Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3H0SfHN8W41b0CKKV-Ne4VNUfrs.roa
File: 3H0SfHN8W41b0CKKV-Ne4VNUfrs.roa (raw, json)
Hash identifier: d+1ZyQVWtdQKuuUrrl2mkCdlf/gZXmwyxLsfH7VnGps=
Subject key identifier: DC:7D:12:7C:73:7C:5B:8D:5B:D0:22:8A:57:E3:5E:E1:53:54:7E:BB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193ABBB5B48D80124E469D70C3EF114869B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3H0SfHN8W41b0CKKV-Ne4VNUfrs.roa
Signing time: Mon 09 Dec 2024 14:03:22 +0000
ROA not before: Mon 09 Dec 2024 14:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.153.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 11:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:bb:5b:48:d8:01:24:e4:69:d7:0c:3e:f1:14:86:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 14:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc7d127c737c5b8d5bd0228a57e35ee153547ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:e7:ad:87:ce:c2:cb:45:94:b2:73:9e:14:
eb:56:3c:fc:73:32:eb:8b:f2:1c:b9:c0:f2:b5:9b:
fc:b5:1a:02:11:ba:17:6a:d0:90:dd:0c:ee:52:0e:
09:45:a6:91:5d:07:38:75:24:9d:4d:e9:ae:20:ac:
ad:51:b3:d9:03:d3:24:cf:d2:b2:8e:93:60:78:68:
24:23:7c:46:42:18:b7:f7:80:26:36:e9:4a:d9:ea:
c0:b7:f1:fd:26:df:bb:df:2e:69:95:d0:e3:e1:0b:
9f:70:af:02:4f:02:70:e0:07:b5:70:5a:ee:83:e9:
10:0d:e3:bf:9c:29:7b:14:99:25:41:bb:04:86:f2:
14:9d:1d:3b:d4:d5:77:94:e5:ca:e3:58:78:50:1d:
4a:46:ae:40:25:23:93:91:ef:47:89:85:37:cc:af:
c4:9f:e2:39:34:21:bf:1f:c7:60:32:f7:5a:c6:16:
39:6e:14:f7:03:6b:34:7d:0f:6a:cc:18:67:2e:73:
4d:8a:8d:58:ae:ca:fb:3d:4b:7a:d8:03:3b:4d:5e:
33:61:4d:ea:b2:cc:4a:97:4b:a1:7a:d1:58:de:96:
e7:5a:53:82:08:78:58:4d:59:aa:c9:5e:00:e8:b7:
c1:38:14:c6:f4:d6:88:dd:64:0a:1d:e0:ff:15:6c:
7a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7D:12:7C:73:7C:5B:8D:5B:D0:22:8A:57:E3:5E:E1:53:54:7E:BB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3H0SfHN8W41b0CKKV-Ne4VNUfrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.153.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
39:31:40:68:1b:cb:02:69:88:b5:3c:4b:e5:07:be:20:e5:06:
fe:3a:6e:46:9a:23:f2:76:60:76:74:d2:dd:8e:c6:5c:52:21:
73:1e:2b:80:7f:12:6d:b9:c2:23:c6:12:50:ef:d7:3f:e7:ce:
f2:b3:09:8d:0d:dc:cc:88:0c:30:af:d1:9c:c4:28:53:e1:19:
3c:71:e9:af:fc:27:77:67:d8:57:4f:4a:52:e9:2f:ca:54:f1:
ab:58:e3:21:b2:4a:00:d8:21:de:d2:d3:81:cb:63:45:0d:e2:
ae:e0:10:c8:c5:73:8f:f9:e6:52:af:d6:1e:09:3b:e2:6f:23:
77:96:28:79:a1:04:7f:9b:10:41:43:be:a6:c9:d6:2f:68:51:
76:4f:2a:f5:3f:a9:7a:58:e3:fd:0d:a3:48:75:1c:6b:22:9e:
8c:37:65:3a:d0:ab:d9:68:73:9a:f9:c9:67:95:7f:a3:62:20:
77:e7:ee:ab:43:5d:b3:56:8b:42:83:78:cf:56:17:0a:b4:dd:
bf:35:fe:f9:39:72:ac:0b:e0:31:b4:96:ce:d3:73:54:b1:e5:
82:19:b9:62:d5:1d:e6:82:e2:99:c0:50:0b:01:d8:e9:b1:07:
c6:ec:bc:91:f4:6c:17:f0:46:18:37:de:f1:e8:7d:a0:a8:35:
87:7e:1f:4b
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZOru1tI2AEk5GnXDD7xFIabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA5MTQwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdkMTI3YzczN2M1YjhkNWJkMDIyOGE1N2UzNWVlMTUzNTQ3ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYLnrYfOwstFlLJznhTrVjz8czLr
i/IcucDytZv8tRoCEboXatCQ3QzuUg4JRaaRXQc4dSSdTemuIKytUbPZA9Mkz9Ky
jpNgeGgkI3xGQhi394AmNulK2erAt/H9Jt+73y5pldDj4QufcK8CTwJw4Ae1cFru
g+kQDeO/nCl7FJklQbsEhvIUnR071NV3lOXK41h4UB1KRq5AJSOTke9HiYU3zK/E
n+I5NCG/H8dgMvdaxhY5bhT3A2s0fQ9qzBhnLnNNio1Yrsr7PUt62AM7TV4zYU3q
ssxKl0uhetFY3pbnWlOCCHhYTVmqyV4A6LfBOBTG9NaI3WQKHeD/FWx6TQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFNx9EnxzfFuNW9AiilfjXuFTVH67MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM0gwU2ZITjhXNDFiMENLS1YtTmU0Vk5VZnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1YEDBABZ1YQDBABZ
1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWnAwQCWdWs
AwQAWdW/MAwDBAJZ1cQDBARZ1cAwDAMEAlnV5AMEBFnV4AMEA22wEAMEAm2wzAME
AW2w8gMEAbkxfgMEBMJpUAMEANQmTwMEAdQmWAMEANWCmQMEAtXSNAMEANXa0zAM
AwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQA5MUBoG8sCaYi1
PEvlB74g5Qb+Om5GmiPydmB2dNLdjsZcUiFzHiuAfxJtucIjxhJQ79c/587yswmN
DdzMiAwwr9GcxChT4Rk8cemv/Cd3Z9hXT0pS6S/KVPGrWOMhskoA2CHe0tOBy2NF
DeKu4BDIxXOP+eZSr9YeCTvibyN3lih5oQR/mxBBQ76mydYvaFF2Tyr1P6l6WOP9
DaNIdRxrIp6MN2U60KvZaHOa+clnlX+jYiB35+6rQ12zVotCg3jPVhcKtN2/Nf75
OXKsC+AxtJbO03NUseWCGbli1R3mguKZwFALAdjpsQfG7LyR9GwX8EYYN97x6H2g
qDWHfh9L
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:41:04 2025 by rpki-client