Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MQFDDHzO9lu_OKqDJc82lqnBydk.roa
File: MQFDDHzO9lu_OKqDJc82lqnBydk.roa (raw, json)
Hash identifier: xo9V5x473fgjiOXCR7Pn3kCnbqgobFcDkdyQH2I+fHk=
Subject key identifier: 31:01:43:0C:7C:CE:F6:5B:BF:38:AA:83:25:CF:36:96:A9:C1:C9:D9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01966BF268FCDE31AD79AB3AB876B182E2F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MQFDDHzO9lu_OKqDJc82lqnBydk.roa
Signing time: Fri 25 Apr 2025 07:56:10 +0000
ROA not before: Fri 25 Apr 2025 07:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.114.0/24 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.224.0/23 maxlen: 23
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 14:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:f2:68:fc:de:31:ad:79:ab:3a:b8:76:b1:82:e2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 25 07:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3101430c7ccef65bbf38aa8325cf3696a9c1c9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:be:13:05:8b:31:40:ba:cf:27:19:85:e6:2a:
76:5a:36:42:2c:0f:b7:ca:4b:c2:0b:0d:5d:f1:6b:
3f:d1:ac:36:06:3f:fb:83:91:3a:bb:4e:d3:9a:f9:
1f:c3:ad:d9:58:bf:0a:df:60:48:88:22:9a:14:ba:
da:08:f0:b7:87:2d:7c:1b:29:5a:fd:64:d8:8e:9f:
cc:4d:d8:b4:75:fe:c8:d1:16:69:ef:14:07:a4:1f:
81:f7:13:13:5d:de:0c:8e:88:08:fe:aa:ca:14:4c:
44:fa:2d:aa:0c:cf:c0:f9:90:7b:cd:bc:4d:0f:50:
f3:61:59:b3:1e:05:a0:28:66:67:f8:b8:26:d2:e3:
3a:8c:f2:9d:9d:b5:e4:37:a1:b8:94:bf:7a:bb:b1:
2d:1b:b7:e6:da:96:e8:30:4c:8b:11:4a:bd:db:05:
e1:3b:f4:d2:fb:a2:9c:ad:53:9a:94:7a:c8:af:f0:
97:ed:20:14:42:e1:b0:41:49:2d:2e:2c:fa:2e:cd:
1c:ec:dc:d4:3a:0b:30:f6:41:26:39:a1:2f:d3:0d:
5e:1e:08:68:95:5a:f9:26:1d:82:53:cb:42:b9:6a:
8c:f3:da:1d:54:1e:26:bc:88:0b:d2:76:ef:61:b8:
8e:e9:b4:02:c1:c4:77:ee:5e:d3:05:1d:5e:b6:fd:
75:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:01:43:0C:7C:CE:F6:5B:BF:38:AA:83:25:CF:36:96:A9:C1:C9:D9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MQFDDHzO9lu_OKqDJc82lqnBydk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.69.0/24
82.153.136.0/22
82.153.217.0-82.153.218.255
82.153.243.0/24
82.153.255.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.114.0/24
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.224.0/23
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
90:bf:6d:c9:e3:e8:4e:ee:70:19:6b:11:1c:96:ac:de:b6:b7:
15:08:7a:cd:72:7b:6b:a3:e8:d1:ba:02:ce:b5:d7:84:76:09:
