Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQgMVUhXNfgbV5qMVL3Akt4bqhQ.roa
File: JQgMVUhXNfgbV5qMVL3Akt4bqhQ.roa (raw, json)
Hash identifier: kdzdKKueFMh1CE8vZrJ2nulRAeF4X6FbqU1v+OrlNLk=
Subject key identifier: 25:08:0C:55:48:57:35:F8:1B:57:9A:8C:54:BD:C0:92:DE:1B:AA:14
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190D5555AE682510A44D0083D67EF76084E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQgMVUhXNfgbV5qMVL3Akt4bqhQ.roa
Signing time: Sun 21 Jul 2024 12:47:39 +0000
ROA not before: Sun 21 Jul 2024 12:47:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 82.153.224.0/24 maxlen: 24
89.213.96.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.105.0/24 maxlen: 24
89.213.217.0/24 maxlen: 24
89.213.220.0/24 maxlen: 24
89.213.222.0/24 maxlen: 24
89.213.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 14:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d5:55:5a:e6:82:51:0a:44:d0:08:3d:67:ef:76:08:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 21 12:47:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25080c55485735f81b579a8c54bdc092de1baa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b6:69:55:d3:94:ec:fd:04:78:9f:fb:c3:bc:
ed:09:99:9a:e2:dc:26:3c:a1:ff:61:f5:09:ac:a3:
c2:06:49:69:4e:ae:09:eb:a8:12:16:e4:2e:7d:06:
76:8c:f0:ce:8d:2c:42:3f:7d:a9:a8:4f:b6:1c:e8:
0c:f8:01:ca:8a:00:27:28:b3:ba:6b:b6:c2:ce:c1:
81:44:67:9c:6e:ff:79:b4:b1:d6:92:a3:5f:7e:10:
cb:73:82:68:4e:01:8e:3d:52:a7:31:aa:b7:7c:f4:
01:64:d1:4a:32:6a:4b:b9:73:77:36:3f:33:43:58:
91:fb:dc:ed:dd:2c:2d:2e:40:90:26:ac:55:af:1e:
e2:a0:94:8f:7a:b9:6b:2c:32:68:b7:93:6e:a9:13:
37:a4:24:86:f2:15:a9:9d:6e:03:45:6d:be:9f:b2:
2e:30:2e:9a:59:f0:00:b4:50:f7:88:51:c8:54:b1:
65:04:af:06:77:74:85:df:83:78:94:61:4d:9d:2c:
b0:32:26:b7:86:a8:06:13:fa:14:25:7c:a7:38:f1:
8a:43:66:01:b7:f1:fe:11:48:0e:3b:ed:41:bb:84:
f5:18:3f:2e:be:3d:1d:df:c0:6a:5d:35:f0:94:4d:
4b:7f:f0:6b:f9:a5:9b:b4:0f:e0:a6:73:12:38:f8:
21:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:08:0C:55:48:57:35:F8:1B:57:9A:8C:54:BD:C0:92:DE:1B:AA:14
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQgMVUhXNfgbV5qMVL3Akt4bqhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
89.213.96.0/24
89.213.104.0/23
89.213.217.0/24
89.213.220.0/24
89.213.222.0/24
89.213.226.0/24
Signature Algorithm: sha256WithRSAEncryption
08:14:05:50:03:f5:16:ba:1b:c1:82:90:cd:81:b2:88:85:02:
1c:f1:35:06:25:5c:4a:fc:1e:b5:37:8d:d7:02:58:45:b8:95:
ee:7d:5a:a4:29:56:c8:cc:4e:a2:00:1d:6c:ad:a0:d2:92:5e:
eb:75:e3:43:5b:9c:bc:5a:bd:64:8a:cd:42:b0:19:2d:c2:6d:
2f:a1:fc:b2:be:41:ab:ee:31:5b:48:7c:5e:26:cd:9a:33:d4:
a5:53:06:94:6e:98:10:ff:9f:1b:c1:b1:ba:93:dc:5c:1b:e6:
13:49:a3:48:ad:5a:41:0e:70:ad:9b:6a:f8:c9:c9:5f:47:6c:
3b:b1:21:73:78:75:0c:95:cd:2b:9e:40:e4:6a:30:c4:b9:55:
b7:0d:81:d0:58:e5:f6:aa:69:c2:64:51:05:47:ee:db:31:39:
cb:f7:6b:48:ee:83:99:a0:3a:d3:b0:b2:b9:65:e6:aa:00:53:
d2:e3:2c:92:70:99:7b:be:51:11:02:ee:0c:31:89:62:4d:9c:
30:43:2a:ca:6c:8c:5b:b2:a2:19:97:6f:9c:99:ba:13:52:34:
44:89:24:1b:71:f8:05:88:7a:05:7d:eb:84:7c:e2:c4:c0:7e:
35:bc:92:d9:24:55:5c:35:ac:f6:b0:2f:2d:67:a9:aa:37:9f:
81:08:10:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZDVVVrmglEKRNAIPWfvdghOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIxMTI0NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTA4MGM1NTQ4NTczNWY4MWI1NzlhOGM1NGJkYzA5MmRlMWJhYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrZpVdOU7P0EeJ/7w7ztCZma4twm
PKH/YfUJrKPCBklpTq4J66gSFuQufQZ2jPDOjSxCP32pqE+2HOgM+AHKigAnKLO6
a7bCzsGBRGecbv95tLHWkqNffhDLc4JoTgGOPVKnMaq3fPQBZNFKMmpLuXN3Nj8z
Q1iR+9zt3SwtLkCQJqxVrx7ioJSPerlrLDJot5NuqRM3pCSG8hWpnW4DRW2+n7Iu
MC6aWfAAtFD3iFHIVLFlBK8Gd3SF34N4lGFNnSywMia3hqgGE/oUJXynOPGKQ2YB
t/H+EUgOO+1Bu4T1GD8uvj0d38BqXTXwlE1Lf/Br+aWbtA/gpnMSOPghNwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCUIDFVIVzX4G1eajFS9wJLeG6oUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlFnTVZVaFhOZmdiVjVxTVZMM0FrdDRicWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpngAwQA
WdVgAwQBWdVoAwQAWdXZAwQAWdXcAwQAWdXeAwQAWdXiMA0GCSqGSIb3DQEBCwUA
A4IBAQAIFAVQA/UWuhvBgpDNgbKIhQIc8TUGJVxK/B61N43XAlhFuJXufVqkKVbI
zE6iAB1sraDSkl7rdeNDW5y8Wr1kis1CsBktwm0vofyyvkGr7jFbSHxeJs2aM9Sl
UwaUbpgQ/58bwbG6k9xcG+YTSaNIrVpBDnCtm2r4yclfR2w7sSFzeHUMlc0rnkDk
ajDEuVW3DYHQWOX2qmnCZFEFR+7bMTnL92tI7oOZoDrTsLK5ZeaqAFPS4yyScJl7
vlERAu4MMYliTZwwQyrKbIxbsqIZl2+cmboTUjREiSQbcfgFiHoFfeuEfOLEwH41
vJLZJFVcNaz2sC8tZ6mqN5+BCBCd
-----END CERTIFICATE-----
Generated at Wed Apr 30 09:22:09 2025 by rpki-client