Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BN4gzn8qtrk6_OWfF0V6YYv1o6k.roa
File: BN4gzn8qtrk6_OWfF0V6YYv1o6k.roa (raw, json)
Hash identifier: cHsOMVElGzgXasol13yEev01XhPoa7CFpT5o0/hZhOI=
Subject key identifier: 04:DE:20:CE:7F:2A:B6:B9:3A:FC:E5:9F:17:45:7A:61:8B:F5:A3:A9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01960F460885E5BD4AC10C16C9E2E53B020D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BN4gzn8qtrk6_OWfF0V6YYv1o6k.roa
Signing time: Mon 07 Apr 2025 08:02:50 +0000
ROA not before: Mon 07 Apr 2025 08:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 08:12:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:46:08:85:e5:bd:4a:c1:0c:16:c9:e2:e5:3b:02:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 7 08:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04de20ce7f2ab6b93afce59f17457a618bf5a3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:da:8a:5e:fc:3b:30:69:48:5e:65:df:c9:c9:
e2:17:1e:ba:2e:fc:d7:48:8c:90:3f:a4:8b:9f:d0:
79:7b:11:fb:42:35:6d:6a:d0:eb:0e:5f:06:09:c5:
24:04:95:42:a0:bd:60:37:8a:48:76:cc:b3:6c:16:
c0:8e:e0:0f:57:c5:d0:40:ec:88:b5:63:16:aa:2f:
f5:87:14:29:5e:96:1b:e5:da:f6:7f:c8:4e:03:7f:
3d:39:4b:84:a9:42:57:49:03:de:b0:70:63:14:3c:
d2:bf:b4:fa:5a:e5:3c:7d:39:95:9f:33:da:94:5c:
07:fd:c7:0d:a4:cb:89:23:3f:c1:09:85:b1:6c:57:
ac:30:8c:3a:5b:cc:2a:ec:e1:45:4b:f2:9e:a0:48:
d1:97:b6:44:3f:88:0e:ae:90:0d:11:bc:8e:51:34:
33:4a:50:0e:11:4e:37:47:df:25:cd:64:94:3b:fa:
22:8f:de:52:d3:bc:fe:b4:0b:82:dd:5b:06:51:9b:
84:aa:cf:37:45:5b:cc:37:3a:1d:a0:33:d4:94:62:
0e:cb:bf:52:98:ee:0f:eb:1a:0c:a3:59:62:85:13:
3a:ba:47:4d:ed:ac:bf:58:65:92:49:61:af:dc:8c:
8f:2b:08:8f:3b:b5:6f:2f:5b:6f:3e:81:6d:2b:c3:
4d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DE:20:CE:7F:2A:B6:B9:3A:FC:E5:9F:17:45:7A:61:8B:F5:A3:A9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BN4gzn8qtrk6_OWfF0V6YYv1o6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.50.0/24
82.153.69.0/24
82.153.136.0/22
82.153.216.0-82.153.218.255
82.153.220.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.210.62.0/24
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
19:97:19:7a:5f:75:dd:9f:2d:a4:d6:e6:59:bd:04:b4:c2:0d:
c0:a8:cd:2f:05:36:9f:2c:fa:1d:92:34:50:96:cf:9f:06:b0:
b5:a3:d1:c7:5b:ef:44:08:d5:5f:55:c2:16:91:10:79:f3:20:
7c:aa:12:4e:62:d1:c7:fa:57:dd:80:cd:8b:cc:63:c4:3a:26:
71:bb:18:7e:e6:8b:4a:eb:de:09:b5:ee:a1:e4:8e:ec:60:18:
98:43:c8:e6:51:f0:f2:5f:15:5e:e8:04:fc:fc:0c:53:95:9b:
ef:df:4f:dc:27:93:92:de:aa:90:e8:5c:e0:d5:82:c3:62:9c:
25:f5:e6:d5:0e:0f:59:b3:54:30:43:66:d2:9c:2a:fd:67:a3:
04:45:1e:7e:69:01:5d:0a:ef:c9:a8:bc:f6:bd:bd:74:79:24:
81:c0:3b:61:87:8a:62:76:a6:9b:3c:ee:0c:75:2b:fb:32:6c:
51:a1:e0:28:a1:de:ed:1d:63:0e:3d:87:32:9d:e5:80:70:58:
db:4a:80:d7:a4:23:93:87:03:f4:af:08:ed:04:9d:89:87:55:
1c:26:76:63:ec:94:87:a9:65:9c:09:b0:c3:4e:3b:be:e8:ed:
80:3b:a8:25:54:db:5b:58:8c:3d:d7:67:6f:2e:27:dc:d6:a3:
32:52:5b:f1
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZYPRgiF5b1KwQwWyeLlOwINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA3MDgwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGRlMjBjZTdmMmFiNmI5M2FmY2U1OWYxNzQ1N2E2MThiZjVhM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9qKXvw7MGlIXmXfycniFx66LvzX
SIyQP6SLn9B5exH7QjVtatDrDl8GCcUkBJVCoL1gN4pIdsyzbBbAjuAPV8XQQOyI
tWMWqi/1hxQpXpYb5dr2f8hOA389OUuEqUJXSQPesHBjFDzSv7T6WuU8fTmVnzPa
lFwH/ccNpMuJIz/BCYWxbFesMIw6W8wq7OFFS/KeoEjRl7ZEP4gOrpANEbyOUTQz
SlAOEU43R98lzWSUO/oij95S07z+tAuC3VsGUZuEqs83RVvMNzodoDPUlGIOy79S
mO4P6xoMo1lihRM6ukdN7ay/WGWSSWGv3IyPKwiPO7VvL1tvPoFtK8NNjwIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFATeIM5/Kra5OvzlnxdFemGL9aOpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQk40Z3puOHF0cms2X09XZkYwVjZZWXYxbzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAFKYCAMEAFKYgwMEAVKYsAMEAFKZMgMEAFKZRQMEAlKZiDAMAwQDUpnYAwQA
UpnaAwQAUpncAwQAUpnzAwQBWdUsMAwDBAFZ1TIDBAJZ1TgDBABZ1X8DBABZ1YED
BABZ1YQDBABZ1YsDBABZ1Y8wDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQA
WdWiAwQAWdWkAwQAWdWnAwQAWdWpMAwDBABZ1asDBABZ1bADBABZ1bUDBABZ1bcD
BABZ1b8wDAMEAlnVxAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQAbbDBAwQC
bbDMAwQBbbDyAwQAbbD8AwQBuTF+AwQAuWUvAwQEwmlQAwQA1CZPAwQB1CZYAwQC
1YKEAwQA1ZgrAwQC1dI0AwQA1dI+AwQA1drTAwQA1driMAwDBALV2vQDBADV2vgw
DAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAGZcZel913Z8t
pNbmWb0EtMINwKjNLwU2nyz6HZI0UJbPnwawtaPRx1vvRAjVX1XCFpEQefMgfKoS
TmLRx/pX3YDNi8xjxDomcbsYfuaLSuveCbXuoeSO7GAYmEPI5lHw8l8VXugE/PwM
U5Wb799P3CeTkt6qkOhc4NWCw2KcJfXm1Q4PWbNUMENm0pwq/WejBEUefmkBXQrv
yai89r29dHkkgcA7YYeKYnammzzuDHUr+zJsUaHgKKHe7R1jDj2HMp3lgHBY20qA
16Qjk4cD9K8I7QSdiYdVHCZ2Y+yUh6llnAmww047vujtgDuoJVTbW1iMPddnby4n
3NajMlJb8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:40:45 2025 by rpki-client