Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZqbwhYMy1pMJO95NVfaL89qHoI.roa
File: AZqbwhYMy1pMJO95NVfaL89qHoI.roa (raw, json)
Hash identifier: Gml2p94jtKQBxRgNZxB5iwIcu2apa47SDt0z+TxD6Pc=
Subject key identifier: 01:9A:9B:C2:16:0C:CB:5A:4C:24:EF:79:35:57:DA:2F:CF:6A:1E:82
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F816E5CF6B7CD3E9ABB3C5E1282C8726B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZqbwhYMy1pMJO95NVfaL89qHoI.roa
Signing time: Thu 16 May 2024 12:44:04 +0000
ROA not before: Thu 16 May 2024 12:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.97.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.253.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.59.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:6e:5c:f6:b7:cd:3e:9a:bb:3c:5e:12:82:c8:72:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 16 12:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=019a9bc2160ccb5a4c24ef793557da2fcf6a1e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:9a:2c:03:c6:c3:fb:22:67:30:83:02:6a:e0:
b4:38:bd:63:1a:21:f8:c7:bd:88:71:98:ce:46:9d:
72:72:fe:df:77:c8:0a:01:02:05:7e:8f:20:5f:16:
c6:2d:29:a1:44:46:b4:fc:0d:b3:99:8f:34:8c:38:
95:c2:1e:65:01:f0:17:26:63:3d:dd:a1:db:2f:a8:
0b:e9:03:d9:3b:71:ce:80:3f:c5:a5:fc:e8:eb:68:
3d:3a:cc:50:5f:f5:34:87:be:49:52:2b:a2:0c:47:
40:b2:99:87:af:8b:08:89:75:87:96:8f:95:c2:b5:
3c:a4:9f:1c:b9:92:96:3b:12:5c:63:e1:e2:8a:97:
33:4f:fa:97:6f:7a:70:a9:13:ef:e6:3b:d7:51:c3:
8d:8e:78:17:b1:67:f5:96:a2:e9:17:53:4f:4e:a4:
8f:0c:44:24:16:e8:c0:ab:2e:ce:e1:65:4b:22:63:
ac:b1:4b:76:1d:34:0c:08:85:43:29:ff:e7:db:ad:
e4:91:80:b6:50:12:78:6d:6b:df:2c:7c:f9:4a:88:
fa:4e:31:35:38:bf:df:4a:2e:0a:04:4a:2e:97:53:
27:a7:0b:17:09:ff:0e:70:f9:34:84:fd:ab:38:53:
1e:82:a0:44:eb:62:8e:e2:de:1f:5b:c5:9b:78:fc:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9A:9B:C2:16:0C:CB:5A:4C:24:EF:79:35:57:DA:2F:CF:6A:1E:82
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AZqbwhYMy1pMJO95NVfaL89qHoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
89.213.97.0-89.213.98.255
89.213.148.0-89.213.159.255
89.213.172.0/22
109.176.16.0/21
109.176.253.0/24
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.210.59.0/24
213.218.210.0/23
213.218.213.0/24
213.218.227.0/24
213.218.231.0/24
213.218.249.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9d:0f:51:9f:51:02:27:12:4f:be:ec:9b:7e:81:6b:88:cc:
7e:21:84:c1:99:ab:fb:40:08:da:00:53:1b:80:59:c4:38:cc:
2d:ad:a0:75:a0:bb:71:1c:6d:42:f2:7f:ae:0d:b0:ca:8e:65:
be:6c:e4:15:e3:85:8d:48:68:ce:8e:89:09:f7:e8:74:74:d3:
a6:91:86:d0:f9:8e:01:df:ac:a1:6f:9d:ba:c0:84:bc:d7:74:
d9:3b:4e:8a:ad:29:94:19:4d:e4:54:0a:db:97:c6:95:1b:82:
51:d3:3c:6b:2b:ba:a6:b2:94:31:34:09:01:6b:9e:a2:c4:93:
49:c9:48:54:9d:31:43:2f:c8:b5:cc:ef:db:74:95:92:06:00:
ea:e9:22:46:44:36:83:70:1d:4a:d2:59:4e:ce:ed:09:07:67:
1b:09:41:27:78:88:b6:ee:54:32:80:07:66:16:f9:6f:4d:4c:
13:15:f5:03:cc:42:fd:01:62:02:9d:ef:e9:de:c2:dc:09:fc:
8d:80:82:1e:bc:d1:de:4f:22:54:22:c0:83:c9:a5:1e:f2:46:
97:d7:b6:f2:83:be:1d:d4:ae:e7:25:86:c2:43:10:4e:7d:24:
49:6b:24:06:87:c2:3c:ce:7d:b9:93:06:df:5f:7a:fb:70:69:
8d:d7:b7:62
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY+Bblz2t80+mrs8XhKCyHJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MTI0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTlhOWJjMjE2MGNjYjVhNGMyNGVmNzkzNTU3ZGEyZmNmNmExZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75osA8bD+yJnMIMCauC0OL1jGiH4
x72IcZjORp1ycv7fd8gKAQIFfo8gXxbGLSmhREa0/A2zmY80jDiVwh5lAfAXJmM9
3aHbL6gL6QPZO3HOgD/Fpfzo62g9OsxQX/U0h75JUiuiDEdAspmHr4sIiXWHlo+V
wrU8pJ8cuZKWOxJcY+HiipczT/qXb3pwqRPv5jvXUcONjngXsWf1lqLpF1NPTqSP
DEQkFujAqy7O4WVLImOssUt2HTQMCIVDKf/n263kkYC2UBJ4bWvfLHz5Soj6TjE1
OL/fSi4KBEoul1MnpwsXCf8OcPk0hP2rOFMegqBE62KO4t4fW8WbePxvmQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFAGam8IWDMtaTCTveTVX2i/Pah6CMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVpxYndoWU15MXBNSk85NU5WZmFMODlxSG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAVKY
sAMEAFKZMgMEAlKZiDAMAwQAWdVhAwQAWdViMAwDBAJZ1ZQDBAVZ1YADBAJZ1awD
BANtsBADBABtsP0DBAG5MX4DBATCaVADBADVgoIDBADVgpUDBADV0jsDBAHV2tID
BADV2tUDBADV2uMDBADV2ucDBADV2vkwDQYJKoZIhvcNAQELBQADggEBAGmdD1Gf
UQInEk++7Jt+gWuIzH4hhMGZq/tACNoAUxuAWcQ4zC2toHWgu3EcbULyf64NsMqO
Zb5s5BXjhY1IaM6OiQn36HR006aRhtD5jgHfrKFvnbrAhLzXdNk7ToqtKZQZTeRU
CtuXxpUbglHTPGsruqaylDE0CQFrnqLEk0nJSFSdMUMvyLXM79t0lZIGAOrpIkZE
NoNwHUrSWU7O7QkHZxsJQSd4iLbuVDKAB2YW+W9NTBMV9QPMQv0BYgKd7+newtwJ
/I2Agh680d5PIlQiwIPJpR7yRpfXtvKDvh3UruclhsJDEE59JElrJAaHwjzOfbmT
Bt9fevtwaY3Xt2I=
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:34:25 2025 by rpki-client