0f:90:05:37:16:d0:61:a8:67:5f:de:dd:d8:58:c1:7f:fe:11:
b4:ed:bf:f8:9e:b5:65:21:52:45:2a:fb:6e:be:bf:f7:ee:9c:
11:74:df:1d:ae:e9:aa:72:de:67:fe:a3:40:b6:f1:32:ed:23:
09:f5:4b:dd:0b:ef:b2:bc:08:59:de:4a:22:1e:b9:fc:06:e8:
03:2d:e5:e6:2f:28:f3:e3:2c:be:4d:a0:d4:40:c0:93:db:17:
34:02:83:c8:dc:82:d1:45:8d:83:dd:3c:bd:33:cb:4b:fa:19:
07:53:09:3c:59:97:4c:a4:6a:48:8b:5b:11:a4:18:5b:84:5a:
65:58:16:a4:4b:55:6c:98:a8:4c:c1:ff:4a:7e:47:7c:6d:f0:
c6:09:3c:75:69:04:bb:ed:7e:42:9c:a1:fa:d3:a7:68:e2:dc:
07:df:8c:38:ab:1a:60:da:6a:4a:00:86:d4:e9:b4:86:78:08:
49:fe:8c:03:2d:f9:8d:fe:6a:39:eb:04:7e:a8:92:ca:49:21:
3e:58:70:5c:d2:44:3b:89:26:f8:4d:b2:f5:3f:0f:3b:97:05:
a0:b4:a5:1f
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAZZr8mj83jGteas6uHaxguLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDI1MDc1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTAxNDMwYzdjY2VmNjViYmYzOGFhODMyNWNmMzY5NmE5YzFjOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb4TBYsxQLrPJxmF5ip2WjZCLA+3
ykvCCw1d8Ws/0aw2Bj/7g5E6u07Tmvkfw63ZWL8K32BIiCKaFLraCPC3hy18Gyla
/WTYjp/MTdi0df7I0RZp7xQHpB+B9xMTXd4MjogI/qrKFExE+i2qDM/A+ZB7zbxN
D1DzYVmzHgWgKGZn+Lgm0uM6jPKdnbXkN6G4lL96u7EtG7fm2pboMEyLEUq92wXh
O/TS+6KcrVOalHrIr/CX7SAUQuGwQUktLiz6Ls0c7NzUOgsw9kEmOaEv0w1eHgho
lVr5Jh2CU8tCuWqM89odVB4mvIgL0nbvYbiO6bQCwcR37l7TBR1etv11swIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFDEBQwx8zvZbvziqgyXPNpapwcnZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTVFGRERIek85bHVfT0txREpjODJscW5CeWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAFKYCAMEAVKYsAMEAFKZRQMEAlKZiDAMAwQAUpnZAwQAUpnaAwQAUpnzAwQA
Upn/AwQBWdUsMAwDBAFZ1TIDBAJZ1TgDBABZ1XIDBABZ1X8DBABZ1YEDBABZ1YQD
BABZ1YsDBABZ1Y8wDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQA
WdWkAwQAWdWnAwQAWdWpMAwDBABZ1asDBABZ1bADBABZ1bUDBABZ1bcDBABZ1b8w
DAMEAlnVxAMEBFnVwAMEAVnV4DAMAwQCWdXkAwQEWdXgAwQDbbAQAwQCbbDMAwQB
bbDyAwQAbbD8AwQBuTF+AwQAuWUvAwQEwmlQAwQA1CZPAwQB1CZYAwQC1YKEAwQA
1ZgrAwQC1dI0AwQA1drTAwQA1driMAwDBALV2vQDBADV2vgwDAMEANmRQQMEANmR
QgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAkL9tyePoTu5wGWsRHJas3ra3FQh6
zXJ7a6Po0boCzrXXhHYJD5AFNxbQYahnX97d2FjBf/4RtO2/+J61ZSFSRSr7br6/
9+6cEXTfHa7pqnLeZ/6jQLbxMu0jCfVL3QvvsrwIWd5KIh65/AboAy3l5i8o8+Ms
vk2g1EDAk9sXNAKDyNyC0UWNg908vTPLS/oZB1MJPFmXTKRqSItbEaQYW4RaZVgW
pEtVbJioTMH/Sn5HfG3wxgk8dWkEu+1+Qpyh+tOnaOLcB9+MOKsaYNpqSgCG1Om0
hngISf6MAy35jf5qOesEfqiSykkhPlhwXNJEO4km+E2y9T8PO5cFoLSlHw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:41:06 2025 by rpki-client