Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B6iW14tZKyRYWc_GkOFMNBLCXtM.roa
File: B6iW14tZKyRYWc_GkOFMNBLCXtM.roa (raw, json)
Hash identifier: 2HomTgG6OcOyBqNHYZn8BzznTVWEpuwNzwpj5/KW5y4=
Subject key identifier: 07:A8:96:D7:8B:59:2B:24:58:59:CF:C6:90:E1:4C:34:12:C2:5E:D3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019427A65405C1A2D7526F72A1578142B2E9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B6iW14tZKyRYWc_GkOFMNBLCXtM.roa
Signing time: Thu 02 Jan 2025 15:33:19 +0000
ROA not before: Thu 02 Jan 2025 15:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.93.143.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.16.0/24 maxlen: 24
109.176.18.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:36:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a6:54:05:c1:a2:d7:52:6f:72:a1:57:81:42:b2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 15:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07a896d78b592b245859cfc690e14c3412c25ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:fc:f7:e9:da:8d:09:58:f5:7f:14:df:be:
a2:e1:74:a0:de:bc:df:86:db:08:f2:b6:0b:b7:e7:
a7:76:ff:e0:38:ae:a3:7f:0e:ec:bb:47:d6:27:9f:
a1:6e:a5:d1:e5:82:9b:cb:94:30:82:d8:bf:7f:d7:
0d:3d:c4:f8:a2:6a:07:f4:be:37:78:96:90:74:99:
27:3f:07:c0:0f:98:87:f6:89:9c:7c:9a:f3:a2:a6:
9d:a9:f1:2a:49:45:3f:36:9e:7f:ca:2b:3d:69:04:
cf:13:a7:c2:3a:eb:5b:b5:11:33:d7:92:02:af:45:
77:f0:b5:c8:69:bb:4f:1c:76:6e:39:60:88:8f:3c:
cc:d6:3c:2c:7c:ae:ad:e7:43:53:22:f9:46:eb:45:
e0:17:29:a7:b2:f2:7e:c7:01:19:94:b8:f6:bb:9c:
dc:9e:c4:81:5d:2e:44:c8:1f:68:40:ae:7a:de:05:
18:00:6f:14:c7:67:df:15:9f:4c:4a:62:5b:12:9f:
84:a0:fe:02:9f:9e:fb:31:3d:de:34:bf:27:36:db:
55:d9:6f:f2:ba:13:ed:7c:2d:60:84:7e:9f:3d:2a:
f4:89:57:ab:1c:4d:34:65:fa:80:19:30:37:f1:c9:
c0:bf:26:91:94:3b:71:2e:86:be:7d:e6:79:c6:b3:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A8:96:D7:8B:59:2B:24:58:59:CF:C6:90:E1:4C:34:12:C2:5E:D3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B6iW14tZKyRYWc_GkOFMNBLCXtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.143.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.172.0/22
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.210.52.0/22
213.218.211.0-213.218.212.255
213.218.215.0/24
213.218.226.0/24
213.218.232.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
51:e9:06:7b:8c:6a:e9:93:72:ee:fc:55:4d:d3:04:b9:fc:d3:
75:ca:5c:7f:0f:6e:1f:83:df:c9:54:df:49:54:a3:ac:dc:5e:
d4:a7:42:53:74:60:00:03:47:b0:88:00:4b:d8:d1:14:38:6c:
d6:75:40:b7:c9:1f:37:be:93:21:e8:17:1e:ba:54:d2:5e:f7:
bc:e6:8c:23:a6:87:d2:32:9b:45:a0:c0:87:ff:56:e3:54:2a:
ea:27:a8:84:d6:50:29:95:5e:c3:e0:7d:db:0f:e9:bf:7f:4d:
5b:84:e9:bb:ee:f9:8a:9f:5e:8c:54:5f:08:08:1a:86:e1:0c:
21:34:6f:08:9e:5d:cd:e1:95:74:3e:fa:2f:36:60:70:b6:6a:
20:c8:af:09:6a:cd:a7:3f:d6:44:62:a3:6e:f4:09:77:6e:64:
2b:a8:d5:f3:cf:10:da:a2:d9:68:91:db:57:e8:08:51:a4:ef:
6b:84:ec:ec:fc:a7:f9:8b:7c:34:f2:5d:38:3d:4d:5b:6e:6e:
36:72:29:3b:2c:be:c5:83:8d:6d:dd:1b:e4:b3:b4:88:45:8d:
a4:27:0d:0f:18:a5:51:cf:c7:a1:2d:d1:ac:62:4b:5d:e2:02:
d8:c9:7f:e3:07:84:33:e0:68:7c:2c:34:97:23:8f:77:84:08:
0c:53:5c:ea
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZQnplQFwaLXUm9yoVeBQrLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAyMTUzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2E4OTZkNzhiNTkyYjI0NTg1OWNmYzY5MGUxNGMzNDEyYzI1ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGT89+najQlY9X8U376i4XSg3rzf
htsI8rYLt+endv/gOK6jfw7su0fWJ5+hbqXR5YKby5Qwgti/f9cNPcT4omoH9L43
eJaQdJknPwfAD5iH9omcfJrzoqadqfEqSUU/Np5/yis9aQTPE6fCOutbtREz15IC
r0V38LXIabtPHHZuOWCIjzzM1jwsfK6t50NTIvlG60XgFymnsvJ+xwEZlLj2u5zc
nsSBXS5EyB9oQK563gUYAG8Ux2ffFZ9MSmJbEp+EoP4Cn577MT3eNL8nNttV2W/y
uhPtfC1ghH6fPSr0iVerHE00ZfqAGTA38cnAvyaRlDtxLoa+feZ5xrMiJwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFAeolteLWSskWFnPxpDhTDQSwl7TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQjZpVzE0dFpLeVJZV2NfR2tPRk1OQkxDWHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAE1djwMEAFKYCAMEAVKYsAMEAlKZiAMEAVnVLAMEAVnVMgMEAlnVOAMEAFnV
gQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YAD
BABZ1aIDBABZ1aQDBABZ1acDBABZ1akDBAJZ1awDBABZ1bUDBABZ1b8wDAMEAlnV
xAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQBbbDyAwQBuTF+AwQE
wmlQAwQA1CZPAwQB1CZYAwQC1dI0MAwDBADV2tMDBADV2tQDBADV2tcDBADV2uID
BADV2ugwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAUekG
e4xq6ZNy7vxVTdMEufzTdcpcfw9uH4PfyVTfSVSjrNxe1KdCU3RgAANHsIgAS9jR
FDhs1nVAt8kfN76TIegXHrpU0l73vOaMI6aH0jKbRaDAh/9W41Qq6ieohNZQKZVe
w+B92w/pv39NW4Tpu+75ip9ejFRfCAgahuEMITRvCJ5dzeGVdD76LzZgcLZqIMiv
CWrNpz/WRGKjbvQJd25kK6jV888Q2qLZaJHbV+gIUaTva4Ts7Pyn+Yt8NPJdOD1N
W25uNnIpOyy+xYONbd0b5LO0iEWNpCcNDxilUc/HoS3RrGJLXeIC2Ml/4weEM+Bo
fCw0lyOPd4QIDFNc6g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:41:28 2025 by rpki-client