSTqPso7fK5vSiUyiN/ZXBEVdS95Uxv6EvZhUY7/yu4TVgVERHbBluyQw3
Gpqmlt6mIdbHcpCgh5YPJ+lj8Klqh5guYo/J6WxWQXaUHYXfMRfL4AoQo9kizjaQ
579++BNR3iQ3wOYpQVF/CLfP61k2hDS9mWfzqBz0RM76F9/8X7ImQHTkhwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFK7ZAZndkD3ImW3MDzGmp9t6b4KWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcnRrQm1kMlFQY2laYmN3UE1hYW4yM3B2Z3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAl
/BsDBABRqDIDBAFSmAYDBAFSmLADBABSmSMDBAJSmYgDBABZ1WEDBABZ1YYwDAME
AlnVlAMEBVnVgAMEAlnVrDAMAwQCWdXEAwQEWdXAAwQAWdXbAwQDWdXoAwQDbbAQ
AwQAbbDKAwQCbbDMAwQBuTF+AwQEwmlQAwQB1CZYAwQB1drSAwQA1dr5MA0GCSqG
SIb3DQEBCwUAA4IBAQB9mW7JqPAyNos46qSZCsZ2wJ+5jfufcvZD1GKvGEsf4hAq
GGpCO58ND/XgldWiBSqCBr8C3z2tX809d+kJBKak1hwS4vJVNFMYkS5dqATpPSK8
8VVfnYPIIinuu/1Iv3+QgZjEKZcep8TwA9dz615XNwM2vqZTJStTobTtiYxR3Eny
vDU66Ck5OQMuinuOV4i5vv16T4bvcgmmw14zjj9Z7lQsohMA7Bq7tcIRnYNbIdkK
VkxltBtMuLRopmco4K5hy1EeGzqZTvRZiIww7cIi+QKVmhA9hzRW3BFG56Zozx0n
4o6a84ts92wT7CrmaLH6/nO4+e52TDX9/VCdk7Jg
-----END CERTIFICATE-----
Generated at Sat May 17 02:17:10 2025 by rpki-client