Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4g-Rhpn3MvIn71SU1QidPhjajFU.roa
File: 4g-Rhpn3MvIn71SU1QidPhjajFU.roa (raw, json)
Hash identifier: lZxxjdod0GwdeuSDwBtAL2Mpeu5qNi+vy9Y8FpyuhJo=
Subject key identifier: E2:0F:91:86:99:F7:32:F2:27:EF:54:94:D5:08:9D:3E:18:DA:8C:55
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01963B3CECDBC8BFF83D524B8F7E3B6E6418
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4g-Rhpn3MvIn71SU1QidPhjajFU.roa
Signing time: Tue 15 Apr 2025 20:56:10 +0000
ROA not before: Tue 15 Apr 2025 20:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 20:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3b:3c:ec:db:c8:bf:f8:3d:52:4b:8f:7e:3b:6e:64:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 15 20:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e20f918699f732f227ef5494d5089d3e18da8c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:7e:f8:14:dd:52:39:49:9b:b1:76:c5:fd:
f5:3d:4a:1a:6a:e7:b7:47:cb:88:fd:82:43:e3:77:
23:87:16:64:e0:41:25:c9:b3:e3:49:b2:8b:dd:50:
a0:2d:94:14:49:31:9c:48:c0:00:d2:16:57:1e:2c:
9d:e4:93:70:a6:7c:3a:f5:73:8d:32:01:77:27:62:
f8:74:3c:ea:97:59:75:5c:eb:1c:69:f2:64:2a:8f:
f4:56:f1:42:7e:4b:22:55:13:e5:a4:df:4d:a8:7e:
e3:10:56:f8:48:cc:92:2f:34:f5:a2:8e:67:89:b6:
c1:b0:3b:36:e5:f7:d1:f6:7a:3e:b8:4c:b5:1d:3d:
63:18:5d:3d:2a:8b:ac:9e:d2:c3:48:25:24:92:56:
e0:29:4b:6b:72:6a:1e:82:1c:0b:55:3c:f3:0f:62:
68:ec:d8:b6:d6:4b:08:8f:fe:b5:35:a1:a5:cf:ba:
ca:12:47:7e:5e:ab:22:93:68:86:46:5f:f7:12:90:
09:42:20:06:a5:0d:e8:0a:0e:66:6b:1e:7f:5c:c2:
e1:d4:68:38:4f:28:41:57:a2:ee:3c:4a:c4:28:74:
59:36:3b:ea:5b:b7:10:15:4f:9d:ad:a3:dc:49:eb:
65:02:7c:72:f7:8d:43:13:f0:76:06:19:da:ae:e7:
d4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0F:91:86:99:F7:32:F2:27:EF:54:94:D5:08:9D:3E:18:DA:8C:55
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4g-Rhpn3MvIn71SU1QidPhjajFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0-82.153.218.255
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.210.62.0/24
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
98:bf:5f:f4:f1:f4:a2:a6:a5:9d:16:0b:bf:7d:d6:c6:b3:78:
10:36:c7:c2:20:ad:84:a1:63:89:31:df:cd:e9:77:63:b5:70:
a6:7b:9b:45:35:5e:94:a9:d7:8f:68:f4:c8:44:18:1d:07:15:
79:51:84:b2:7e:e1:b7:8e:c1:4e:0d:c0:69:63:9b:c3:ed:b5:
ff:14:99:42:54:fa:e4:ae:a1:d7:ea:e5:8c:ad:43:27:80:8d:
66:1b:30:e9:d2:a2:0f:39:3f:71:75:bf:12:77:26:4d:08:98:
ec:f5:db:57:02:73:ff:ae:e1:fb:78:29:f6:a7:44:83:f2:85:
db:0b:2f:e7:0e:84:57:96:53:4e:2a:6a:b3:bd:ee:7e:f4:59:
45:35:15:1c:71:70:d8:7d:89:a0:71:4d:47:6c:e4:b1:ce:f5:
18:f5:b4:19:f4:0d:38:46:81:27:28:d5:a8:8d:67:aa:16:af:
0f:e2:57:b8:8b:d6:05:15:b4:b3:d1:25:22:91:b1:f4:8d:c0:
26:c4:6a:ad:52:a4:c5:f5:62:64:8c:13:94:9a:3e:37:7f:4f:
74:b0:fe:7a:32:ac:a4:a7:9d:0d:ef:95:16:40:f0:af:14:c6:
92:94:46:cf:af:fd:e0:c0:cb:ea:b3:07:f0:be:96:50:fa:fd:
d3:e0:9b:89
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAZY7POzbyL/4PVJLj347bmQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDE1MjA1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjBmOTE4Njk5ZjczMmYyMjdlZjU0OTRkNTA4OWQzZTE4ZGE4YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXJ++BTdUjlJm7F2xf31PUoaaue3
R8uI/YJD43cjhxZk4EElybPjSbKL3VCgLZQUSTGcSMAA0hZXHiyd5JNwpnw69XON
MgF3J2L4dDzql1l1XOscafJkKo/0VvFCfksiVRPlpN9NqH7jEFb4SMySLzT1oo5n
ibbBsDs25ffR9no+uEy1HT1jGF09KousntLDSCUkklbgKUtrcmoeghwLVTzzD2Jo
7Ni21ksIj/61NaGlz7rKEkd+Xqsik2iGRl/3EpAJQiAGpQ3oCg5max5/XMLh1Gg4
TyhBV6LuPErEKHRZNjvqW7cQFU+draPcSetlAnxy941DE/B2BhnarufUDwIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFOIPkYaZ9zLyJ+9UlNUInT4Y2oxVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNGctUmhwbjNNdkluNzFTVTFRaWRQaGphakZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAFKYCAMEAFKYgwMEAVKYsAMEAFKZRQMEAlKZiDAMAwQAUpnZAwQAUpnaAwQA
UpnzAwQBWdUsMAwDBAFZ1TIDBAJZ1TgDBABZ1X8DBABZ1YEDBABZ1YQDBABZ1YsD
BABZ1Y8wDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWkAwQA
WdWnAwQAWdWpMAwDBABZ1asDBABZ1bADBABZ1bUDBABZ1bcDBABZ1b8wDAMEAlnV
xAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQAbbDBAwQCbbDMAwQBbbDyAwQA
bbD8AwQBuTF+AwQAuWUvAwQEwmlQAwQA1CZPAwQB1CZYAwQC1YKEAwQA1ZgrAwQC
1dI0AwQA1dI+AwQA1drTAwQA1driMAwDBALV2vQDBADV2vgwDAMEANmRQQMEANmR
QgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAmL9f9PH0oqalnRYLv33WxrN4EDbH
wiCthKFjiTHfzel3Y7VwpnubRTVelKnXj2j0yEQYHQcVeVGEsn7ht47BTg3AaWOb
w+21/xSZQlT65K6h1+rljK1DJ4CNZhsw6dKiDzk/cXW/EncmTQiY7PXbVwJz/67h
+3gp9qdEg/KF2wsv5w6EV5ZTTipqs73ufvRZRTUVHHFw2H2JoHFNR2zksc71GPW0
GfQNOEaBJyjVqI1nqhavD+JXuIvWBRW0s9ElIpGx9I3AJsRqrVKkxfViZIwTlJo+
N39PdLD+ejKspKedDe+VFkDwrxTGkpRGz6/94MDL6rMH8L6WUPr90+CbiQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:56:49 2025 by rpki-client